Scan-as-You-Browse: Real-Time AI Pentest for Every Page Your Team Loads

That's scan-as-you-browse — the flagship mode of the Pentestas Windows .NET agent. Below is how it works, why it solves a real coverage gap, and what it looks like in the industries that care most.

Legacy vulnerability scanners follow links. If your app has:

• A multi-step onboarding flow gated by a signed token only the real user receives
• An admin panel that only renders when the logged-in role is admin
• A billing section accessible only after a plan upgrade
• A feature-flagged dashboard invisible to uninstrumented accounts

…the crawler misses half of it. You end up with a scan report that covers the marketing pages, the login form, and the dashboard root — and nothing past that. Meanwhile, every real vulnerability your attacker finds will come from the flows the crawler didn't reach.

Manual testers solve this by actually using the product. Two problems with that approach:

1. It's slow — you pay a consultant $2–4K/day to click buttons you could have scripted.
2. The manual tester is a bottleneck. Every page they visit is a single linear trace through your app; the attack surface is N×M combinations of state.

Scan-as-you-browse inverts both constraints. A tester drives the UI normally (click, type, log in, complete workflows). The platform captures every request in the background and dispatches AI-powered probes against the endpoints discovered. Coverage maps to actual usage instead of the crawler's best guess.

The agent is a native Windows desktop app — WPF on .NET 8, single-file self-contained .exe (~35 MB), Authenticode-signable. Four moving parts:

WebView2 — the embedded browser

Instead of shelling out to Chrome or Firefox and wrestling with CA cert trust, the agent embeds Microsoft's Edge-Chromium runtime via WebView2. The browser is inside the app. User hits the URL bar, types a target, clicks Go. Every page loads exactly like it would in their normal browser — because it's the same rendering engine.

CDP capture — no proxy, no cert dance

The agent subscribes to Chrome DevTools Protocol's Network domain directly. On every navigation:

• Network.requestWillBeSent → the agent stashes the request.
• Network.responseReceived → adds response headers and status.
• Network.loadingFinished → the agent calls Network.getResponseBody and packs everything into a browser_request frame.

This is a proxy-free architecture. No MITM. No CA cert to install. No user profile surgery. No HTTPS handshake drama. Every request is observed from inside the browser process, where the data already lives. The UX is indistinguishable from browsing normally.

Scope filter — captures only the site you're testing

When you navigate to https://customer.com, the registrable domain customer.com becomes the session scope. Any request to *.customer.com streams to Pentestas; third-party CDN / analytics / font calls are dropped client-side. A running "dropped: N" counter in the status bar shows the filter working.

This solves the legal and UX concerns. Your test captures nothing about unrelated domains. The backend never sees third-party traffic.

Backend — active probes, live findings

Captured requests flow to the Pentestas backend over WebSocket. The backend queues active probes (SQLi, IDOR, BFLA, JWT analysis, auth bypass, missing auth-check checks) against every captured endpoint. Findings stream back to the agent via finding_notify frames and render live in the sidebar colour-coded by severity. Typical latency: sub-second.

1. User double-clicks PentestasAgent.exe.
2. First-run dialog prompts for the agent key from the web UI (pa_... value, DPAPI-encrypted at CurrentUser scope so only this Windows user can decrypt it).
3. Main window opens. URL bar, Back / Forward / Refresh / Go / Settings, embedded browser, findings sidebar, status bar.
4. User types the target URL, clicks Go. The registrable domain becomes scope.
5. User logs in normally. Cookies, tokens, session state all work — everything flows through the real browser.
6. User clicks around the app the way they would in production. Every request flows to the backend for active testing.
7. Findings appear in the sidebar within seconds. CRITICAL first, most recent first. Click a finding to see the request + response + validation step.
8. Session ends when the user closes the window. Profile is isolated (%LocalAppData%\Pentestas\WebView2), never touches their normal Edge profile.

There is no tool-setup phase. The longest thing is the OAuth login to your own app.

A Burp-in-the-middle workflow has the same surface-level shape — human drives the browser, tool captures requests — but three things go sideways:

1. CA cert trust is a source of friction. Every engineer who's run Burp against a corp laptop has an opinion about the cert-trust dance. WebView2's CDP avoids this entirely.
2. TLS 1.3 + HTTP/3 + HSTS break or degrade many proxies. CDP sees the traffic inside the browser, after decryption is already done.
3. Active testing is a human afterthought — Burp captures; the pentester decides what to attack; each attack is a manual action. Pentestas automates the "what to attack" step with AI specialists and runs probes in parallel. The pentester keeps browsing.

