mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-02 17:45:46 +02:00
v3.5.5 — cloud infrastructure testing + REPL polish
Cloud testing: - +17 cloud agents (agents_md/infra/) for AWS/GCP/Azure: IAM/RBAC privesc, storage exposure (S3/GCS/Blob), compute & network exposure + IMDS, secrets (Secrets Manager / Secret Manager / Key Vault), SA/SP key abuse, Entra ID enum, and a multi-cloud footprint/identity recon agent. Library 348 -> 365. - creds.yaml gains aws:/gcp:/azure: blocks (Creds::cloud). The harness exports provider env vars (AWS_*, GOOGLE_APPLICATION_CREDENTIALS, AZURE_* SP) so aws/gcloud/az authenticate automatically, and injects a cloud directive. GCP inline JSON is written to a temp file. Best-practice auth per provider. REPL polish: - /chain <n> (attack-chain depth, wired to Session.chain_depth), /agents list (library category counts incl. infra/cloud); /show now shows chain-depth and enabled integrations. Tab-completion + help updated. Docs: README badges (365 agents / 14 providers), new "Cloud credentials" section; RELEASE notes. Version 3.5.4 -> 3.5.5.
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
<h1 align="center">🧠 NeuroSploit v3.5.4</h1>
|
||||
<h1 align="center">🧠 NeuroSploit v3.5.5</h1>
|
||||
|
||||
<p align="center">
|
||||
<a href="https://github.com/JoasASantos/NeuroSploit/stargazers"><img src="https://img.shields.io/github/stars/JoasASantos/NeuroSploit?style=for-the-badge&logo=github&color=8b5cf6" alt="Stars"></a>
|
||||
@@ -8,11 +8,11 @@
|
||||
</p>
|
||||
|
||||
<p align="center">
|
||||
<img src="https://img.shields.io/badge/Version-3.5.4-blue?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Version-3.5.5-blue?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Harness-Rust%20%7C%20tokio-e6b673?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/License-MIT-green?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/MD%20Agents-329-red?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Models-12%20providers-success?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/MD%20Agents-365-red?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Models-14%20providers-success?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Modes-Black%20%7C%20White%20%7C%20Grey%20%7C%20Host-9cf?style=flat-square">
|
||||
<img src="https://img.shields.io/badge/Auth-API%20key%20%7C%20Subscription-orange?style=flat-square">
|
||||
</p>
|
||||
@@ -24,7 +24,7 @@
|
||||
>
|
||||
> 📖 **New here? Read the [full Tutorial & User Guide →](TUTORIAL.md)** — every mode, flag, config and example explained.
|
||||
|
||||
> 🆕 **New in v3.5.4 — Robust attack chaining + fewer false positives:** a
|
||||
> 🆕 **New in v3.5.5 — Robust attack chaining + fewer false positives:** a
|
||||
> multi-round, decision-driven **post-exploitation** engine takes each confirmed
|
||||
> foothold and expands new directions (cred reuse, privesc, lateral movement,
|
||||
> exfil, new surface), carrying **loot** forward across rounds (`--chain-depth`).
|
||||
@@ -41,7 +41,7 @@ LLMs** — via **API key** or local **subscription** (Claude Code / Codex / Gemi
|
||||
Grok) — recons the target, **intelligently selects only the agents that match the
|
||||
discovered surface**, runs them in parallel, **chains** findings into deeper
|
||||
impact, and **validates every claim by cross-model voting + tool-receipt
|
||||
grounding** before reporting. It ships **329 markdown agents** and a **Mission
|
||||
grounding** before reporting. It ships **365 markdown agents** and a **Mission
|
||||
Control TUI**.
|
||||
|
||||
### Engagement modes
|
||||
@@ -51,7 +51,7 @@ Control TUI**.
