Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt

Use this file to discover all available pages before exploring further.

Toolkit

Each audit runs in a fresh darkops sandbox — a hardened Ubuntu desktop with the offensive security toolkit pre-installed and ready. GigaOps has full bash access to all of these tools. The sandbox is provisioned per-audit, used for the duration of the engagement, and destroyed at completion. No state leaks between engagements.

Reconnaissance & scanning

ToolPurpose
nmapPort and service scanning. Default -T2 for stealth, configurable per engagement.
masscanHigh-speed port scanning across wide IP ranges
httpxHTTP probing, fingerprinting, status discovery
whatwebWeb application fingerprinting
wafw00fWAF identification
subfinderActive subdomain discovery (used after passive OSINT)
dnsxDNS resolution and validation

Content discovery

ToolPurpose
feroxbusterRecursive content discovery
ffufWeb fuzzer for endpoints, parameters, and headers
gobusterDirectory and DNS brute force
katanaWeb crawler for endpoint discovery

Vulnerability scanning

ToolPurpose
nucleiTemplated vulnerability scanning with curated template sets
dalfoxXSS scanner with DOM and reflected payload coverage
xsstrikeAdvanced XSS detection with payload mutation
wfuzzParameter fuzzing for injection points
jwt_toolJWT vulnerability scanner

Exploitation

ToolPurpose
sqlmapSQL injection detection and exploitation. Deep mode: --level 5 --risk 3 --delay 2.
commixCommand injection scanner and exploiter
tplmapServer-side template injection exploitation
XXEinjectorXML External Entity exploitation
ssrfmapServer-side request forgery exploitation

Authentication attacks

ToolPurpose
hydraNetwork service brute force (rate-limited by default)
hashcatHash cracking
johnPassword cracking
CeWLCustom wordlist generation from target content
cuppCommon user password profiler

Post-exploitation (Deep & Autonomous only)

ToolPurpose
linpeasLinux privilege escalation enumeration
pspyLinux process snooping
impacket suiteWindows / Active Directory toolset (secretsdump, smbexec, psexec, etc.)
bloodhoundActive Directory attack path analysis
crackmapexecMulti-protocol AD attack tool (SMB, WinRM, RDP, LDAP, etc.)
evil-winrmInteractive WinRM shells

Cloud

ToolPurpose
pacuAWS exploitation framework
awscliAWS CLI for resource enumeration and access testing
s3scannerS3 bucket enumeration and access checking
cloud_enumMulti-cloud (AWS, Azure, GCP) public asset enumeration

Exfiltration testing

ToolPurpose
dnscat2DNS tunneling for exfil path validation
iodineIP-over-DNS tunneling

Wordlists

Standard offensive wordlists are pre-loaded:
  • rockyou.txt
  • common.txt
  • SecLists collection
  • API endpoint wordlists
  • Subdomain wordlists
GigaOps generates target-specific wordlists with CeWL for engagements that benefit from custom dictionaries.

Browser

The sandbox includes a full Chromium installation for any web target interaction that requires a real browser — JavaScript-heavy SPAs, complex auth flows, CSRF token handling, etc.

Adding your own tools

The sandbox runs Ubuntu with full apt access. GigaOps can install additional tools on demand within an engagement — for example, fetching the latest version of nuclei’s template set, or installing a CVE-specific PoC repo from GitHub. For Autonomous engagements, you can specify required tooling in your brief: 
Tooling: Install Kerbrute before phase 7 for Kerberos enumeration.

Tool versions

Tools are kept on the current stable release. The sandbox image is rebuilt regularly to keep nuclei templates, metasploit modules, and exploitation tooling up to date.

Next steps

Methodology

How GigaOps uses these tools across the 10 phases.

The Agent

How the agent decides which tool to reach for.