What is Agent-as-a-Service pentesting?

Agent-as-a-Service (AaaS) pentesting lets you chat with autonomous pentesting agents that scan your application on demand. Instead of waiting weeks for a manual engagement, you talk to specialized agents — pen-scout (recon and surface mapping), pen-recon (deeper enumeration), pen-triage (validates and prioritizes findings), pen-fixer (remediation guidance), and pen-compliance (OWASP/standards mapping). Findings are validated with proof-of-concept and re-test, not just flagged. You start with 150 free credits, no credit card.

What are credits and how do they work?

Credits are how you run agent scans. Each scan or agent action consumes credits based on its depth. New accounts get 150 free credits with no card required. After that you can buy one-time credit packs ($29, $79, or $199) for pay-as-you-go use, or subscribe to a monthly tier ($49, $149, or $399/mo) for continuous, on-demand pentesting. The agents pen-scout, pen-recon, pen-triage, pen-fixer and pen-compliance all draw from the same credit balance.

Yes. Every new account gets 150 free credits with no credit card required — enough to chat with the pentesting agents and run real scans against your app. There is also a free security headers scan at sable.somoswilab.com/free-scan and a sample report at sable.somoswilab.com/sample-report. The free tier runs on OpenRouter models so you can evaluate the autonomous agents before paying.

What is penetration testing for startups?

Penetration testing (pentesting) is a simulated cyberattack against your application to find security vulnerabilities before real attackers do. For startups, we focus on the issues that matter most at your stage: authentication flaws, data exposure, API security, and common mistakes in modern stacks like Next.js, Supabase, and Firebase.

How much does a pentest cost?

Traditional pentests cost $10,000-$50,000+. SableOffensive starts at $29 for a Pre-Launch Check covering OWASP Top 10 and secrets detection. Founder Shield ($79) adds IDOR testing, auth bypass, and a debrief call. Scale Secure ($199) is a full-scope assessment. Every plan includes a professional report with remediation steps.

How long does a security scan take?

Pre-Launch Check reports are delivered within 24-48 hours. Founder Shield and Scale Secure may take 2-3 business days depending on the complexity of your application.

What do I need to provide?

At minimum, just your application URL. For more comprehensive testing, we may ask for staging credentials, API documentation, or GitHub repository access. We sign NDAs for all engagements.

What is OWASP Top 10?

OWASP Top 10 is the industry standard list of the most critical web application security risks. It includes injection attacks, broken authentication, cross-site scripting (XSS), server-side request forgery (SSRF), and security misconfigurations. Every SableOffensive assessment tests against the full OWASP Top 10.

Do you test AI-generated code?

Yes. Code generated by AI tools like Cursor, GitHub Copilot, and v0 often contains subtle security issues: hardcoded secrets, missing input validation, insecure API patterns, and overly permissive access controls. We have specific testing procedures for AI-generated codebases.

How do you secure Supabase and Firebase apps?

For Supabase, we audit Row Level Security (RLS) policies, test for direct table access, and check for exposed service keys. For Firebase, we review security rules, test Firestore/RTDB access patterns, and check Cloud Functions for vulnerabilities.

What if you find zero vulnerabilities?

50% money back guarantee. If our scan finds zero security issues, you get half your money back.

Is there a free pentesting option?

Yes. SableOffensive offers a free security headers scan at sable.somoswilab.com/free-scan. It instantly checks your website for 8 critical security headers (HSTS, CSP, X-Frame-Options, and more) and gives you an A-F grade with copy-paste fixes. No signup or payment required.

Can I get a free vulnerability scan?

Our free security headers check scans your website instantly and grades your security posture. For a deeper free assessment, contact us — we occasionally offer complimentary scans for early-stage startups and open source projects.

Gitea Container Registry Flaw Left 30,000 Private Image Repositories Wide Open for 4 Years

What Happened

For close to four years, every self-hosted Gitea instance with a private container registry had a gaping hole in its access controls: any person on the internet could pull private container images without an account, a password, or any credentials at all. The flaw, tracked as CVE-2026-27771, was disclosed on May 27, 2026, by NoScope, which estimates it affected more than 30,000 deployments across over 30 countries. The Hacker News confirmed the disclosure the same day, noting the vulnerability went undetected for close to four years.