|
||||
| **Black-box** | `neurosploit run <url>` | recon → select → exploit → vote → report |
|
||||
| **White-box** | `neurosploit whitebox <repo>` | source/SAST review (file:line evidence) |
|
||||
| **Grey-box** | `neurosploit greybox <repo> --url <app>` | code review **+** live exploitation together |
|
||||
| **Host/Infra** | `neurosploit host <ip> --creds creds.yaml` | Linux / Windows / Active Directory testing |
|
||||
| **Host/Infra** | `neurosploit host <ip> --creds creds.yaml` | Linux / Windows / AD **and cloud** (AWS/GCP/Azure) testing |
|
||||
| **Mission Control** | `neurosploit tui <url>` | live TUI panels + composer during the run |
|
||||
| **Interactive** | `neurosploit` | persistent REPL session (resumes per project) |
|
||||
|
||||
@@ -68,6 +68,10 @@ Control TUI**.
|
||||
- 🔗 **Attack chaining** — 12 multi-stage chain agents (SQLi→RCE→LPE, SSRF→AWS
|
||||
creds, upload→LFI→RCE→LPE, default-creds→domain, …); each stage proven before
|
||||
advancing.
|
||||
- ☁️ **Cloud testing** — AWS / GCP / Azure agents that drive the provider CLIs
|
||||
(`aws`/`gcloud`/`az`). Connect via `creds.yaml`: AWS keys, a Google
|
||||
service-account JSON, or an Azure service principal — see
|
||||
[Cloud credentials](#cloud-credentials-awsgcpazure).
|
||||
- 🗺️ **Attack graph & kill chain** — findings mapped to OWASP / CWE / MITRE
|
||||
ATT&CK / stage; rendered as a Mermaid graph in the report.
|
||||
- ✅ **Cross-model validation** — a different model adjudicates each finding;
|
||||
@@ -186,6 +190,48 @@ neurosploit whitebox https://github.com/myorg/app --jira --subscription --model
|
||||
|
||||
---
|
||||
|
||||
## ☁️ Cloud credentials (AWS/GCP/Azure)
|
||||
|
||||
Add a cloud block to `creds.yaml` and the harness exports the right env vars so
|
||||
the AWS/GCP/Azure agents can drive `aws` / `gcloud` / `az`. Secrets stay in your
|
||||
file/secret-manager; agents do **read-only enumeration first, never destructive**.
|
||||
|
||||
```yaml
|
||||
# --- AWS: static keys (or a named profile) ---
|
||||
aws:
|
||||
access_key_id: AKIA...
|
||||
secret_access_key: ...
|
||||
# session_token: ... # if using temporary creds
|
||||
region: us-east-1
|
||||
# profile: my-sso-profile # alternative to keys
|
||||
|
||||
# --- GCP: service-account JSON (path recommended; inline single-line also works) ---
|
||||
gcp:
|
||||
service_account_json: /path/to/sa.json
|
||||
project: my-project-id
|
||||
|
||||
# --- Azure: service principal (recommended for automation) ---
|
||||
azure:
|
||||
tenant_id: ...
|
||||
client_id: ...
|
||||
client_secret: ...
|
||||
subscription_id: ...
|
||||
```
|
||||
|
||||
```bash
|
||||
neurosploit host my-cloud-account --creds creds.yaml \
|
||||
--subscription --model anthropic:claude-opus-4-8 -v
|
||||
```
|
||||
|
||||
Agents cover IAM privilege-escalation, storage exposure (S3/GCS/Blob), compute &
|
||||
network exposure, secrets (Secrets Manager / Secret Manager / Key Vault),
|
||||
service-account/SP abuse, and identity enumeration (Entra ID). Best-practice
|
||||
auth: **AWS** access keys or profile; **GCP** a service-account JSON
|
||||
(`GOOGLE_APPLICATION_CREDENTIALS`); **Azure** a service principal
|
||||
(`az login --service-principal`).
|
||||
|
||||
---
|
||||
|
||||
## Build
|
||||
|
||||
```bash
|
||||
|
||||
+46
@@ -1,3 +1,49 @@
|
||||
# NeuroSploit v3.5.5 — Release Notes
|
||||
|
||||
**Release Date:** July 2026
|
||||
**Codename:** Cloud Testing & REPL polish
|
||||
**License:** MIT
|
||||
**Credits:** Joas A Santos & Red Team Leaders
|
||||
|
||||
---
|
||||
|
||||
## TL;DR
|
||||
|
||||
v3.5.5 adds **cloud infrastructure testing** (AWS / GCP / Azure) with first-class
|
||||
credential connection, **17 new cloud agents**, and a nicer REPL.
|
||||
|
||||
## Highlights
|
||||
|
||||
- **Cloud test agents (+17 → library now 365 agents).** AWS, GCP and Azure
|
||||
specialists in `agents_md/infra/` covering IAM privilege escalation, storage
|
||||
exposure (S3 / GCS / Blob), compute & network exposure, secrets (Secrets
|
||||
Manager / Secret Manager / Key Vault), service-account & service-principal
|
||||
abuse, and Entra ID enumeration — plus a multi-cloud footprint/identity recon
|
||||
agent. They drive the provider CLIs read-only-first, non-destructive.
|
||||
- **Connect cloud credentials via `creds.yaml`.** New `aws:`, `gcp:`, `azure:`
|
||||
blocks. The harness exports the right env vars so `aws` / `gcloud` / `az` pick
|
||||
them up automatically, and injects a directive telling the agents how to
|
||||
authenticate and what to enumerate:
|
||||
- **AWS** — `access_key_id`/`secret_access_key`[/`session_token`]/`region`, or a `profile`.
|
||||
- **GCP** — a service-account JSON (`service_account_json`, path recommended;
|
||||
inline single-line also works) → `GOOGLE_APPLICATION_CREDENTIALS` + project.
|
||||
- **Azure** — a **service principal** (`tenant_id`/`client_id`/`client_secret`/
|
||||
`subscription_id`) → `az login --service-principal` (best practice for
|
||||
non-interactive automation).
|
||||
- **REPL polish.** New **`/chain <n>`** (attack-chain depth) and **`/agents list`**
|
||||
(library category counts incl. infra/cloud); **`/show`** now displays
|
||||
chain-depth and enabled integrations; help updated.
|
||||
- Cloud creds are never written to disk beyond your `creds.yaml`; inline GCP JSON
|
||||
is materialized to a temp file only to satisfy the SDK/CLI.
|
||||
|
||||
## Notes
|
||||
|
||||
- Additive/back-compatible. Provider count is now 14 (Azure OpenAI added in
|
||||
v3.5.2). See the README "Cloud credentials" section for a full `creds.yaml`
|
||||
example.
|
||||
|
||||
---
|
||||
|
||||
# NeuroSploit v3.5.4 — Release Notes
|
||||
|
||||
**Release Date:** July 2026
|
||||
|
||||
+5
-5
@@ -1,4 +1,4 @@
|
||||
# NeuroSploit — Tutorial & User Guide (v3.5.4)
|
||||
# NeuroSploit — Tutorial & User Guide (v3.5.5)
|
||||
|
||||
A complete, hands-on guide to installing, configuring and running NeuroSploit —
|
||||
the autonomous, multi-model penetration-testing harness.
|
||||
@@ -40,7 +40,7 @@ You give NeuroSploit a **target** (URL, repo, app, or host/IP). It:
|
||||
|
||||
1. **Recons** the target with real tools (curl/nmap/…).
|
||||
2. **Intelligently selects** only the agents whose preconditions match the recon
|
||||
(it does *not* blindly run all 329).
|
||||
(it does *not* blindly run all 365).
|
||||
3. **Exploits** in parallel — each agent works in a ReAct loop and must prove its
|
||||
claim with a **tool receipt** (raw output).
