What is Agent-as-a-Service pentesting?

Agent-as-a-Service (AaaS) pentesting lets you chat with autonomous pentesting agents that scan your application on demand. Instead of waiting weeks for a manual engagement, you talk to specialized agents — pen-scout (recon and surface mapping), pen-recon (deeper enumeration), pen-triage (validates and prioritizes findings), pen-fixer (remediation guidance), and pen-compliance (OWASP/standards mapping). Findings are validated with proof-of-concept and re-test, not just flagged. You start with 150 free credits, no credit card.

What are credits and how do they work?

Credits are how you run agent scans. Each scan or agent action consumes credits based on its depth. New accounts get 150 free credits with no card required. After that you can buy one-time credit packs ($29, $79, or $199) for pay-as-you-go use, or subscribe to a monthly tier ($49, $149, or $399/mo) for continuous, on-demand pentesting. The agents pen-scout, pen-recon, pen-triage, pen-fixer and pen-compliance all draw from the same credit balance.

Yes. Every new account gets 150 free credits with no credit card required — enough to chat with the pentesting agents and run real scans against your app. There is also a free security headers scan at sable.somoswilab.com/free-scan and a sample report at sable.somoswilab.com/sample-report. The free tier runs on OpenRouter models so you can evaluate the autonomous agents before paying.

What is penetration testing for startups?

Penetration testing (pentesting) is a simulated cyberattack against your application to find security vulnerabilities before real attackers do. For startups, we focus on the issues that matter most at your stage: authentication flaws, data exposure, API security, and common mistakes in modern stacks like Next.js, Supabase, and Firebase.

How much does a pentest cost?

Traditional pentests cost $10,000-$50,000+. SableOffensive starts at $29 for a Pre-Launch Check covering OWASP Top 10 and secrets detection. Founder Shield ($79) adds IDOR testing, auth bypass, and a debrief call. Scale Secure ($199) is a full-scope assessment. Every plan includes a professional report with remediation steps.

How long does a security scan take?

Pre-Launch Check reports are delivered within 24-48 hours. Founder Shield and Scale Secure may take 2-3 business days depending on the complexity of your application.

What do I need to provide?

At minimum, just your application URL. For more comprehensive testing, we may ask for staging credentials, API documentation, or GitHub repository access. We sign NDAs for all engagements.

What is OWASP Top 10?

OWASP Top 10 is the industry standard list of the most critical web application security risks. It includes injection attacks, broken authentication, cross-site scripting (XSS), server-side request forgery (SSRF), and security misconfigurations. Every SableOffensive assessment tests against the full OWASP Top 10.

Do you test AI-generated code?

Yes. Code generated by AI tools like Cursor, GitHub Copilot, and v0 often contains subtle security issues: hardcoded secrets, missing input validation, insecure API patterns, and overly permissive access controls. We have specific testing procedures for AI-generated codebases.

How do you secure Supabase and Firebase apps?

For Supabase, we audit Row Level Security (RLS) policies, test for direct table access, and check for exposed service keys. For Firebase, we review security rules, test Firestore/RTDB access patterns, and check Cloud Functions for vulnerabilities.

What if you find zero vulnerabilities?

50% money back guarantee. If our scan finds zero security issues, you get half your money back.

Is there a free pentesting option?

Yes. SableOffensive offers a free security headers scan at sable.somoswilab.com/free-scan. It instantly checks your website for 8 critical security headers (HSTS, CSP, X-Frame-Options, and more) and gives you an A-F grade with copy-paste fixes. No signup or payment required.

Can I get a free vulnerability scan?

Our free security headers check scans your website instantly and grades your security posture. For a deeper free assessment, contact us — we occasionally offer complimentary scans for early-stage startups and open source projects.

