Skip to main content
In addition to your source code, you can upload supplementary files that help Mjolnir understand your application’s architecture, data model, and intended behaviour. The more context Mjolnir has, the more targeted and accurate the assessment will be.

What to upload

Accepted formats: .pdf, .md, .txt, .docxAny documentation that describes your application’s architecture, data flows, or infrastructure topology. This helps Mjolnir understand the relationship between components, which is especially useful for microservice architectures where the attack surface spans multiple services.
Accepted formats: .json, .yaml, .pdf, .mdA description of your application’s roles and what each one can and cannot do. This directly improves the quality of privilege escalation tests. Mjolnir can check whether every boundary in your permission model is actually enforced.Examples:
  • A table showing which roles can access which endpoints
  • A RBAC/ABAC configuration file
  • A narrative description of your permission model
Accepted formats: .pdf, .png, .mdDescriptions or diagrams of the key user flows in your application: signup, checkout, approval workflows, data export, etc. This helps Mjolnir prioritise which flows carry the most business risk.
Anything else you think would help. When in doubt, include it. Mjolnir will use what’s relevant and ignore what isn’t.

Upload instructions

Drag and drop files onto the upload area, or click to open a file picker. Each uploaded file will show its name, detected type, and file size. You can remove any file before proceeding.

Next: Domain Verification

Verify you own the domains you’re testing