Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt

Use this file to discover all available pages before exploring further.

Quickstart

This guide walks you through running your first WithGiga audit — from creating a workspace to retrieving a PDF report.
Only run audits against domains you own or have explicit written authorization to test. Unauthorized testing is illegal in most jurisdictions.

1. Sign in and generate an API key

  1. Sign in at build.withgiga.ai
  2. Navigate to Profile in the left sidebar
  3. Click Generate API Key
  4. Copy the key — it begins with giga_sk_ and is shown only once
Store it as an environment variable: 
export GIGA_API_KEY="giga_sk_..."

2. Create a workspace

A workspace is a project container scoped to a target domain. 
curl -X POST https://api.withgiga.ai/api/workspaces \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Acme Production",
    "domain": "acme.example.com"
  }'
Save the returned workspace.id — you’ll use it for every audit in this workspace.

3. Launch a shallow audit

Shallow audits run for ~30 minutes and cover OWASP Top 10 plus proof-of-concept exploitation, with no post-exploitation activity. Great for a first run. 
curl -X POST https://api.withgiga.ai/api/workspaces/{workspaceId}/audits \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "shallow",
    "targets": ["acme.example.com"]
  }'
Response 
{
  "success": true,
  "data": {
    "audit": {
      "id": "audit_abc123",
      "status": "queued",
      "type": "shallow",
      "domain": "acme.example.com",
      "createdAt": "2026-05-18T12:00:00.000Z"
    }
  }
}

4. Watch the agent work

While the audit runs you can watch GigaOps in real time from the dashboard:
  1. Go to Workspaces → Your Workspace → Audits
  2. Click the running audit
  3. The Live Stream panel shows the agent’s desktop — terminals, browser windows, every command it runs
  4. The Findings panel populates as confirmed vulnerabilities are discovered
You can also poll status via the API: 
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123 \
  -H "Authorization: Bearer $GIGA_API_KEY"
StatusDescription
queuedSandbox provisioning
runningGigaOps actively engaging the target
completedEngagement finished — report ready
failedRun encountered an unrecoverable error

5. Retrieve the report

Once status is completed, fetch the structured report and PDF: 
# Full report with all findings
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/report \
  -H "Authorization: Bearer $GIGA_API_KEY"

# Presigned URL for the PDF
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/pdf \
  -H "Authorization: Bearer $GIGA_API_KEY"

# Asciinema recording of the full engagement
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/recording \
  -H "Authorization: Bearer $GIGA_API_KEY"

Next steps

Audit Modes

Compare shallow, deep, and autonomous engagement modes.

Methodology

Understand the 10-phase chain GigaOps follows.

Scheduling

Run recurring audits for continuous coverage.

Slack Integration

Receive findings directly in your team channel.