TeamPCP Breaches GitHub: 3,800 Internal Repos Exfiltrated via Poisoned VS Code Extension

What Happened

On May 20, 2026, GitHub confirmed that approximately 3,800 internal repositories were accessed and exfiltrated by the hacking group TeamPCP — not through a sophisticated zero-day or cloud misconfiguration, but through a single employee's installation of a poisoned Visual Studio Code extension. According to The Hacker News, the attacker gained access to the employee's device, harvested GitHub authentication tokens stored in the development environment, and used those tokens to clone internal repositories at scale. TeamPCP subsequently listed the stolen source code and internal organization data for sale on underground forums, forcing GitHub's hand in confirming the breach publicly.

Technical Analysis

The attack chain is a textbook example of supply chain compromise meeting insider access. BleepingComputer's investigation reconstructed the timeline: the malicious VS Code extension was installed on a GitHub employee's workstation, where it harvested stored credentials — including GitHub Personal Access Tokens (PATs) and SSH keys — from the local environment. Those tokens were then used to authenticate against GitHub's internal API and clone repositories the employee had access to, which numbered in the thousands given their role within the organization.

Phoenix Security's analysis identified this as "Wave Four" of the TeamPCP campaign, which has been active for nine weeks and previously targeted PyPI packages and the DurableTask framework. The group's playbook is consistent: compromise developer tooling, steal tokens from the development environment, and use legitimate access to exfiltrate at scale. The poisoned extension technique is identical to what was used in the Nx Console compromise just days earlier, suggesting either the same actors or a rapidly proliferating attack pattern.

Who's Affected

While GitHub has not disclosed the full scope of what was in the 3,800 repositories, the implications are significant. Internal repositories at a company like GitHub can contain source code, internal tooling, security configurations, API keys, and architectural documentation. SecurityWeek reported that GitHub stated customer data and production systems were not directly impacted, but the theft of internal source code creates long-term risk: attackers can analyze the code for undisclosed vulnerabilities, hardcoded credentials, or architectural weaknesses to plan future attacks. The breach also raises questions about GitHub's own internal security posture — if a single compromised employee device can expose 3,800 repos, the principle of least privilege may not have been adequately enforced.

This breach also has downstream implications for GitHub's customers. If internal CI/CD configurations or deployment scripts were among the exfiltrated data, attackers could identify weaknesses in how GitHub itself builds and ships software — knowledge that could be turned into future supply chain attacks against GitHub's own infrastructure or that of its enterprise customers.

How to Protect Your Organization

The GitHub breach is a wake-up call for any organization that stores code, credentials, or infrastructure secrets in developer environments. Here's what security teams should do now:

Audit VS Code extensions: Inventory all extensions installed across your development team. Remove any that aren't from verified publishers or that haven't been updated recently. Prefer extensions with open-source code that can be audited.

Enforce token scoping and rotation: Ensure all GitHub PATs and OAuth tokens follow the principle of least privilege. Rotate all tokens immediately if there's any chance they were exposed. Use fine-grained PATs instead of classic tokens wherever possible.

Implement device-level security for developers: Developer workstations are high-value targets. Enforce endpoint detection and response (EDR), application whitelisting, and browser/extension isolation on any machine with access to production code.

Monitor for anomalous repository access: Set up alerts for unusual cloning patterns, access from new IP addresses, or bulk repository operations — especially from service accounts or employee tokens.

Adopt a zero-trust model for internal repos: Not every employee needs access to every repository. Regularly audit repository permissions and remove access that's no longer needed. The blast radius of this breach was directly proportional to how many repos the compromised employee could reach.

The Sable Angle

The TeamPCP GitHub breach and the Nx Console compromise in the same week underscore a trend we've been tracking: the developer toolchain is the new attack surface. At Sable, our red team engagements consistently find that developer workstations, IDE extensions, and CI/CD pipelines are the weakest links in otherwise well-defended organizations. We wrote about this pattern in our research on vulnerabilities in startup development workflows, and it's only accelerating in 2026.

Our offensive security team simulates exactly these attack chains — from poisoned extensions to token harvesting to lateral movement through internal tooling. If your organization stores critical IP in GitHub, GitLab, or any code hosting platform, our penetration testing and red team services can identify where a single compromised developer could become the entry point for a breach affecting your entire codebase. The cost of finding that gap before TeamPCP does is a fraction of what 3,800 stolen repositories costs GitHub.