|
||||
4. **Validates** every candidate by **cross-model voting** (a different model
|
||||
@@ -98,8 +98,8 @@ Agents **degrade gracefully**: if `rustscan` is absent they use `nmap`; if neith
|
||||
### Verify
|
||||
|
||||
```bash
|
||||
neurosploit --version # neurosploit 3.5.4
|
||||
neurosploit agents # {"vulns":196,...,"chains":12,"total":329}
|
||||
neurosploit --version # neurosploit 3.5.5
|
||||
neurosploit agents # {"vulns":196,...,"chains":12,"total":365}
|
||||
neurosploit models # all providers & models
|
||||
```
|
||||
|
||||
@@ -468,7 +468,7 @@ built from SAST/dataflow), so uncertainty becomes *path reachability*, not state
|
||||
|
||||
## 13. The agent library
|
||||
|
||||
`agents_md/` holds **329** markdown agents in categories:
|
||||
`agents_md/` holds **365** markdown agents in categories:
|
||||
|
||||
| Category | Dir | Count | Purpose |
|
||||
|----------|-----|-------|---------|
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
# AWS EC2 / Network Exposure & IMDS Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for exposed compute, permissive security groups and IMDSv1 SSRF risk.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `aws ec2 describe-instances`, `describe-security-groups`, `describe-snapshots --owner-ids self`, `describe-images`
|
||||
|
||||
### 2. Assess
|
||||
- Find 0.0.0.0/0 ingress on sensitive ports, public instances, public EBS snapshots/AMIs, and instances allowing IMDSv1
|
||||
|
||||
### 3. Confirm
|
||||
- Show a concrete exposure (e.g. an SG open to the world, a public snapshot, or IMDSv1 enabled enabling SSRF cred theft)
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS EC2 / Network Exposure & IMDS - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-284
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Network exposure / credential theft via SSRF
|
||||
- Remediation: Restrict SGs; require IMDSv2; make snapshots/AMIs private
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# AWS IAM Privilege Escalation Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for IAM privilege-escalation paths.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- List users, roles, groups, policies and pass-role / attach-policy / create-* permissions
|
||||
|
||||
### 2. Find paths
|
||||
- Check known escalation primitives: iam:PassRole+lambda/ec2, CreatePolicyVersion, AttachUserPolicy, UpdateAssumeRolePolicy, sts:AssumeRole chains
|
||||
|
||||
### 3. Confirm safely
|
||||
- Prove a path with a non-destructive check (e.g. simulate-principal-policy) or a benign read via the escalated role — never persist changes
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS IAM Privilege Escalation - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-269
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Escalation from low-privilege creds to admin
|
||||
- Remediation: Remove dangerous IAM permissions from non-admin principals; monitor iam:* and sts:AssumeRole
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,39 @@
|
||||
# AWS Credential Scope & Caller Identity Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for over-privileged or unexpected credential scope.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Who am I
|
||||
- `aws sts get-caller-identity`; resolve the attached identity (user/role)
|
||||
|
||||
### 2. What can I do
|
||||
- Enumerate attached and inline policies (`aws iam list-attached-*-policies`, `get-*-policy`, `list-policies`)
|
||||
- Simulate key actions with `aws iam simulate-principal-policy` where allowed
|
||||
|
||||
### 3. Confirm
|
||||
- Show the identity holds broad or admin-equivalent permissions it should not
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS Credential Scope & Caller Identity - [resource]
|
||||
- Severity: Medium
|
||||
- CWE: CWE-269
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Excessive permissions → account compromise
|
||||
- Remediation: Apply least privilege; remove wildcard `*` actions/resources; rotate long-lived keys
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# AWS Lambda & Resource-Policy Review Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for insecure Lambda configuration and permissive resource policies.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `aws lambda list-functions`, `get-policy`, `get-function-configuration` (env vars)
|
||||
|
||||
### 2. Assess
|
||||
- Look for secrets in env vars, public/loose resource policies, over-privileged execution roles
|
||||
|
||||
### 3. Confirm
|
||||
- Show a function with a permissive policy or plaintext secret
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS Lambda & Resource-Policy Review - [resource]
|
||||
- Severity: Medium
|
||||
- CWE: CWE-732
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Secret disclosure / unauthorized invoke
|
||||
- Remediation: Remove secrets from env; scope resource policies & execution roles
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# AWS S3 Bucket Exposure Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for public or misconfigured S3 buckets.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate buckets
|
||||
- `aws s3 ls`; for each: `get-bucket-policy`, `get-bucket-acl`, `get-public-access-block`
|
||||
|
||||
### 2. Assess exposure
|
||||
- Identify buckets readable/writable by AllUsers/AuthenticatedUsers or a permissive policy
|
||||
|
||||
### 3. Confirm
|
||||
- List/read a sensitive object to prove exposure (no exfiltration beyond proof)
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS S3 Bucket Exposure - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-732
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Data exposure / tampering
|
||||
- Remediation: Enable S3 Block Public Access; tighten bucket policies/ACLs; least-privilege access
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# AWS Secrets & Parameter Exposure Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **AWS** cloud account/target **{target}** for secrets accessible to the current identity.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `aws secretsmanager list-secrets`, `aws ssm describe-parameters` (and get-parameter --with-decryption where allowed)
