Example Test

This is an example scenario with testing and dummy data.

To understand the features of Kikimora Agent in an example scenario lets follow the steps below. This test analyzes the publicly visible infrastcture of an example assets, and provides actionable recommendations.

Scenario: Understand My Publicly Visible Infrastructure

Step 1: Pick up infrastructure to analyze

(for the example we are using the infrastructure kindly provided for the public good at Testing Data [Vulnerable Website])

⌨️ 'I want to understand the publicaly visible infrastructure of http://pentest-ground.com/'

or use any of the Example Prompts

In a generic statement like this the agent will use the ASM module to get all the information it can, and therefore will produce a relatively long starting answer.

Step 2: Analyze results

The ASM module will map all the publicly linked subdomains in the table format below.

At this point you can either continue analyzing the aditional information or look into a specific result from the table, for example:

Step 2.1 -> Expanding on a subdomain

⌨️ 'Can you give me additional information about grafana 108.61.211.176'

Apart from the information provided the agent will also give actionalbe recomendations.

Once the assets have been added to a project you will be able to query progress and status via prompt. eg 'Which subdomains have critical vulnerabilities'.

Step 3: Analyze open ports

Open ports and misconfigurations are a common entry points for malicious actors. Scanning for open ports is crucial to understand how a threat actor sees your infrastructure from outside.

Once ports scan is completed its crucial to communicate with your tech team your findings and close any unnecessary ports. If a port is not required for a legitimate business function, it should be closed.

Step 4: Get Actionable Recommendations

The agent will provide what it deems as most important issues to resolve in an unstructured list (unless you specifically instruct it, it will not rank them by importance.)

You can explore additional functionalities by using the Example Promptsor ask the agent for recommendations directly.