brink.
quickstart · ~10 min

From staging URL to first confirmed exploit.

The path of least resistance. Designed to land in your inbox before you finish your coffee.

Prerequisites

  • A staging environment we can reach over the public internet, or via a wireguard config you provide.
  • An OpenAPI 3.x spec or a recorded .har file describing the surface. Either works; both is better.
  • 2–4 synthetic user accounts with credentials we can capture. Do not use real customer accounts.
  • The email you used to request access approved by us (usually same day).
why staging, not prod
Brink is configured against staging by default — we don't ship destructive verbs, but autonomous attackers are still autonomous. Prod targets are unlocked per project once you've shipped your first 14 days of findings.

1 · Point us at staging

From the dashboard, hit /projects/new. Give the project a slug, paste your base URL, and pick the environment. Slugs are lowercase, 1–48 chars; we use them in URLs and CI hooks.

brink cli# same as the dashboard form, scriptable
brink project create \
  --slug acme-api \
  --name "acme api" \
  --base-url https://api.staging.acme.dev \
  --env staging

2 · Set scope

Scope is the contract between you and the agent fleet. Anything not in scope, we don't touch. The defaults are sensible (no write verbs, 60 req/min, no admin paths), but you'll almost always tighten the path list and bump the rate.

scope.yamlbase_url: https://api.staging.acme.dev
allowed_paths:
  - /v1/users/*
  - /v1/orgs/*
  - /v1/billing/*
blocked_paths:
  - /v1/internal/*
  - /v1/admin/*
blocked_methods: [DELETE, PUT]
max_requests_per_minute: 240
scope is enforced at the proxy
Even if an agent reasons its way into a blocked path, the scope proxy refuses to forward the request. The agent gets a 403 from us, never your origin.

Synthetic accounts

Upload at least two accounts so we can probe for IDOR / authz crossings. We capture each account's bearer token (or session cookie) once and replay it from inside the proxy — your origin only ever sees its own credentials.

brink clibrink scope account add \
  --project acme-api \
  --label "tenant-a" \
  --token "$(cat ./fixtures/tenant-a.bearer)"

3 · The first 24 hours

Once scope and accounts are in, the recon agent wakes up immediately. The first thing you'll see is hypotheses fading into the /ops feed — guesses about where the interesting attack surface lives. Confirmed exploits arrive over the next 14 minutes to 24 hours depending on your surface area.

  • ~14m: the first hypothesis confirms. Severity is whatever the validator measures, not the agent's guess.
  • ~1h: coverage report shows what we tried (and skipped).
  • ~24h: 80% of the "easy" surface is mapped. Agents settle into a tighter probing loop on the harder paths.
  • day 3+: agents start chaining primitives — an info leak feeds an IDOR feeds a takeover.

What to do next

When your first confirm hits, the inbox row will have a reproducible curl, a captured response, a suggested patch, and (once you've connected GitHub) an open PR against the offending repo. Read the concepts page next if you want to know how any of that is wired.