Scan Modes

What Automated AI Mode Does

Plans the entire engagement strategy before touching the target
Selects and sequences the right tools for the detected tech stack
Generates context-aware payloads — not static wordlists
Adapts attack strategy in real-time based on each response
Chains individual findings into full attack paths
Writes professional narrative for each confirmed finding
Produces an executive and technical report on completion

When to Use Automated AI Mode

Use Automated AI Mode when you want the platform to act as your senior pentester — plan, execute, adapt, and report without manual direction. Ideal for:

Time-boxed engagements where coverage speed matters
Initial reconnaissance on a new target
CVE validation campaigns across a full tech stack
Situations where you want AI-generated PoC for every finding

How It Works

1

Mission Control Wizard

Enter target, scope, authorization confirmation, and environment type. The wizard pre-configures attack categories based on the surface you selected.
2

AI Engagement Planning

The AI reviews the target, identifies the likely tech stack, and builds an ordered attack plan — highest-impact surfaces first. This takes 15–30 seconds.

3

Autonomous Execution

Six AI agents deploy simultaneously. Each agent handles a surface area. The AI adapts payloads based on each response — not running a static list.

Agent-1 (Recon)       → Mapping attack surface
Agent-2 (Injection)   → SQL, SSTI, XSS, XXE
Agent-3 (Auth)        → Auth bypass, session attacks
Agent-4 (Logic)       → Business logic flaws
Agent-5 (CVE)         → CVE exploitation
Agent-6 (Chain)       → Multi-step attack chains

4

Evidence Collection & Report

Every confirmed finding includes raw HTTP captures, terminal output, and a copy-paste PoC. The AI writes business-impact narrative for each finding and generates the full report.

Requires: AI API key configured in Settings → AI Configuration. All 60+ tools available on your license.

What Semi-Automated Mode Does

Runs tool-driven scans automatically on targets you define
Presents results for you to review, validate, and prioritize
Lets you launch exploitation manually on selected findings
AI assists with payload generation when invoked manually
You control the pacing — pause, redirect, add scope any time

When to Use Semi-Automated Mode

Best for engagements where you want coverage automation but human-in-the-loop control over what gets exploited. Ideal for:

Engagements with sensitive production targets (avoid aggressive auto-exploitation)
Compliance-driven assessments where each step must be logged and approved
Learning — observe what PhantomYerra finds, then manually confirm each finding
When you want to add custom payloads or manual techniques alongside automated scanning

Workflow

1

Configure & Launch Scan

Select surface, enter target, set scope. Choose which tool categories to run — discovery only, vuln scan, or full suite.
2

Review Streaming Findings

Findings stream in real-time. Each has a severity badge, CVSS score, and raw evidence. Click any finding to expand full details.
3

Manually Exploit Selected Findings

Click Exploit on any finding to launch the exploitation module for that specific vulnerability. AI generates payloads on demand.
4

Generate Report

When satisfied with coverage, click Generate Report. Select finding set to include — all findings, confirmed only, or critical/high only.

What Manual Mode Provides

Direct access to every individual tool — run exactly what you need
Custom payload editor for each tool
Full terminal output for all tool runs
Manual finding creation — add anything you discover yourself
Evidence capture at any point during testing
AI available on-demand for payload generation or finding analysis

When to Use Manual Mode

Full control. You run tools, you find things, you log them. Use when:

You are an experienced pentester who knows exactly what to run
You need to test a specific vulnerability class not covered by automation
The target requires unusual or custom tooling
You are building a PoC for a specific finding and need raw tool access

Manual Testing Workflow

1

Open Tool Runner

Navigate to the surface → Manual Tools tab. Every licensed tool appears with its full option set. Run any tool with custom arguments.
2

Capture Evidence

Use the Capture button at any point to save terminal output, screenshots, or raw HTTP as evidence attached to this engagement.
3

Log Findings Manually

Click New Finding in the findings panel. Fill in title, severity, CVSS, description, evidence, and PoC steps. The AI can draft the narrative if you provide the raw output.
4

Generate Report

Manual findings are included in report generation alongside any automated findings from the same engagement.

Feature	Automated AI	Semi-Automated	Manual
Tool selection	AI decides	Category-based	You choose
Payload generation	AI, context-aware	AI on demand	You write or AI assists
Exploitation	Fully autonomous	Manual trigger	Fully manual
Speed	Fastest	Medium	Slowest
Coverage	Highest	High	Depth over breadth
Requires AI key	Yes	Optional	Optional
Report generation	Auto + AI narrative	Auto + manual narrative	Manual findings + templates

What Automated AI Mode Does

When to Use Automated AI Mode

How It Works

Mission Control Wizard

AI Engagement Planning

Autonomous Execution

Evidence Collection & Report

What Semi-Automated Mode Does

When to Use Semi-Automated Mode

Workflow

Configure & Launch Scan

Review Streaming Findings

Manually Exploit Selected Findings

Generate Report

What Manual Mode Provides

When to Use Manual Mode

Manual Testing Workflow

Open Tool Runner

Capture Evidence

Log Findings Manually

Generate Report

Mode Comparison