• Tools
  • Features
  • Resources

Introduction

Getting Started

Platform Features

Scanning
AI Analysis
OverviewSuggestion modesNext steps modeDeep analysis modeMCP toolsModels & costFeedback loop
Code Scanning (SAST)
Reports
Dashboard & Analytics

Developer Reference

REST API
CLI Reference
CI/CD Integration
Tool Tactics
⌘K

On this page

OverviewSuggestion modesNext steps modeDeep analysis modeMCP toolsModels & costFeedback loop
Powered by Claude AI

AI Analysis

Turn raw scan findings into actionable insights. AI Analysis uses Claude models and MCP tools to deliver next-step recommendations and deep analysis enriched with CVE and OWASP context.

Overview

When a scan finishes, you have a list of findings — but which findings matter? What should you do next? AI Analysis answers these questions by analyzing your scan results with Claude and returning a structured output.

How it works

  1. You select a scan job and choose a mode (next_steps or analysis)
  2. The backend collects evidence from all scan steps
  3. The orchestrator picks a strategy (workflow or agent) and a model
  4. Context is enriched via MCP tools (CVE lookup, EPSS scores, etc.)
  5. Claude generates a structured response, persisted to the database
  6. You review and submit feedback to improve future outputs
Caching
Suggestions are cached in Redis based on the context input. If the same scan already has a suggestion, it returns instantly without spending new tokens.

Suggestion modes

There are two AI modes that match different use cases:

next_steps

Next steps

Returns a list of recommended next tool runs based on current findings.

Default: claude-haiku-4-5 · workflow strategy

analysis

Deep analysis

Full analysis of scan results with severity, exploitability, and remediation guidance.

Default: claude-sonnet-4-6 · workflow strategy

Next steps mode

This mode analyzes your scan results and recommends 3-5 next tool runs with priority and reasoning. Great for guiding workflows when you're unsure of the next step.

How to use via UI

  1. Navigate to any Scan details page.
  2. Click on the 'AI Suggestions' or 'Next Steps' tab.
  3. Click the 'Generate Suggestions' button.
  4. Wait a moment for Claude to analyze the data.
  5. A list of next steps will appear with priority levels.

Deep analysis mode

Deep analysis produces an executive-level summary of the scan with severity grouping, attack path analysis, and remediation steps. Great for pre-report walkthroughs or briefing non-technical stakeholders.

How to use via UI

  1. In the Dashboard, select the 'Deep Analysis' tab.
  2. You will see an Executive Summary of the results.
  3. Review Attack Paths to understand the risks.
  4. Follow the Remediation steps to fix the issues.

MCP tools

Auto-Offensive ships an MCP server that exposes 18 specialized tools to Claude. These tools enrich AI suggestions with external context like CVE data, OWASP categories, and historical results.

MCP-compatible
The MCP server runs at /mcp-server/mcp and works with any MCP-compliant client, including Claude Desktop.

Available tools

cve_lookupLook up CVE details
cwe_detailsCWE weakness info
epss_scoreExploit Prediction Scoring
exploit_pocExploit PoC lookup
owasp_mappingOWASP category mapping
severity_calculatorCVSS calculator
attack_patternsAttack pattern lookup
remediation_guideRemediation guidance
http_headers_checkSecurity headers analysis
nuclei_template_searchNuclei template search
payload_encoderPayload encoding utilities
port_service_mapPort-to-service mapping
subdomain_intelSubdomain intelligence
tech_catalogTechnology catalog
tool_capabilityTool capability lookup
waf_fingerprintWAF detection
scan_evidenceScan evidence retrieval
feedback_historyOperator feedback history

Models & cost

Auto-Offensive uses Claude models from Anthropic. Each mode has a default model with a fallback chain to alternative models if the primary is unavailable.

Cost estimation

Before generating a suggestion, you can estimate the cost to show users a price hint.

Viewing estimate via UI

  1. When you are about to Generate an analysis...
  2. The system will automatically display the estimated cost above the button.

Capabilities & health

Checking via UI

  1. Go to 'Settings' > 'AI Configuration'.
  2. You can see the AI Health status and available Models.

Feedback loop

Operators can submit feedback on saved suggestions. Feedback is used to improve future outputs through the MCP feedback_history tool.

Providing Feedback via UI

  1. Below each Suggestion, there are Thumbs Up and Thumbs Down buttons.
  2. Click on them and you can write your comment.
  3. Click Submit to save.
Previous
Scanning
Next
Code Scanning (SAST)