๐Ÿ 

Home Screen

The attack surface launcher: your starting point for every engagement. Select a surface card to open the Mission Control Wizard pre-configured for that surface.

Overview

The Home Screen is the first screen you see after PhantomYerra finishes booting. It presents every attack surface PhantomYerra supports as a clickable card. Each card launches the Mission Control Wizard pre-configured with the correct tools, attack categories, and scan logic for that surface: no manual tool selection required.

The Home Screen also shows your scan engine status, AI status, and quick-access links to resume in-progress scans and view recent findings.

Surface Cards

Each card on the Home Screen represents a distinct attack surface. Click any card to open the Mission Control Wizard pre-loaded with the correct configuration for that surface.

Card What it launches
๐ŸŒ Web Application DAST crawl + OWASP Top 10 + authenticated testing + business logic AI, for any app with a browser interface
๐Ÿ”Œ API / GraphQL OWASP API Top 10 testing against REST, GraphQL, gRPC, and WebSocket endpoints, with OpenAPI spec auto-discovery
๐Ÿ“ฑ Mobile Android APK and iOS IPA static + dynamic analysis - decompilation, runtime hooking, network interception, auth bypass
๐Ÿ—๏ธ Network / Infrastructure Asset discovery, port scanning, service exploitation, Active Directory attacks, cloud audit, CIS benchmark hardening
โ˜๏ธ Cloud Security AWS, Azure, GCP multi-cloud misconfiguration audit: IAM, storage, networking, logging, compliance controls
๐Ÿณ Container Docker image CVEs, Kubernetes RBAC, pod security policies, network policies, container registry scanning
โš™๏ธ DevOps / CI-CD Pipeline injection, secrets in git history, supply chain attacks, IaC misconfigs, SBOM generation and SCA
๐Ÿ”ฌ SAST Source code security analysis across 20+ languages - injection flaws, crypto misuse, auth bugs, hardcoded secrets
๐Ÿงช DAST Black-box dynamic testing with ZAP DAST engine - active scanning, spidering, fuzzing, no source code required
๐Ÿ“ฆ SBOM / SCA Full software bill of materials generation (CycloneDX), CVE matching, license audit, transitive dependency analysis
๐Ÿข Enterprise AD Full Active Directory attack simulation - BloodHound paths, Kerberoasting, AS-REP roasting, DCSync, Golden Ticket
๐Ÿ“ก IoT / Embedded Firmware extraction and analysis, protocol fuzzing, hardware interface testing, UART/JTAG discovery
๐Ÿš— Automotive / ICS CAN bus analysis, OBD-II interface testing, industrial protocol assessment (Modbus, DNP3, EtherNet/IP)
๐Ÿค– AI / LLM Prompt injection, jailbreaking, model extraction, training data leakage, AI supply chain attacks
โš”๏ธ Red Team Full adversary simulation - phishing, C2 infrastructure, lateral movement, full kill chain across all vectors
๐Ÿ” Reverse Engineering Binary decompilation (Ghidra), protocol reverse engineering, firmware analysis, AI-assisted code recovery
๐Ÿฆพ Robotics ROS node security, sensor spoofing, control system injection, autonomous navigation manipulation
โ›“๏ธ Blockchain Smart contract vulnerability audit, on-chain logic flaws, reentrancy, wallet security, DeFi protocol analysis
๐Ÿ”’ Physical Badge cloning guidance, lock bypass techniques, dumpster dive checklist, tailgating scenario planning
๐Ÿ›ก๏ธ CVE Intelligence (License-Gated) Live CISA KEV feed, exploit tracking aligned to your org's tech stack, org-wide risk score, per-technology CVE heatmap, and control mitigation engine. Requires a license tier that includes the CVE Intelligence module: a yellow lock icon is shown when unlicensed.
๐Ÿข Org Profile / Learn My Org (License-Gated) 6-step guided org profiling wizard. Auto-detects your tech stack from scan history and computes a live risk score preview. Requires a license tier that includes the Org Profile module: a yellow lock icon is shown when unlicensed.
๐ŸŽฏ CVE Exploit Validation Validates whether CVEs affecting your tech stack are actually exploitable in your environment. Develops working exploits using AI when no public exploit exists. Run single-CVE validation or launch a full campaign across your entire CVE exposure surface. Confirmed findings include a downloadable exploit script and a professional pentest report with PoC steps, business impact, and remediation.

Status Indicators

The top bar of the Home Screen shows real-time status badges for the scan engine and AI subsystem.

