> ## Documentation Index
> Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Deep Audits

> The full 10-phase offensive engagement, including post-exploitation

# Deep Audits

A **deep audit** runs the full 10-phase attack chain. GigaOps engages the target like a real adversary — chaining findings, escalating privilege, attempting lateral movement, and testing the full impact of each compromise.

| Property          | Value                                                     |
| ----------------- | --------------------------------------------------------- |
| Default duration  | 2 hours                                                   |
| Methodology scope | All 10 phases                                             |
| Post-exploitation | Enabled                                                   |
| Best for          | Quarterly pentests, due diligence, compliance assessments |

## What it covers

Deep mode runs the complete [methodology](/how-it-works/methodology):

1. Passive reconnaissance
2. Subdomain enumeration (7 OSINT sources)
3. Port and service scanning
4. Web fingerprinting
5. Vulnerability scanning (nuclei, dalfox, xsstrike, custom probes)
6. Active exploitation (sqlmap, hydra, custom payloads)
7. Authentication attacks (credential stuffing, JWT abuse, OAuth flow analysis)
8. Post-exploitation (privilege escalation via linpeas, pspy, kernel exploits)
9. Lateral movement (impacket, bloodhound, crackmapexec)
10. Persistence and exfiltration testing

Each phase informs the next. A finding in phase 5 might unlock pivots in phase 7. A captured credential in phase 7 might enable lateral movement in phase 9.

## When to use

* **Replacement for human pentest** — covers the same scope as a 2-week engagement in 2 hours
* **Due diligence** — full surface coverage before an acquisition or vendor onboarding
* **Compliance** — produce evidence for SOC 2, ISO 27001, PCI DSS Requirement 11.3
* **Pre-launch hardening** — full chain assessment before a major release
* **Red-team simulation** — adversary emulation with realistic attack chains

## What makes it different from Shallow

|                                  | Shallow  | Deep |
| -------------------------------- | -------- | ---- |
| Confirms vulnerabilities exist   | ✓        | ✓    |
| Attempts exploitation            | PoC only | Full |
| Escalates privilege              | —        | ✓    |
| Pivots between findings          | —        | ✓    |
| Tests persistence                | —        | ✓    |
| Tests exfiltration               | —        | ✓    |
| Brute force / credential attacks | —        | ✓    |
| Captures cleartext credentials   | —        | ✓    |

## Running a deep audit

**API**

```bash theme={null}
curl -X POST https://api.withgiga.ai/api/workspaces/{workspaceId}/audits \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "deep",
    "targets": ["acme.example.com", "api.acme.example.com"]
  }'
```

**Dashboard**

1. Open the workspace
2. Click **New Audit**
3. Select **Deep** mode
4. Confirm targets (add multiple subdomains if relevant)
5. Click **Launch**

## Expected output

A typical deep audit produces 15–60 findings. You'll see a fuller distribution including **Critical** findings for confirmed RCE, auth bypass, or sensitive data exposure with proof.

Evidence is much richer than shallow mode — expect shell session captures, dumped credentials, accessed files, and proof-of-impact for chained findings.

<Warning>
  Deep audits will actively exploit vulnerabilities including authentication systems. Run only against targets you own or have explicit written authorization to test under offensive scope.
</Warning>

## Next steps

<Columns cols={2}>
  <Card title="Autonomous Audits" icon="brain" href="/audits/autonomous">
    Hand GigaOps a freeform mission brief.
  </Card>

  <Card title="Methodology" icon="crosshairs" href="/how-it-works/methodology">
    Read the 10-phase chain in detail.
  </Card>
</Columns>
