| Tool Category | Purpose |
|---|---|
| Terminal and filesystem | Run commands, read and write files, search code, and persist evidence to durable storage |
| API and HTTP | Web search for fresh context and complete OpenAPI toolchain for discovering, inspecting, and testing APIs like a proper tester |
| Knowledge | Tap curated security databases for XSS payloads, vectors, and bypass techniques to accelerate testing |
| Browser | Handle navigation, tab management, clicks, typing, form interactions, screenshots, network capture, and PoC generation for testing modern web apps and reproducing issues like DOM XSS, CSRF, and auth bypasses |
| OAST | Register out-of-band callbacks via Interactsh, poll for responses, and verify vulnerability claims with timestamped proof |
| Planning | Manage todos and enable multi-agent handoffs, routing terminal work to sandbox agents and browser work to browser agents without losing context |
CORE CONCEPTS
Tools
What AI agents can do at runtime and how they use tools
Tools are how AI agents get real work done. In Neo, we ship over 40 purpose‑built, modular, MCP‑native tools designed by ProjectDiscovery to let language models operate like a practical, human‑level operator: running terminals, interrogating and composing APIs, driving a real browser, browsing and grounding in your knowledge, recalling context at high speed, and indexing or syncing sources with workflow‑level detail. These tools are engineered for reliability and speed, with typed interfaces for predictable behavior.
When a page requires real execution, the browser tools step in. Headless navigation, DOM extraction, request interception, scripted interactions, and high‑fidelity screenshots let the model work with JavaScript‑heavy applications the way a human would—clicking, waiting, retrying, and collecting the right evidence with minimal ceremony. All network and DOM events are available as structured records, so subsequent steps can be deterministic rather than brittle string scraping.
These tools are built to accelerate security workflows and testing: reconnaissance and asset discovery, endpoint enumeration and fingerprinting, request crafting and replay at scale, browser‑driven auth and stateful flows, differential analysis of responses and configurations, repeatable checks and regressions, PoC generation and execution, triage, and report artifact creation. Think of them as a focused operator toolkit for appsec, product security, and red‑team work, where speed, coverage, and repeatability matter.
At a human level, an operator types into a terminal, opens a browser, reads and writes files, searches knowledge, composes APIs, and writes reports. The tools mirror this shape, giving the model those same affordances with millisecond‑level recall, bulk processing, and deterministic chaining.
Some examples of tool categories are as follows: