Pentest Exploit Validation

Purpose

Validate vulnerability findings through proof-driven exploitation using Shannon's 4-level evidence system. Consumes the exploitation queue from white-box code review, attempts structured exploitation with bypass exhaustion, collects mandatory evidence per vulnerability type, and classifies each finding as EXPLOITED, POTENTIAL, or FALSE_POSITIVE.

Prerequisites

Authorization Requirements

• Written authorization with explicit scope for active exploitation testing
• Exploitation queue JSON from pentest-whitebox-code-review output
• Test accounts at multiple privilege levels for authz testing
• Data exfiltration approval — confirm acceptable proof-of-concept scope
• Rollback plan for any data-mutating exploits