Skip to content

Mobile Deep Agentic Scan

The Mobile Deep Agentic Scan provides AI-powered penetration testing that uncovers complex logical flaws, chains multiple vulnerabilities into sophisticated attack paths, and validates findings through proof-of-concept exploits to confirm real-world impact on your mobile applications.

To create a Mobile Deep Agentic Scan:

  1. Click the "Hamburger" menu icon. Hamburger Menu Icon

  2. Click on "Scanning". Scanning Menu

  3. Navigate to the scan page by clicking "New Scan". New Scan Menu Item

  4. Enter a name for your scan in the "Title" field. This field is optional. Scan Title

  5. If the application is available on the store, select either "PlayStore" for Android or "AppStore" for iOS. You can also upload an APK or AAB file for Android or an IPA file for iOS, or even TestFlight. For this example, we will select "PlayStore". Select Store

  6. Search for the application using its name, package name, or bundle ID. Press "Enter". If the application is only accessible in a specific location or country, use the "Country" menu to select the appropriate option. Click "Continue". Search Application

  7. Once you have selected your desired application, select "Mobile Deep Agentic Scan" as the scan type. At this point, you can create the scan by clicking "Submit" or you can choose to provide specific instructions for the deep scan to focus on particular areas of the application. To do this, click on "Continue". Select Scan Plan

  8. Select one of your configured ""AI Provider" API keys for this Agentic Deep Scan scan, or create a new one "ADD API KEY". Select BYOK Key

  9. Prompts allow you to guide the Deep Scan on what to test. You can select from existing prompts or create your own by clicking on "+ Prompt". After selecting or adding the desired prompts, click on "Continue". Select or Add Prompts

  10. Select or add new test credentials to enable the Deep Scan to perform authenticated testing. After selecting or adding the desired credentials, click on "Continue". Test Credentials

  11. You can also configure advanced settings such as "Scope URLs regexes" to whitelist specific URLs to be scanned. Click on "Submit" to start the scan. Submit Scan

  12. Click on "Show" to see the scan. Submit Scan

This tutorial demonstrated how to create a Mobile Deep Agentic Scan from the store or through a file upload.