|
||||
|
||||
### 2. Assess
|
||||
- Determine which secrets/parameters the identity can read
|
||||
|
||||
### 3. Confirm
|
||||
- Show a readable high-value secret (redact the value in the report; prove access only)
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: AWS Secrets & Parameter Exposure - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-522
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Credential/secret disclosure → lateral movement
|
||||
- Remediation: Restrict secret resource policies; scope kms:Decrypt; audit access
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a AWS cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# Azure VM, NSG & Managed Identity Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **Azure** cloud account/target **{target}** for exposed VMs, permissive NSGs and abusable managed identities.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `az vm list`, `az network nsg list`, check public IPs and attached managed identities
|
||||
|
||||
### 2. Assess
|
||||
- Find NSGs open to 0.0.0.0/0 on sensitive ports, public VMs, and managed identities with broad roles (IMDS token abuse)
|
||||
|
||||
### 3. Confirm
|
||||
- Show a world-open NSG rule or a VM identity with excessive scope
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Azure VM, NSG & Managed Identity - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-284
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Network exposure / identity abuse
|
||||
- Remediation: Restrict NSGs; least-privilege managed identities; Just-in-Time VM access
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a Azure cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# Azure Entra ID (AAD) Enumeration Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **Azure** cloud account/target **{target}** for Entra ID app/service-principal weaknesses.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `az ad sp list`, `az ad app list`; review app credentials, API permissions and consent
|
||||
|
||||
### 2. Assess
|
||||
- Find apps with excessive Graph permissions, expired-but-present secrets, or dangerous consent
|
||||
|
||||
### 3. Confirm
|
||||
- Show an over-permissioned or mis-consented app registration
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Azure Entra ID (AAD) Enumeration - [resource]
|
||||
- Severity: Medium
|
||||
- CWE: CWE-284
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Tenant-wide permission abuse / phishing consent
|
||||
- Remediation: Review app API permissions & consent; rotate SP secrets; conditional access
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a Azure cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# Azure Key Vault Access Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **Azure** cloud account/target **{target}** for over-permissive Key Vault access to secrets/keys/certs.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `az keyvault list`; check access policies / RBAC and network rules
|
||||
|
||||
### 2. Assess
|
||||
- Determine which vault secrets/keys the SP can read
|
||||
|
||||
### 3. Confirm
|
||||
- Show a readable secret (prove access; redact value)
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Azure Key Vault Access - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-522
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Secret/key disclosure
|
||||
- Remediation: Least-privilege vault RBAC/policies; firewall; purge protection
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a Azure cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# Azure RBAC Privilege Escalation Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **Azure** cloud account/target **{target}** for role-assignment weaknesses and escalation paths.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `az role assignment list --all`, `az role definition list`; resolve the SP's roles/scope
|
||||
|
||||
### 2. Find paths
|
||||
- Check for Owner/Contributor/User Access Administrator, or roles allowing Microsoft.Authorization/roleAssignments/write
|
||||
|
||||
### 3. Confirm safely
|
||||
- Prove escalation potential via a benign read at the escalated scope — never assign roles
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Azure RBAC Privilege Escalation - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-269
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Escalation to subscription owner
|
||||
- Remediation: Least-privilege RBAC; avoid Owner/UAA for automation SPs; PIM
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a Azure cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# Azure Storage Account Exposure Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **Azure** cloud account/target **{target}** for public blob containers and weak storage access.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `az storage account list`; check `allowBlobPublicAccess`, network rules, list containers
|
||||
|
||||
### 2. Assess
|
||||
- Find containers set to public (blob/container) or accounts allowing public network access
|
||||
|
||||
### 3. Confirm
|
||||
- List/read a blob in a public container to prove exposure
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Azure Storage Account Exposure - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-732
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Data exposure
|
||||
- Remediation: Disable public blob access; use private endpoints; SAS with least scope
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a Azure cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,40 @@
|
||||
# Cloud Footprint & Identity Recon Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **multi-cloud** cloud account/target **{target}** for identifying the provider, current identity and reachable resources.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** Whichever provider CLI has credentials exported (aws/gcloud/az).
