# Pentest Copilot Documentation

## Pentest Copilot Documentation

- [Overview](https://copilot-docs.bugbase.ai/enterprise/readme.md): Pentest Copilot Enterprise - AI-native autonomous red-teaming
- [Enterprise Onboarding Checklist](https://copilot-docs.bugbase.ai/enterprise/enterprise-onboarding-checklist.md): A practical checklist for preparing a first enterprise scan.
- [Scan Noise and Safety](https://copilot-docs.bugbase.ai/enterprise/scan-noise-and-safety.md): Understand scan traffic, loudness, safety controls, and operational edge cases.
- [How to Trigger an External Scan](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan.md): Follow these steps to start a new external scan in Pentest Copilot Enterprise.
- [Configure Scan Settings for External Assessment](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/configure-scan-settings-for-external-assessment.md): Configure external assessment settings, including authentication, browser sessions, trajectory scope, rate limits, scan estimates, and browser behavior.
- [Recording Browser Session](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/recording-browser-session.md): Record Browser Sessions and help Pentest Copilot understand more about the domain.
- [Importing Browser Session](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/importing-browser-session.md): Import an existing browser session JSON bundle.
- [Validating Browser Sessions](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/validating-browser-sessions.md): Post creation of browser sessions validate them to ensure successful scans
- [Handling Captcha/Email/Mobile OTPs](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/handling-captcha-email-mobile-otps.md)
- [Manual Crawler](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-external-scan/manual-crawler.md): Record Trajectories Manually
- [How to Trigger an Internal Scan](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-internal-scan.md): Follow these steps to initiate an internal scan in Pentest Copilot Enterprise.
- [Internal Assessment Destructive Actions](https://copilot-docs.bugbase.ai/enterprise/how-to-trigger-an-internal-scan/internal-assessment-destructive-actions.md): Understand which Internal Assessment exploit categories can make persistent, destructive, or hard-to-revert changes.
- [Analysing Scan Results](https://copilot-docs.bugbase.ai/enterprise/analysing-scan-results.md)
- [Attack Surface](https://copilot-docs.bugbase.ai/enterprise/attack-surface.md)
- [Target Assets](https://copilot-docs.bugbase.ai/enterprise/attack-surface/target-assets.md)
- [Agents](https://copilot-docs.bugbase.ai/enterprise/attack-surface/agents.md)
- [Exploit Graph](https://copilot-docs.bugbase.ai/enterprise/exploit-graph.md)
- [Entities](https://copilot-docs.bugbase.ai/enterprise/exploit-graph/entities.md)
- [Relations](https://copilot-docs.bugbase.ai/enterprise/exploit-graph/relations.md)
- [Modules](https://copilot-docs.bugbase.ai/enterprise/modules.md)
- [Statistics](https://copilot-docs.bugbase.ai/enterprise/modules/statistics.md)
- [Attack Paths](https://copilot-docs.bugbase.ai/enterprise/modules/attack-paths.md): The Attack Paths page is the triage surface for every vulnerability discovered in a module. Each row is a single finding with its full attack chain attached, from the entry point to the exploited node
- [Activity](https://copilot-docs.bugbase.ai/enterprise/activity.md)
- [Logging](https://copilot-docs.bugbase.ai/enterprise/activity/logging.md)
- [Scheduling](https://copilot-docs.bugbase.ai/enterprise/activity/scheduling.md)
- [Reports](https://copilot-docs.bugbase.ai/enterprise/reports.md)
- [Vulnerability Testing Coverage](https://copilot-docs.bugbase.ai/enterprise/vulnerability-testing-coverage.md): Vulnerability categories covered by external and internal assessment.
- [Settings](https://copilot-docs.bugbase.ai/enterprise/settings.md): Configure tenant, scan, access, agent, integration, and scope settings.
- [API Keys & MCP Server](https://copilot-docs.bugbase.ai/enterprise/settings/api-keys-and-mcp-server.md): Pentest Copilot API keys let external tools call the REST API and the platform MCP server
- [Domains](https://copilot-docs.bugbase.ai/enterprise/settings/domains.md)
- [Domain Verification](https://copilot-docs.bugbase.ai/enterprise/settings/domain-verification.md): Verify root-domain ownership before external recording and scanning.
- [Trajectories](https://copilot-docs.bugbase.ai/enterprise/settings/trajectories.md): Add Trajectory Whitelist and Blacklist
- [Helpful Copilot](https://copilot-docs.bugbase.ai/enterprise/helpful-copilot.md)
- [Download Agent](https://copilot-docs.bugbase.ai/enterprise/download-agent.md)
- [User Guide](https://copilot-docs.bugbase.ai/open-source/user-guide.md): Pentest Copilot - Your ultimate ethical hacking assistant, copilot utilizes context to give directed results. From analysing web apps to root shells, it’s got you


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on a page URL with the `ask` query parameter:
```
GET https://copilot-docs.bugbase.ai/enterprise/readme.md?ask=<question>
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.