Skip to content

Shannon Explanations

Explanations are understanding-oriented: they illuminate concepts, architecture, and the reasoning behind design choices. They give context, not steps. To actually do something, see How-to guides or Tutorials.

  • Introduction: what Shannon is, why it exists, and how a five-phase scan works.
  • Editions: how Shannon Open Source compares to the commercial Keygraph platform.
  • Safety and limitations: authorized-use requirements, mutative effects, cost, and model caveats.
  • Coverage: current vulnerability coverage, the proof-by-exploitation philosophy, and the OWASP WSTG matrix.
  • Keygraph platform: the continuous pentesting platform that runs an enhanced build of Shannon.
  • Community and support: license, office hours, Discord, and where to report issues.
  • How Keygraph proves exploitability: the shape of the work, from hypothesis to attack to artifact to verdict.
  • The Code Property Graph: how source-aware analysis maps your application.
  • Whitebox vs. blackbox: code-aware exploitation vs. zero-code-access pentesting.
  • The verdict layer: adjudicating exploitable vs. confirmed non-exploitable.
  • Architecture and data handling: in-perimeter, stateless, bring-your-own-keys, read-only by default.