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Identify identity
|
||||
- Determine the active principal: `aws sts get-caller-identity`, `gcloud auth list`+`gcloud config get project`, or `az account show`
|
||||
- Note account/subscription/project id and whether it's a user, role or service principal
|
||||
|
||||
### 2. Map reachable services
|
||||
- Enumerate what the identity can list across IAM, storage, compute, secrets, functions
|
||||
- Record every service that returns data vs AccessDenied — this scopes the blast radius
|
||||
|
||||
### 3. Prioritise
|
||||
- Flag high-value reachable resources (secrets, storage, admin roles) for the specialist agents
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: Cloud Footprint & Identity Recon - [resource]
|
||||
- Severity: Info
|
||||
- CWE: CWE-1008
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Reconnaissance baseline for cloud attack surface
|
||||
- Remediation: Scope credentials to least privilege; alert on broad list/describe from unexpected principals
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a multi-cloud cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# GCP Compute & Firewall Exposure Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **GCP** cloud account/target **{target}** for permissive firewall rules and exposed VMs/metadata.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `gcloud compute firewall-rules list`, `instances list`, check metadata & OS Login
|
||||
|
||||
### 2. Assess
|
||||
- Find 0.0.0.0/0 ingress, public IPs on sensitive services, project-wide SSH keys, permissive metadata
|
||||
|
||||
### 3. Confirm
|
||||
- Show a world-open firewall rule or an exposed instance
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: GCP Compute & Firewall Exposure - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-284
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Network exposure / compromise
|
||||
- Remediation: Restrict firewall source ranges; least-privilege metadata; OS Login
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a GCP cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# GCP IAM Privilege Escalation Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **GCP** cloud account/target **{target}** for IAM binding weaknesses and privilege-escalation paths.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `gcloud projects get-iam-policy $PROJECT`, list roles/bindings for the active SA
|
||||
|
||||
### 2. Find paths
|
||||
- Check escalation primitives: iam.serviceAccounts.actAs/getAccessToken, setIamPolicy, roles.update, deploymentmanager, cloudfunctions deploy as a privileged SA
|
||||
|
||||
### 3. Confirm safely
|
||||
- Prove a path (e.g. impersonate a more-privileged SA with `--impersonate-service-account`) with a benign read
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: GCP IAM Privilege Escalation - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-269
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Escalation to project owner
|
||||
- Remediation: Remove actAs/setIamPolicy from low-priv SAs; least privilege; audit bindings
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a GCP cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# GCP Secret Manager & Cloud Functions Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **GCP** cloud account/target **{target}** for readable secrets and insecure Cloud Functions.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `gcloud secrets list` (+ versions access), `gcloud functions list` (+ get-iam-policy, env)
|
||||
|
||||
### 2. Assess
|
||||
- Find secrets the SA can access and functions with public invoker or secrets in env
|
||||
|
||||
### 3. Confirm
|
||||
- Show a readable secret or a public/loose function
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: GCP Secret Manager & Cloud Functions - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-522
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Secret disclosure / unauthorized invoke
|
||||
- Remediation: Scope secret accessor roles; remove allUsers invoker; no secrets in env
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a GCP cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# GCP Service Account Key & Impersonation Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **GCP** cloud account/target **{target}** for service-account key abuse and impersonation.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- List SAs and keys (`gcloud iam service-accounts list`, `keys list`); check actAs/tokenCreator bindings
|
||||
|
||||
### 2. Assess
|
||||
- Identify SAs the identity can impersonate or mint keys for
|
||||
|
||||
### 3. Confirm
|
||||
- Mint a short-lived token via impersonation (non-destructive) to prove access
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: GCP Service Account Key & Impersonation - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-522
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Identity theft / lateral movement
|
||||
- Remediation: Disable SA key creation; use workload identity; restrict tokenCreator
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a GCP cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
@@ -0,0 +1,38 @@
|
||||
# GCP Cloud Storage Exposure Agent
|
||||
|
||||
## User Prompt
|
||||
You are testing the **GCP** cloud account/target **{target}** for public or misconfigured GCS buckets.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**ACCESS:** A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`.
