AI Features

RTFMv2 includes AI-assisted workflows in the desktop client. Use AI Chat for interactive help and use the focused AI agents when you want a structured workflow for web UI testing, web API testing, or Active Directory enumeration.

The AI features use the AI profiles configured in the client. Profiles can point to OpenAI-compatible endpoints, Ollama, or LM Studio, depending on how your workstation is configured.

Configure AI Profiles

  1. Open the client.
  2. Go to File -> AI Settings.
  3. Expand the provider you want to use.
  4. Enable the provider.
  5. Enter the URL, API key if required, default model, and instruction model if you use one.
  6. Click Test Connection.
  7. Click Save Settings.

The AI agent windows also show an AI Configuration section. Select the profile you want the agent to use before running a task.

AI Chat

Open Tools -> AI Agent/Chat when you want an interactive assistant that can help interpret results, suggest next steps, draft commands, or summarize session context.

Useful prompts:

Explain the Nmap results for 10.10.10.25.
What should I enumerate next for this SMB service?
Summarize the critical findings in this session.
Help me turn this evidence into a finding description.

Use AI output as guidance. Review generated commands before running them, especially when they affect production systems or authenticated sessions.

AI Web Agent

Open Tools -> AI Web Agent for web application UI testing. This workflow is designed for authenticated browser-driven testing where the agent can work from captured pages, cookies, headers, forms, and selected targets.

Web Agent Workflow

  1. Open Tools -> AI Web Agent.
  2. Select an AI profile.
  3. Enter a prompt that describes the target and testing goal.
  4. Add any session accounts, cookies, wordlists, brute-force password lists, or ZAP connection details needed for the test.
  5. If the app requires login or SSO, use Proxy Capture to capture a manual browser flow.
  6. Load captured pages, select the pages to test, and run the selected workflow.
  7. Review the output tabs for summary, findings, cookies, headers, HTML/JS, parameters, subdomains, SQLi, LFI, fuzzing, file upload, XSS, scanner results, evidence, and the audit log.

Proxy Capture

The Web Agent includes a Burp-style proxy capture workflow:

  1. Set the listen host and port.
  2. Optionally enable the proxy Web UI.
  3. Set scope hosts to keep capture focused.
  4. Start the proxy.
  5. Configure your browser to use the proxy.
  6. Browse the application and complete login or other manual flows.
  7. Stop the proxy, then load captured pages into the test list.

The proxy capture path is useful when automated testing needs the same authenticated context you created manually in the browser.

AI Web API Agent

Open Tools -> AI API Agent for API-focused testing. The API Agent normalizes imported API definitions and requests into one operation list, then runs selected test categories against those operations.

Supported Inputs

  • OpenAPI or Swagger files
  • HAR files
  • Raw HTTP request files
  • Raw HTTP text pasted directly into the import box

API Agent Workflow

  1. Open Tools -> AI API Agent.
  2. Select an AI profile.
  3. Import OpenAPI, HAR, raw HTTP file, or pasted raw HTTP text.
  4. Set a base URL override if the imported requests use relative paths.
  5. Add session credentials, cookies, authorization header, API key header, API key value, or ZAP connection settings.
  6. Select the task categories to run.
  7. Click Run.
  8. Review the target list, findings, evidence, generated report output, and audit log.

Task Categories

  • SQLi: SQL injection testing against API parameters and bodies.
  • Fuzzing: Parameter and path fuzzing.
  • File Upload: File-upload behavior checks where relevant endpoints exist.
  • Scanner: Scanner-backed API checks, including ZAP workflows when configured.
  • Auth/AuthZ Replay: Replay requests across provided accounts or auth material to look for authorization issues.
  • Generate Report: Produce a structured summary from the run.

AI Active Directory Agent

Open Tools -> Active Directory -> AI AD Agent for AI-assisted Active Directory enumeration.

AD Agent Workflow

  1. Open Tools -> Active Directory -> AI AD Agent.
  2. Select an AI profile.
  3. Enter the domain and domain controller IP.
  4. Add a username and password, or provide an NTLM hash.
  5. Enable Null Session only when you intentionally want unauthenticated checks.
  6. Enter a prompt that describes the enumeration goal.
  7. Click Run.
  8. Review the result tabs for live feed, summary, OUs, users, groups, computers, advanced data, Kerberos, AD CS, findings, and the audit log.

Credentials improve LDAP and Kerberos coverage. AD CS checks remain opt-in through the agent workflow and related Active Directory tools.

Audit Logs

Each agent run writes a detailed audit trail. Review the audit log after each run to understand:

  • The prompt and selected AI profile
  • Commands or tools selected by the workflow
  • AI decisions and reasoning
  • Retries, failures, and user prompts
  • Evidence and findings generated during the run

Audit logs are important when you need to explain how a result was produced or validate that the agent stayed within scope.

Best Practices

  • Keep the session scope accurate before using an agent.
  • Prefer explicit prompts, such as test authenticated upload workflow for http://target/app.
  • Add credentials, cookies, headers, and API keys in the session/options panels instead of embedding secrets in prompts.
  • Review commands, findings, and evidence before relying on them.
  • Use local AI providers for sensitive engagements when client data cannot leave the workstation.
  • Save or export the audit log when the agent output supports a report finding.