Skip to content

Workspace

What The Workspace Does

The Workspace is the operational center of PentestPath. It combines:

  • visual attack graph
  • node metadata, tags, status, severity, and notes
  • scope and target context
  • Findings and Evidence side panels
  • Arsenal command suggestions
  • Pro AI Assistant

Graph Model

Nodes represent meaningful engagement steps such as recon, exploitation, privilege escalation, lateral movement, or loot. Use edges to show how one action leads to another. In larger engagements, connect branches when evidence from one path enables another path, for example:

  • exposed web backup -> recovered service credentials
  • recovered credentials -> SSH access
  • SSH access -> pivot tunnel
  • pivot tunnel -> domain controller enumeration
  • SMB access + domain credentials -> lateral movement to a file server

That kind of cross-branch linking is what makes the graph useful as an attack-path model rather than just a diagram.

Node Data

Each node can carry:

  • title and type
  • status and severity
  • tags
  • notes
  • CVSS value for legacy node metadata
  • attachments

Findings and Evidence are tracked in dedicated workflows, then linked back to the relevant graph nodes.

Practical Workflow

  1. Import or define the target scope.
  2. Add graph nodes for meaningful decisions, not every tiny command.
  3. Use Infrastructure Hub when scan data is noisy and should be staged before graph insertion.
  4. Link Findings and Evidence to the nodes that prove the issue.
  5. Use auto-layout when the graph gets large, then adjust key nodes manually when needed.
  6. Use the demo session from Settings to inspect a populated multi-branch graph.

PentestPath documentation