> ## Documentation Index
> Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Autonomous Audits

> Hand GigaOps a custom mission brief and let it execute

# Autonomous Audits

An **autonomous audit** lets you brief GigaOps the way you'd brief a human operator. You write the mission in plain English — the agent plans and executes accordingly.

| Property          | Value                                                       |
| ----------------- | ----------------------------------------------------------- |
| Default duration  | 4 hours                                                     |
| Methodology scope | Operator-defined                                            |
| Post-exploitation | Operator-defined                                            |
| Best for          | Red-team simulations, targeted engagements, novel scenarios |

## How it works

Instead of choosing from a fixed methodology, you provide a **scope** — a freeform instruction that's injected into GigaOps's system prompt. The agent treats this as its mission brief and plans accordingly.

The scope can be as specific or open-ended as you want:

* "Assume breach. Start from a compromised employee laptop. Goal: access production AWS keys."
* "Focus exclusively on the OAuth flow at auth.acme.com. Probe for token leakage, scope confusion, and replay vulnerabilities."
* "Behave like APT29 — slow, low, and persistent. Maximum stealth. Cover tracks."
* "Find any way to access customer PII. Document the full kill chain end to end."

## When to use

* **Red-team simulations** — emulate a specific threat actor's TTPs
* **Targeted assessments** — test one feature, flow, or component in depth
* **Assumed-breach scenarios** — start from a specific foothold and see where it leads
* **Novel scenarios** — anything that doesn't fit the shallow/deep templates
* **Customer engagement** — let your security team write the brief, not pick from a menu

## What the scope can include

GigaOps reads the scope as authoritative direction. You can specify:

| Element                  | Example                                                    |
| ------------------------ | ---------------------------------------------------------- |
| **Starting conditions**  | "Assume access to employee VPN"                            |
| **Target focus**         | "Only the GraphQL API at /api/graphql"                     |
| **Threat actor profile** | "Behave like a financially motivated ransomware affiliate" |
| **Tactical constraints** | "No bruteforce. Stealth-only nmap (-T1)"                   |
| **Success criteria**     | "Goal: prove exfiltration of customer database"            |
| **Out of scope**         | "Do not touch the WordPress blog at /blog/\*"              |

## Running an autonomous audit

**API**

```bash theme={null}
curl -X POST https://api.withgiga.ai/api/workspaces/{workspaceId}/audits \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "autonomous",
    "targets": ["acme.example.com"],
    "scope": "Focus exclusively on the OAuth flow at auth.acme.example.com. Probe for token leakage, scope confusion, redirect_uri bypass, PKCE downgrade, and replay vulnerabilities. Goal: capture an access token belonging to another user."
  }'
```

**Dashboard**

1. Open the workspace
2. Click **New Audit**
3. Select **Autonomous** mode
4. Write your scope in the **Mission Brief** field
5. Confirm targets
6. Click **Launch**

## Writing effective scope

GigaOps responds best to briefs that mirror real operator language:

**Good scope**

```
Assumed breach. Operator has obtained a low-privilege user
session at app.acme.example.com (Bearer token in $TOKEN env var
of the sandbox). Goal: escalate to admin role and dump the
user table. Out of scope: any subdomain other than app.*
```

**Less effective scope**

```
Please test the application thoroughly.
```

The more concrete the goal, the more focused the engagement.

## Authorization caution

<Warning>
  Autonomous mode gives GigaOps maximum latitude. The scope text you provide is injected into the agent's system prompt and acts as authoritative direction. Be precise about what's in scope — and be certain you have written authorization for everything in the brief.
</Warning>

## Next steps

<Columns cols={2}>
  <Card title="GigaOps Agent" icon="brain" href="/how-it-works/gigaops-agent">
    Understand how the agent interprets and acts on briefs.
  </Card>

  <Card title="Toolkit" icon="screwdriver-wrench" href="/how-it-works/toolkit">
    The full list of tools available in the darkops sandbox.
  </Card>
</Columns>
