Skip to main content
Mjolnir is Borg Security’s agentic AI pentest engine. It reads your source code, maps your application’s attack surface, generates targeted test cases, and executes them autonomously, from end to end.

What makes it whitebox

Traditional automated scanners probe your application from the outside. Mjolnir starts from the inside, reading your source code to understand your routes, authentication flows, data models, and business logic before it ever sends a single request. This means it finds vulnerabilities that black-box tools miss: logic flaws, broken access controls, misconfigured authorisation chains, and authentication bypasses that only make sense once you understand the code behind them.

How a run works

1

Code analysis

Mjolnir reads the repositories you’ve connected, builds a map of your routes, middleware, data models, and authentication boundaries.
2

Reconnaissance

Mjolnir crawls your application and cross-references what it finds with the code map to build a complete picture of the attack surface.
3

Attack queue creation

Based on the attack surface, Mjolnir generates targeted test cases for each vulnerability category and queues them for execution.
4

Exploitation

Test cases are executed against your target URLs. Mjolnir generates its own user contexts as it explores, so you don’t need to supply test accounts.
5

Reporting

Confirmed findings are written up with severity ratings, reproduction steps, and suggested fixes, then pushed straight to your issue tracker if you have one connected.
Mjolnir run dashboard showing live progress of a pentest run

What Mjolnir tests for

Mjolnir generates test cases across a broad range of vulnerability categories, including:

Authentication

Login bypasses, weak credential policies, session fixation, token leakage, and insecure password reset flows.

Authorisation

Privilege escalation (vertical and horizontal), broken access controls, IDOR, and missing function-level checks.

Injection

SQL injection, NoSQL injection, command injection, SSTI, and other server-side injection vectors.

Data exposure

Sensitive data in responses, overly permissive API fields, PII leaks, and missing data redaction.

Test users

Mjolnir generates the user accounts and authentication contexts it needs on its own as it explores your application. For most applications, you don’t need to provide test users. For enterprise customers with complex multi-step authentication flows — for example, multi-tenant onboarding sequences or workflows requiring a specific sequence of API calls — Borg’s senior security engineers can manually inspect the application and prepare a tailored Mjolnir configuration that captures those flows. Contact us at [email protected] if you need this. Self-serve test-user supply for client-supplied accounts is coming. We’ll update these docs when it ships.

Pricing

Your Borg subscription covers the full Odin platform: continuous asset discovery, findings management, issue tracker integration, and reporting. Mjolnir is billed separately as security minutes, either on a Startup or Business tier or as part of an enterprise contract. If a Mjolnir run completes without confirming any vulnerabilities, you don’t pay for it. See Billing for tier details and how to activate.

Setting up a run

A Mjolnir run is configured through a five-step wizard:
StepWhat you do
1. Connect GitHubGrant Mjolnir read access to your repositories
2. Scope & ConnectivityDefine target URLs and verify Mjolnir can reach them
3. Code & DocumentationSelect repos and upload supporting files
4. PricingChoose your Mjolnir tier and confirm payment, if needed
5. Review & Verify DomainReview configuration and prove domain ownership
Drafts auto-save as you work, so you can come back to a setup at any time.

Start setup: Connect GitHub

Begin the Mjolnir setup wizard