โ— Online โ†’ Scan engine is running and ready. All tools are available. You can launch a scan now. โ— Starting โ†’ The engine is still initializing (typically 3โ€“8 seconds after launch). Wait a moment: it will transition to Online automatically. โ— Offline โ†’ The sidecar failed to start or crashed. Try: Settings โ†’ Tools โ†’ Restart Scan Engine. Check: Settings โ†’ Logs โ†’ Sidecar Log for the error message.
โ— AI Active โ†’ Claude API key is configured and validated. Automated AI mode and AI-generated payloads are fully available. โ— AI Inactive โ†’ No API key configured, or the key failed validation. All 60+ scan tools still work. AI-specific features (Automated mode, business logic interview, AI narratives) are disabled. Fix: Settings โ†’ AI Configuration โ†’ Enter Claude API Key. โ— AI Low โ†’ API key is valid but credits are running low. AI features work but you may see rate limit warnings during long scans. Fix: Settings โ†’ AI Configuration โ†’ Update Key or add credits.
โ— Active โ†’ License validated against our licensing server. All modules your license tier includes are unlocked and available. โ— Offline Grace โ†’ License server unreachable - using 72-hour cached validation. All features remain fully available. No action needed unless offline for more than 72 hours. โ— Expired โ†’ License has expired. Contact support to renew. Fix: Settings โ†’ License โ†’ Renew or enter a new key.

The bottom of the Home Screen shows the last sync time for the CVE database and ExploitDB index. These are synced automatically during boot if more than 24 hours have passed since the last sync. To force a sync manually, go to Settings โ†’ Intelligence โ†’ Sync Now. A fresh intelligence database means PhantomYerra matches findings against the latest known CVEs and exploit availability data.

Quick Actions

Below the surface cards, the Home Screen shows quick-access panels for active and recent work.

If a scan is in progress or was paused, a Resume Scan banner appears at the top of the Home Screen showing the scan name, surface, and current progress percentage. Click Resume to go directly to the Scan Dashboard for that engagement. PhantomYerra auto-saves scan state every 60 seconds: no findings are lost if the app is closed mid-scan.

The Recent Findings panel on the Home Screen shows the last 5 confirmed findings across all projects. Each entry shows: severity badge, finding title, target, and time found. Click any finding to open the full finding detail view. Click View All Findings to open the Findings page filtered to your most recent project.

The Recent Projects panel lists your last 3 projects with scan count, finding count, and last activity time. Click any project to open its full project view including all scans, findings, and reports. Click New Project to create a new project context before launching a scan: useful for keeping client engagements separated.

Starting a Scan

  1. 1

    Verify Scan Engine is Online

    Check the top bar: the Scan Engine badge must show โ— Online before launching. If it shows "Starting", wait 5โ€“10 seconds. If it shows "Offline", go to Settings โ†’ Tools โ†’ Restart Scan Engine.

  2. 2

    Select a Surface Card

    Click the card that matches your target. For example, click ๐ŸŒ Web Application to test a web app, or ๐Ÿ”Œ API / GraphQL for an API. If your target spans multiple surfaces (e.g. a web app with a mobile client and API), you can select additional surfaces inside the wizard.

  3. 3

    Complete the Mission Control Wizard

    The wizard opens pre-configured for the selected surface. Fill in the target scope, credentials, engagement type, and attack categories. See Mission Control Wizard for a full step-by-step guide.

  4. 4

    Review the Test Plan and Launch

    The final wizard step shows a complete test plan summary - targets, surfaces, credentials, attack categories, estimated duration. Review it, then click Launch Scan.

  5. 5

    Monitor the Scan Dashboard

    The Scan Dashboard opens automatically after launch. It shows a live activity feed, findings as they are confirmed, progress by phase, and attack path correlation. You can return to the Home Screen at any time: the scan continues in the background.

Common Issues

Surface cards are disabled when the Scan Engine is offline. Wait for the engine to finish starting (the badge transitions from "Starting" to "Online" within 8 seconds on most machines). If the badge stays "Offline" after 30 seconds, go to Settings โ†’ Tools โ†’ Restart Scan Engine. On first install, the engine installs Python dependencies: this can take up to 2 minutes on a slow connection.

A yellow lock icon means your current license tier does not include that module or surface. Modules that are license-gated include CVE Intelligence and Org Profile / Learn My Org, as well as any surfaces your company admin has restricted for your seat. Click the locked card to see which license tier unlocks it. Contact support at support@phantomyerra.com to upgrade your license, or ask your company administrator at the Company Admin Portal to adjust your module access. Lock removal takes effect within 5 minutes of the license server polling cycle: no reinstall required.

This usually means the scan engine did not start in time. Close PhantomYerra completely (check Task Manager - end any lingering python.exe or PhantomYerra.exe processes), then relaunch. If the issue persists, check Settings โ†’ Logs โ†’ Engine Log for startup errors. Antivirus software may be blocking the engine - add PhantomYerra to your antivirus exclusions and try again.

Related Topics

๐Ÿงญ Mission Control Wizard โšก Automated AI Mode ๐Ÿ“ก Scan Dashboard ๐Ÿš€ First Launch Guide
ยฉ Ravi Yerra. All Rights Reserved.