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Enumerate
|
||||
- `gsutil ls`; `gsutil iam get gs://<bucket>` for each
|
||||
|
||||
### 2. Assess
|
||||
- Find buckets granting allUsers/allAuthenticatedUsers read/write
|
||||
|
||||
### 3. Confirm
|
||||
- List/read a sensitive object to prove exposure
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: GCP Cloud Storage Exposure - [resource]
|
||||
- Severity: High
|
||||
- CWE: CWE-732
|
||||
- Endpoint: [cloud resource ARN/URI/id]
|
||||
- Vector: [what/where]
|
||||
- Payload: [exact CLI command run]
|
||||
- Evidence: [raw CLI output proving it]
|
||||
- Impact: Data exposure / tampering
|
||||
- Remediation: Enforce uniform bucket-level access; remove allUsers bindings; VPC-SC
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are a GCP cloud-security specialist. AUTHORIZED engagement. Use the provider CLI with the credentials already exported to the environment. Do READ-ONLY enumeration first; never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI receipt (raw output) — never assume. Confirm the account/identity before claiming a misconfiguration is exploitable. Credits: Joas A Santos and Red Team Leaders.
|
||||
+1
-1
@@ -11,7 +11,7 @@ function Ok ($m) { Write-Host " + $m" -ForegroundColor Green }
|
||||
function Warn($m){ Write-Host " ! $m" -ForegroundColor Yellow }
|
||||
|
||||
Write-Host ""
|
||||
Write-Host " NeuroSploit installer (Windows) — v3.5.4" -ForegroundColor Cyan
|
||||
Write-Host " NeuroSploit installer (Windows) — v3.5.5" -ForegroundColor Cyan
|
||||
$arch = $env:PROCESSOR_ARCHITECTURE
|
||||
Say "Platform: Windows / $arch"
|
||||
|
||||
|
||||
Generated
+2
-2
@@ -871,7 +871,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "neurosploit"
|
||||
version = "3.5.4"
|
||||
version = "3.5.5"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"clap",
|
||||
@@ -888,7 +888,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "neurosploit-harness"
|
||||
version = "3.5.4"
|
||||
version = "3.5.5"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"futures",
|
||||
|
||||
@@ -3,7 +3,7 @@ members = ["crates/harness", "app"]
|
||||
resolver = "2"
|
||||
|
||||
[workspace.package]
|
||||
version = "3.5.4"
|
||||
version = "3.5.5"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
repository = "https://github.com/JoasASantos/NeuroSploit"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! NeuroSploit v3.5.4 — interactive harness + CLI (`run` / `whitebox` / `agents` / `models`).
|
||||
//! NeuroSploit v3.5.5 — interactive harness + CLI (`run` / `whitebox` / `agents` / `models`).
