turbopentest_download_report
Download a full penetration test report in the specified format. The scan must have status 'complete' before a report can be generated. Use format 'markdown' for AI-readable analysis, 'json' for structured programmatic data, or 'pdf' for a professionally formatted document suitable for stakeholders.
turbopentest_get_credits
Check your current credit balance, usage breakdown by tier, and available scan tiers with pricing. Credits are consumed when launching penetration tests — each tier costs one credit of the matching type. Call this before turbopentest_start_scan to verify you have sufficient credits for the desired tier.
turbopentest_get_findings
Retrieve structured vulnerability findings for a completed penetration test. Each finding includes severity, CVSS score, CWE classification, detailed description, proof of concept, remediation steps, and a retest command. Returns up to 20 findings at a time — use the severity filter to focus on specific risk levels. Use turbopentest_download_report for a complete exportable report.
turbopentest_get_scan
Retrieve full details for a specific penetration test by its ID. Returns current status, scan progress percentage, findings summary by severity, executive summary, attack surface map, and STRIDE threat model. Use this to monitor a running scan or review completed results. For detailed vulnerability data, follow up with turbopentest_get_findings.
turbopentest_list_domains
List all domains in your account with their verification status and expiry dates. A domain must have status 'verified' before it can be used as a target in turbopentest_start_scan. To verify a new domain, add a DNS TXT record via the TurboPentest dashboard at turbopentest.com/domains.
turbopentest_list_scans
List all your penetration tests with their status and finding counts, ordered newest first. Use this to find pentest IDs, check which scans are running, or review past results. Supports filtering by status and limiting result count. Use turbopentest_get_scan with a specific ID for full details.
turbopentest_start_scan
Launch an AI-powered penetration test against a target URL. The target domain must be verified first — use turbopentest_list_domains to check. Requires an available credit matching the selected tier — use turbopentest_get_credits to check balance. Returns a pentest ID that can be used with turbopentest_get_scan to monitor progress.
turbopentest_verify_attestation
Verify a blockchain-anchored penetration test attestation by its SHA-256 hash. Returns scan metadata (tier, agents, duration, risk score, finding summary) and blockchain proof (chain ID, transaction hash, block number, merkle root) if anchored. This is a public endpoint — no API key is required. Use this to independently confirm that a pentest was performed and its results are tamper-proof.