Skip to main content
This guide covers everything you need to install and configure Shannon for autonomous penetration testing.

​
System Requirements

Docker

Container runtime for Shannon’s isolated environment

AI Provider Credentials

Anthropic API key, AWS Bedrock, or Google Vertex AI

Disk Space

Minimum 5GB for containers and audit logs

Network Access

Internet connection for AI API calls and security tools

​
Prerequisites

​
Docker Installation

Shannon requires Docker to run its containers. Install Docker for your platform:
Download and install Docker Desktop for Mac.
# Verify installation
docker --version
docker compose version
Shannon works out of the box on macOS with Docker Desktop installed. No additional configuration needed.

​
AI Provider Credentials

Shannon requires access to Claude models. Choose one of the following options:
Get your API key from the Anthropic Console:
  1. Create an Anthropic account
  2. Navigate to API Keys section
  3. Generate a new API key
  4. Copy the key (starts with sk-ant-api03-...)
Anthropic offers pay-as-you-go pricing. A typical Shannon pentest costs approximately $50 USD using Claude 4.5 Sonnet.

​
Installation Steps

1

Clone Shannon

Clone the Shannon repository from GitHub:
git clone https://github.com/KeygraphHQ/shannon.git
cd shannon
2

Configure Credentials

Create a .env file with your API credentials:
cp .env.example .env
Edit .env and add your credentials:
.env
# Anthropic API Key (recommended)
ANTHROPIC_API_KEY=your-api-key-here

# Recommended for larger tool outputs
CLAUDE_CODE_MAX_OUTPUT_TOKENS=64000
Shannon uses three model tiers:
  • Small (Haiku) β€” Summarization and lightweight tasks
  • Medium (Sonnet) β€” Security analysis and vulnerability detection
  • Large (Opus) β€” Deep reasoning and complex exploit chains
3

Prepare Target Repository

Shannon expects repositories under the ./repos/ directory:
# Clone your target application
git clone https://github.com/your-org/your-app.git ./repos/your-app

# Standard single-repo application
git clone https://github.com/your-org/app.git ./repos/app
White-box testing only. Shannon requires access to your application’s source code. It analyzes code to intelligently guide attack strategies.
4

Verify Installation

Test that Shannon is properly configured:
# Start Shannon and check for errors
./shannon start URL=https://example.com REPO=your-app
You should see:
Starting Shannon containers...
Waiting for Temporal to be ready...
Temporal is ready!

πŸš€ Pentest workflow started
Workflow ID: example.com_shannon-1234567890
The first run downloads Docker images (approximately 2GB). Subsequent runs start almost instantly.
Stop the test workflow:
./shannon stop

​
Configuration Files

​
Environment Variables Reference

Shannon supports multiple configuration options via .env:
.env
# === Core Configuration ===
ANTHROPIC_API_KEY=your-api-key-here
CLAUDE_CODE_MAX_OUTPUT_TOKENS=64000

# === Model Tier Overrides ===
# ANTHROPIC_SMALL_MODEL=claude-haiku-4-5-20251001
# ANTHROPIC_MEDIUM_MODEL=claude-sonnet-4-6
# ANTHROPIC_LARGE_MODEL=claude-opus-4-6

# === AWS Bedrock ===
# CLAUDE_CODE_USE_BEDROCK=1
# AWS_REGION=us-east-1
# AWS_BEARER_TOKEN_BEDROCK=your-bearer-token

# === Google Vertex AI ===
# CLAUDE_CODE_USE_VERTEX=1
# CLOUD_ML_REGION=us-east5
# ANTHROPIC_VERTEX_PROJECT_ID=your-gcp-project-id
# GOOGLE_APPLICATION_CREDENTIALS=./credentials/gcp-sa-key.json

# === Router Mode (Experimental) ===
# OPENAI_API_KEY=sk-...
# ROUTER_DEFAULT=openai,gpt-5.2

​
Testing Configuration (Optional)

Create a YAML configuration file for advanced testing scenarios: 
cp configs/example-config.yaml configs/my-app.yaml
Example configuration with authentication:
configs/my-app.yaml
authentication:
  login_type: form
  login_url: "https://your-app.com/login"
  credentials:
    username: "[email protected]"
    password: "yourpassword"
    totp_secret: "LB2E2RX7XFHSTGCK"  # Optional 2FA

  login_flow:
    - "Type $username into the email field"
    - "Type $password into the password field"
    - "Click the 'Sign In' button"
    - "Enter $totp in the verification code field"
    - "Click 'Verify'"

  success_condition:
    type: url_contains
    value: "/dashboard"

rules:
  avoid:
    - description: "Skip logout functionality"
      type: path
      url_path: "/logout"

  focus:
    - description: "Prioritize API endpoints"
      type: path
      url_path: "/api"
Use the config when starting Shannon: 
./shannon start URL=https://your-app.com REPO=your-app CONFIG=./configs/my-app.yaml
Shannon supports TOTP 2FA authentication automatically. Just add your totp_secret to the config β€” Shannon will generate codes during testing.

​
Platform-Specific Notes

​
macOS

  • Works out of the box with Docker Desktop
  • Access Temporal UI at http://localhost:8233
  • No additional configuration needed

​
Linux

  • May require sudo for Docker commands (or add user to docker group)
  • Ensure Docker daemon is running: sudo systemctl start docker
  • If output files have permission issues, verify Docker user has write access

​
Windows (WSL2)

  • Must use WSL2 β€” native Windows is experimental
  • Clone Shannon inside WSL filesystem (not /mnt/c/...)
  • Access Temporal UI at http://<wsl-ip>:8233 (find IP with ip addr)
  • Windows Defender may flag exploit reports β€” add exclusion

​
Testing Local Applications

Docker containers can’t reach localhost on your host. Use host.docker.internal: 
# WRONG: Shannon can't reach localhost:3000 from inside Docker
./shannon start URL=http://localhost:3000 REPO=app

# CORRECT: Use special DNS name for host machine
./shannon start URL=http://host.docker.internal:3000 REPO=app

​
Troubleshooting Installation

Problem: ERROR: Repository not found at ./repos/my-repoSolution: REPO must be a folder name inside ./repos/, not an absolute path:
# Clone your repo into ./repos/
git clone https://github.com/org/repo.git ./repos/my-repo

# Then use just the folder name
./shannon start URL=https://example.com REPO=my-repo
Problem: Timeout waiting for TemporalSolution:
# Check container status
docker compose ps

# View Temporal logs
docker compose logs temporal

# Reset and retry
./shannon stop CLEAN=true
./shannon start URL=https://example.com REPO=repo-name
Problem: Workflow starts but no progress is madeSolution:
# Check worker logs
docker compose logs worker

# Restart worker container
docker compose restart worker
Problem: permission denied when creating output filesSolution:
# Ensure audit-logs is writable
chmod 777 ./audit-logs

# Linux: Add user to docker group
sudo usermod -aG docker $USER
newgrp docker
Problem: ERROR: Set ANTHROPIC_API_KEY in .envSolution: Create .env file with your credentials:
echo "ANTHROPIC_API_KEY=your-key-here" > .env

​
Next Steps

Quick Start Guide

Run your first pentest in 5 minutes

Configuration Guide

Set up authentication and testing rules

CLI Reference

Learn all available commands and options

Troubleshooting

Solve common issues and errors
Security Reminder: Shannon actively executes exploits. Always test on sandboxed, staging, or local development environments β€” never on production systems.

Build docs developers (and LLMs) love

Get started for freeTalk to us