A separate but related vulnerability, CVE-2026-20912 (CVSS 9.1), was disclosed earlier in January 2026. That flaw allowed authenticated users to link attachments from private repositories to public releases, effectively smuggling sensitive files past access controls. CVE Feed scored it 9.1 (CRITICAL). Both were fixed — CVE-2026-20912 in Gitea 1.25.4, CVE-2026-27771 in 1.26.2 — but the window of exposure stretches back years for most instances.

Technical Analysis

The root cause of CVE-2026-27771 is straightforward: when the Gitea container registry was configured to mark a repository as "private," the access control check was never actually enforced against unauthenticated requests. The private designation on a container repository did not deliver the protection operators reasonably expected. An unauthenticated HTTP request to pull an image succeeded exactly as if the repository were public.

This was not a misconfiguration. NoScope reproduced the bug on a default Gitea installation with a typical configuration. There is no evidence of a config toggle that was overlooked. The permission model in the container registry module simply failed to gate image pulls behind authentication.

CVE-2026-20912 is a different class of flaw: Gitea did not validate repository ownership when linking attachments to releases. An attacker with a low-privileged account could link a file uploaded to a private repository into a release on a different, public repository, making the attachment downloadable by anyone. The fix in 1.25.4 added strict ownership checks for release asset linking.

Who's Affected

NoScope's扫描 found the highest concentration of exposed instances in China, the United States, Germany, France, and the United Kingdom. Affected organizations included healthcare providers, aerospace manufacturers, retail infrastructure companies, and internet service providers. Any sector running Gitea with its built-in container registry and marking images as private was potentially exposed.

The impact of a leaked container image extends far beyond source code. A container image is a complete snapshot of a production environment: application code, dependencies, configuration files, and — all too often — hard-coded database credentials, API keys, internal service endpoints, TLS certificates, and environment variables pointing at production infrastructure. In many organizations, the image is effectively a blueprint of how production is wired together.

Forks of Gitea are also at risk: Forgejo has been confirmed vulnerable. Operators of any Gitea derivative should verify with their respective maintainers whether a patch has been backported.

How to Protect Yourself

1. Update Gitea to version 1.26.2 immediately — this patches CVE-2026-27771. If you also need the CVE-2026-20912 fix, ensure you are on at least 1.25.4 (1.26.2 includes both).

2. If you can't patch right now, apply the workaround: set [service].REQUIRE_SIGNIN_VIEW=true in your Gitea configuration file. This forces authentication for all registry access. Note: this is not suitable if you intentionally expose some container images publicly, as it will block all unauthenticated pulls.

3. Audit your container images for embedded secrets. Assume any image hosted on Gitea prior to patching may have been accessed. Rotate database credentials, API keys, TLS certificates, and any other secrets that were baked into images.

4. Scan your container registry pull logs. Look for unexpected anonymous pulls of private images dating back months or years. This is the only way to determine if the flaw was actively exploited before disclosure.

5. Review your secrets management pipeline. No secret should live inside a container image in the first place. Use runtime secret injection (Kubernetes secrets, HashiCorp Vault, cloud-native secret managers) rather than baking credentials into images at build time.

The Sable Angle

This is exactly the class of vulnerability that Sable's offensive team finds during infrastructure assessments — not through automated scanning alone, but by systematically exercising the access model from every angle the surface supports. The Gitea container registry flaw lived in a feature that "behaved exactly as documented" and drew no attention on a casual review. It took a methodology that tests assumptions, not just endpoints.

We have tracked similar registry and supply-chain exposures in our research on multi-ecosystem supply chain attacks and self-propagating npm worms. The pattern is consistent: the weakest link is rarely the encryption or the firewall. It is the access control that everyone assumed was working.

If your team runs Gitea, Forgejo, or any self-hosted container registry, book a pentest and let us find the gaps before someone else does.