Serversage: a GPT-driven automated penetration testing and offensive security platform

ServerSage™ is an offensive security platform based on GPT technology designed to provide organizations with continuous, automated penetration testing services. Unlike traditional periodic security scans, ServerSage mimics the workflow of a human Red Team, utilizing AI to intelligently perform reconnaissance, system probing, security vulnerability exploitation and validation. It is deployed as a containerized Bastion Controller in the user's infrastructure, and securely interacts with hybrid cloud or local servers through interfaces such as AWS Systems Manager (SSM). The platform's core value is to significantly reduce the security risks faced by organizations by transforming costly and low-frequency manual penetration testing into a continuous, intelligent validation process that helps security teams proactively identify asset exposures, validate configuration errors, and generate audit-grade compliance reports before an attacker discovers a vulnerability.

Function List

• Automated Red Team Testing: Leveraging GPT-driven AI agents to autonomously execute the full attack lifecycle, from reconnaissance to exploit verification.
• Hybrid Cloud Asset Overlay: Support for AWS cloud environments and local data centers (On-Premise) to manage targets via SSM, SSH, or proxy.
• Intelligent Vulnerability VerificationNot only does it identify potential risks, it also attempts to safely exploit the vulnerability (Safe Exploit Execution) to verify its true harm and reduce false positives.
• attack surface enumeration: Autodiscover external and internal assets, including subdomains, open ports, shadow IT assets, and misconfigured API endpoints.
• Real-time audit reports: Detailed time-stamped logs of all testing activities and the ability to generate audit reports that meet compliance requirements (e.g., OWASP Top 10).
• AWS SSM Integration: Deep integration with AWS Systems Manager for granular privilege control and secure access without exposing SSH ports.
• Continuity Verification: Supports high-frequency continuous testing to ensure that security is verified as soon as code changes or new assets go live.

Using Help

The deployment and use of ServerSage is centered around the installation of a "Bastion Controller" in conjunction with a cloud dashboard. The following is the standard operating procedure for containerized based deployments:

1. Preparatory work

Before you begin, make sure you meet the following conditions:

• Have a valid ServerSage.ai account.
• The target environment (usually AWS) is ready and has the ability to configure IAM permissions.
• A server or virtual machine with Docker installed to run the control node.

2. Bastion Deployment

Instead of scanning your internal servers directly over the public network, ServerSage mediates this by deploying a lightweight Docker container inside them.

Get Docker image with credentials:
Log in to the ServerSage web console and find the deployment commands in the "Infrastructure Setup" section. Typical forms are as follows (please refer to the actual commands provided in the dashboard):

docker run -d \
--name serversage-bastion \
-e API_KEY="您的专属API密钥" \
-e REGION="us-east-1" \
serversage/bastion-controller:latest

When this container starts, it automatically establishes an encrypted connection to ServerSage's cloud API and waits to receive task instructions.

3. Configuring AWS permissions (IAM Integration)

In order for AI to securely scan and test your AWS resources, AWS Systems Manager (SSM) needs to be configured.

1. Creating IAM Roles: Create a new IAM Role in the AWS console, giving it SSM-related least privileges (ServerSage will provide the recommended JSON policy file).
2. Linked Example: Attach this IAM role to the EC2 instance on which you wish to perform the penetration test.
3. Verify Connection: In the ServerSage dashboard, check the "Targets" list to confirm that the deployed Bastion node has successfully recognized your cloud assets.

4. Initiation of penetration test missions

Once deployed, all operations can be completed in the web interface:

• Project Setup: Click "New Assessment" in the dashboard and select the scope of assets to be tested (e.g., specific VPC, subnet, or server tags).
• Select Test Mode::
  • Reconnaissance Only(Reconnaissance only): Asset discovery and port scanning only, no attack attempts.
  • Full Pentest(Full Penetration): Performs a complete red team testing process including vulnerability exploitation verification.
• Initiate tasks: Click on "Start Scan". The AI will start working autonomously and you can see the decision making process of the AI in real time on the interface (e.g. "Port 80 is found open, trying to identify the web service version..."). ").

5. Viewing and exporting reports

At the end of the test, go to the "Reports" module:

• View Attack Path: A visualization showing how the AI gains access to the system step by step.
• Vulnerability Details: View CVSS scores, evidence screenshots, and remediation recommendations for each vulnerability.
• deriveClick on "Export PDF" to generate a final report suitable for management or auditors.

6. Setting up continuous monitoring

To realize DevSecOps:

• In the Schedules tab, set up a light scan to be performed automatically once a week or once a day.
• Configure notifications (Email or Slack) to notify the security team as soon as a Critical Vulnerability is discovered.

application scenario

1. Corporate compliance self-inspection
   Prior to the annual external audit, organizations use ServerSage for an internal pre-audit that automatically detects compliance with vulnerability management requirements in standards such as SOC2 or ISO27001 and remediates issues in advance.
2. DevSecOps Process Integration
   After releasing a new version of code to the production environment, the software development team triggers ServerSage to perform automated penetration testing to ensure that the new features do not introduce high-risk vulnerabilities such as SQL injection or privilege bypass.
3. Shadow IT Asset Discovery
   For large organizations with complex hybrid cloud environments, security teams use the tool to automatically scan and inventory all online assets, discovering "shadow servers" and legacy test environments that are not registered by the IT department and eliminating the unknown attack surface.

QA

1. Will ServerSage's AI steal my data?
   No. ServerSage states that it only sends necessary contextual information (e.g., operating system type, error logs) to the model for decision making and follows a privacy policy that your sensitive business data will not be used to train public AI models.
2. How does this differ from a traditional Nessus or OpenVAS scanner?
   While traditional scanners are primarily based on rule matching and are prone to a high number of false positives, ServerSage mimics the mind of a human hacker who tries to "exploit" a vulnerability to validate its authenticity (Proof of Exploitation), resulting in a very low false positives and the ability to find complex logical vulnerabilities.
3. Do I need to open inbound ports to deploy the Bastion container?
   Not required. the Bastion container communicates with the ServerSage API over an Outbound Connection. you don't need to open any dangerous inbound ports on the firewall for ServerSage. securing the network perimeter.
4. What operating systems are supported?
   Currently, the main Linux distributions (Ubuntu, CentOS, Amazon Linux) and Windows Server environments are supported, as long as they support Docker or are managed by AWS SSM.