| What Neo Can Do | How |
|---|---|
| Run commands, search code, and persist evidence | Terminal and filesystem access inside isolated sandboxes |
| Discover and test APIs like a proper tester | Full OpenAPI toolchain for discovering, inspecting, crafting requests, and replaying at scale |
| Test modern web apps including SPAs | Real browser automation: login flows, DOM interaction, screenshots, network capture, and PoC generation |
| Verify vulnerabilities with external proof | Out-of-band callbacks via Interactsh with timestamped evidence |
| Accelerate testing with known techniques | Curated databases of XSS payloads, bypass techniques, and attack vectors |
| Chain complex multi-step workflows | Planning and multi-agent coordination without losing context |
CORE CONCEPTS
Capabilities
Terminal access, browser automation, API testing, and everything Neo uses to test your stack
Neo comes loaded with everything a senior security engineer needs: terminal access, browser automation, API testing, knowledge bases, and out-of-band verification, all running inside isolated sandboxes. Over 40 purpose-specific capabilities let Neo operate like a hands-on security practitioner at speed.
When a target requires real interaction, Neo can drive a real browser: login, navigate complex flows, test for DOM XSS and CSRF, and capture screenshots as evidence. It handles JavaScript-heavy apps the way your senior pentester would, clicking, waiting, retrying, and collecting the right evidence.
These capabilities are built for the full lifecycle of security work: reconnaissance and asset discovery, endpoint enumeration and fingerprinting, request crafting and replay at scale, browser-driven auth and stateful flows, differential analysis of responses and configurations, repeatable checks and regressions, PoC generation, triage, and report creation. Think of them as the focused operator toolkit for appsec, product security, and red-team work, where speed, coverage, and repeatability matter.