Shannon Explanations
Explanations are understanding-oriented: they illuminate concepts, architecture, and the reasoning behind design choices. They give context, not steps. To actually do something, see How-to guides or Tutorials.
Available explanations
Section titled “Available explanations”- Introduction: what Shannon is, why it exists, and how a five-phase scan works.
- Editions: how Shannon Open Source compares to the commercial Keygraph platform.
- Safety and limitations: authorized-use requirements, mutative effects, cost, and model caveats.
- Coverage: current vulnerability coverage, the proof-by-exploitation philosophy, and the OWASP WSTG matrix.
- Keygraph platform: the continuous pentesting platform that runs an enhanced build of Shannon.
- Community and support: license, office hours, Discord, and where to report issues.
Coming soon
Section titled “Coming soon”- How Keygraph proves exploitability: the shape of the work, from hypothesis to attack to artifact to verdict.
- The Code Property Graph: how source-aware analysis maps your application.
- Whitebox vs. blackbox: code-aware exploitation vs. zero-code-access pentesting.
- The verdict layer: adjudicating exploitable vs. confirmed non-exploitable.
- Architecture and data handling: in-perimeter, stateless, bring-your-own-keys, read-only by default.