Cross-Agent Correlation
The Correlation Advantage
The most valuable findings in a penetration test are often not individual vulnerabilities but combinations of vulnerabilities that create attack paths no single tool or analyst would discover alone. Cross-agent correlation is the process by which P4L4D1N's specialist agents, through the blackboard pattern, produce discoveries that emerge only from their collaboration.
A scanner that finds an open Redis port reports "port 6379 open." An agent that finds an IDOR on a user profile endpoint reports "IDOR on /api/users/:id." But when the Infrastructure Agent's Redis finding and the API Agent's IDOR finding are both on the blackboard, the Exploit Chain Agent (or an observant specialist on a subsequent loop) can connect them: "Unauthenticated Redis access exposes session tokens, and IDOR on the user endpoint provides email addresses for targeted session hijacking — combined severity is Critical."
This section explains how cross-agent correlation works, what types of correlated findings emerge, and why they represent the highest value in agentic pentesting.
How Correlation Happens
Cross-agent correlation occurs through three mechanisms:
1. Lead-Driven Investigation
The most direct form of correlation happens when one agent posts a lead and another agent investigates it. The Infrastructure Agent finds an open service and posts a lead to the API Agent. The API Agent investigates and discovers that the open service exposes sensitive data. The resulting finding credits both agents and describes the full attack path.
Lead-driven correlation is deterministic: an agent explicitly identifies a cross-domain issue and requests investigation. The quality of leads depends on each agent's awareness of other domains — which is why the Web Agent's system prompt instructs it to "post leads to other agents when you find cross-domain issues."
2. Blackboard Reading
Every agent reads the full blackboard on each loop iteration. This means agents see findings from all other agents, not just leads addressed to them. A perceptive agent may notice a pattern that the original finding's author did not.
For example, the Crypto Agent posts a finding about weak JWT signing (HS256 with a short key). The Auth Agent, reading the blackboard, notices this finding alongside its own discovery that the password reset endpoint does not validate the JWT audience claim. The Auth Agent combines these into a higher-severity finding: "Weak JWT signing combined with missing audience validation enables cross-service token forgery."
Blackboard reading is opportunistic: agents may or may not notice relevant findings from other specialists. This is why the multi-pass loop architecture matters — more iterations mean more chances for agents to cross-reference each other's work.
3. Exploit Chain Analysis (Blitz Only)
The Exploit Chain Agent exists solely to perform correlation. It does not produce its own findings from Phase 1 data. Instead, it reads the entire blackboard and systematically searches for multi-step attack paths by combining findings from different agents.
This agent is the most powerful correlation mechanism because it is specifically trained to think in chains: "If A and B are both true, can C happen? If the attacker first exploits X, does Y become reachable? What is the maximum impact if all these findings are chained together?"
Common Correlation Patterns
Certain combinations of agent findings frequently produce correlated discoveries:
Infrastructure + API
Open services found by the Infrastructure Agent often have implications for API security. An open database port combined with an API endpoint that constructs queries from user input can elevate a medium SQL injection to a critical data breach path. An open metrics endpoint combined with API rate limiting bypass can enable resource exhaustion attacks.
Web + Auth
Web vulnerabilities and authentication weaknesses frequently chain together. XSS combined with session cookie misconfiguration (missing HttpOnly flag) enables session hijacking. CSRF combined with a privilege escalation path enables administrative action as an unprivileged user. Reflected input combined with OAuth redirect manipulation enables account takeover.
Code + Crypto
Source code findings and cryptographic weaknesses compound each other. A hardcoded encryption key found by Gitleaks combined with weak cipher usage found by the Crypto Agent means encrypted data is trivially decryptable. A Semgrep finding about insecure random number generation combined with a TestSSL finding about predictable session identifiers confirms that session hijacking is practical.
Supply Chain + Infrastructure
Vulnerable dependencies found by the Supply Chain Agent combined with infrastructure exposure found by the Infrastructure Agent create compound risk. A known RCE CVE in a framework combined with the framework being accessible on a public port means the RCE is exploitable from the internet. A vulnerable client-side library combined with missing CSP headers means the library's vulnerability is directly exploitable.
Business Logic + Multiple Domains
Business logic flaws are the most potent correlation targets because they represent how the application should work, not just what vulnerabilities exist. A race condition found by the Business Logic Agent combined with a payment endpoint found by the API Agent and a missing CSRF token found by the Web Agent creates a complex attack: "Race condition in payment processing, accessible via CSRF, enables double-charging or free orders."
Severity Escalation
Correlated findings almost always have higher severity than their individual components. This is because:
- Exploitability increases — A vulnerability that requires a precondition (such as network access or authenticated session) becomes more exploitable when another finding provides that precondition.
- Impact increases — Chaining two medium-impact findings often produces a high or critical-impact attack path because the chain reaches deeper into the application.
- Realism increases — A multi-step attack path that mirrors how a real attacker would operate is more compelling to stakeholders than an isolated theoretical vulnerability.
The CVSS scoring for correlated findings should reflect the complete chain. If step 1 requires network access (AV:N) and step 2 requires authenticated access (PR:L), but step 1 provides the credentials for step 2, the chain's CVSS should use PR:N because the attacker starts from an unauthenticated position.
Interpreting Correlated Findings in Reports
Correlated findings in TurboPentest reports are identifiable by:
- Multiple source agents — The finding description references discoveries from two or more agents.
- Chain descriptions — The proof section describes a multi-step attack path rather than a single exploit.
- Elevated severity — The severity is higher than any individual component would warrant alone.
- Cross-references — The finding explicitly references other findings by title or vulnerability type.
When reviewing a pentest report, correlated findings deserve the most attention. They represent the highest-value discoveries and the attack paths most likely to be exploited by real adversaries who, like P4L4D1N agents, combine multiple weaknesses into effective attacks.
Why This Only Works with Multiple Agents
A single generalist agent can, in theory, find correlations within its own analysis. But in practice, the depth required to find individual vulnerabilities and the breadth required to correlate them across domains exceed what a single agent can achieve in a single context. Specialist agents go deep enough to find subtle issues; the blackboard and lead system provide the breadth to connect them.
This is the fundamental argument for multi-agent pentesting: the system produces findings that no individual agent — and no individual tool — could produce alone. Cross-agent correlation is where agentic pentesting delivers its greatest value over traditional approaches.