The Pentestas model is: human supplies intent (where to click, what flow to follow); AI supplies attack coverage (every probe that matches every captured endpoint).

Fintech

A fintech pentest almost always needs an authenticated test of the post-login flows: account creation, KYC upload, fund transfer, transaction history, webhook configuration. These workflows are behind 2FA and involve multi-step state transitions that no crawler will discover. Scan-as-you-browse lets your AppSec engineer walk a real onboarding, and every endpoint touched becomes a target for ai penetration testing probes. PCI DSS 4.0 evidence: a session log showing every endpoint was probed, with a mapping to findings.

Medtech

Patient-data apps often have complex role models — doctor, nurse, billing admin, patient, caregiver — each with a different view. The scan-as-you-browse workflow for a medtech pentest involves running the agent twice: once as a doctor (captures the clinical-record paths), once as a billing admin (captures the PHI-rich billing paths), then running a cross-role authz comparison on the backend. The Pentestas Authz specialist is tuned for this exact comparison: endpoints accessible to Role A but also returning 200 for Role B's token get flagged as privilege-escalation hypotheses.

Legaltech

Document-review workflows are the archetypal "only discoverable by using the product" surface — the crawler will find /documents and stop; the real attack surface is at /documents/123/annotations/456/replies/789. Scan-as-you-browse captures every request a real reviewer makes and targets probes at each endpoint. Combined with source-code-aware mode (if you supply the repo), the platform pairs "this endpoint was observed in use" with "this endpoint handler doesn't check ownership" and ships the pair as a CRITICAL IDOR hypothesis.

Banks + financial services

Banks run many internal admin panels — fraud-investigation consoles, risk-scoring admin UIs, operational dashboards — that never face the public internet. A consultant-led pentest of these apps is $$$-per-day; a continuous internal ai pentest against them is a per-seat subscription. An ops engineer runs the Pentestas agent on their laptop, browses the internal admin UI normally for thirty minutes, and the backend dispatches AI-driven probes against every endpoint touched. The agent's IP allowlist (admin-configurable per key) enforces that the WebSocket only accepts connections from approved source IPs.

Insurance

Underwriting apps have long workflows with conditional branches: different forms for different policy types, different approval chains for different dollar values, optional riders that only render after specific answers. Each branch is a different attack surface. Scan-as-you-browse makes it feasible to cover all of them without writing a crawler config that encodes every conditional — the underwriter just uses the app, and the platform tests each path as the user walks it.

A few specifics the security-minded buyer will want:

• **Tenant scope*— the agent key authenticates to exactly one tenant. A leaked key gets nothing in any other workspace.
• **IP allowlist*— the WebSocket connection is only accepted from pre-declared source IPs. Admins edit the allowlist in the UI without rotating keys.
• **Forward-only traffic*— the agent opens a single outbound WebSocket to wss://app.pentestas.com:443. No inbound ports. No daemon to attack.
• **WebView2 profile isolation*— %LocalAppData%\Pentestas\WebView2 is separate from the user's normal browser. CookieslocalStoragecached credentials never cross.
• **DPAPI CurrentUser encryption*— the agent key is DPAPI-encrypted at CurrentUser scope. Even admin access to the box can't decrypt it without the user's logon session.
• **Disable/delete*— an admin in the web UI can immediately disconnect a running agent. The backend drops the live socket and blacklists the key.
• **Body capture cap*— requestresponse bodies are capped at 256 KB per direction. Larger bodies are truncated (original size retained in metadata) so a single 100 MB upload doesn't blow the WebSocket budget.

Detailed install + signing workflow lives at the Windows .NET agent docs. Summary:

1. In Pentestas UI: Settings → Agents → New → IP allowlist → copy the pa_... key.
2. Build the .exe (.\build.ps1 in the agent source tree) or grab the signed prebuilt from your account manager.
3. Double-click the .exe. Paste the key. Start browsing.

No driver installs, no MSI, no cert trust dance, no admin privilege required to run.

The .NET agent is the flagship; the same scan-as-you-browse model will ship next in a Chrome extension for cross-platform coverage, and as a managed-browser mode in our macOS agent (currently in private alpha). Scope of captured traffic, active probe surface, and backend correlation logic are shared across all three — what differs is the host runtime.

• Windows .NET agent — installarchitecture
• Browser capture — the CDPWebSocket architecture in depth
• Attack chain synthesis — what the backend does with the captured requests
• AI penetration testing explained — the umbrella methodology