|
||||
|
||||
mod repl;
|
||||
mod tui;
|
||||
@@ -11,8 +11,8 @@ use std::path::{Path, PathBuf};
|
||||
#[command(
|
||||
name = "neurosploit",
|
||||
version,
|
||||
about = "NeuroSploit v3.5.4 — multi-model autonomous pentest harness",
|
||||
long_about = "NeuroSploit v3.5.4 — a Rust multi-model harness that drives a pool of LLMs \
|
||||
about = "NeuroSploit v3.5.5 — multi-model autonomous pentest harness",
|
||||
long_about = "NeuroSploit v3.5.5 — a Rust multi-model harness that drives a pool of LLMs \
|
||||
(API key or local subscription: Claude/Codex/Gemini/Grok) to autonomously test a target. \
|
||||
After recon it INTELLIGENTLY selects only the agents matching the discovered surface, runs \
|
||||
them in parallel, then validates every finding by cross-model voting before reporting.\n\n\
|
||||
@@ -474,6 +474,24 @@ pub(crate) async fn apply_creds(cfg: &mut RunConfig, path: Option<&str>) {
|
||||
cfg.instructions = Some(format!("{hi}\n{base}"));
|
||||
println!(" [*] host credentials loaded (SSH/Windows-AD)");
|
||||
}
|
||||
// Cloud credentials (AWS / GCP / Azure) → export env for the provider CLIs
|
||||
// and tell the agents how to authenticate & what to enumerate.
|
||||
let cloud_env = c.cloud_env();
|
||||
if !cloud_env.is_empty() {
|
||||
for (k, v) in &cloud_env {
|
||||
std::env::set_var(k, v);
|
||||
}
|
||||
let names: Vec<&str> = [
|
||||
(!c.cloud.as_ref().map(|x| x.aws_access_key_id.is_empty() && x.aws_profile.is_empty()).unwrap_or(true), "AWS"),
|
||||
(!c.cloud.as_ref().map(|x| x.gcp_sa_json.is_empty()).unwrap_or(true), "GCP"),
|
||||
(!c.cloud.as_ref().map(|x| x.azure_client_id.is_empty()).unwrap_or(true), "Azure"),
|
||||
].iter().filter(|(on, _)| *on).map(|(_, n)| *n).collect();
|
||||
println!(" [*] cloud credentials loaded ({}) — {} env var(s) exported", names.join("/"), cloud_env.len());
|
||||
if let Some(ci) = c.cloud_instruction() {
|
||||
let base = cfg.instructions.clone().unwrap_or_default();
|
||||
cfg.instructions = Some(format!("{ci}\n{base}"));
|
||||
}
|
||||
}
|
||||
// No direct material but a login flow → perform it now.
|
||||
if cfg.auth.is_none() {
|
||||
if let Some(login) = &c.login {
|
||||
@@ -534,7 +552,7 @@ pub(crate) fn spawn_engagement(base: &Path, mut cfg: RunConfig, mcp: bool, mode:
|
||||
cfg.rl_path = Some(base.join("data").join("rl_state_rs.json").display().to_string());
|
||||
write_status(&workdir, "running", &format!("\"target\":{:?}", cfg.target));
|
||||
|
||||
println!(" ┌─ NeuroSploit v3.5.4 · by Joas A Santos & Red Team Leaders");
|
||||
println!(" ┌─ NeuroSploit v3.5.5 · by Joas A Santos & Red Team Leaders");
|
||||
println!(" │ run id : {run_id}");
|
||||
println!(" │ target : {}", cfg.target);
|
||||
println!(" │ models : {}", cfg.models.join(", "));
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! NeuroSploit v3.5.4 — interactive session (Claude-Code / Codex / Cursor-CLI style).
|
||||
//! NeuroSploit v3.5.5 — interactive session (Claude-Code / Codex / Cursor-CLI style).
|
||||
//!
|
||||
//! Launched when `neurosploit` runs with no subcommand. A persistent REPL with
|
||||
//! real line editing (arrow-key history recall, Ctrl-A/E/K, paste), model
|
||||
@@ -119,7 +119,7 @@ struct LiveCheckpoint {
|
||||
const COMMANDS: &[&str] = &[
|
||||
"/help", "/show", "/config", "/providers", "/model", "/key", "/sub", "/target",
|
||||
"/repo", "/auth", "/creds", "/focus", "/attach", "/context", "/mcp", "/offline",
|
||||
"/votes", "/agents", "/theme", "/clear", "/run", "/stop", "/continue", "/runs", "/results", "/report",
|
||||
"/votes", "/chain", "/agents", "/theme", "/clear", "/run", "/stop", "/continue", "/runs", "/results", "/report",
|
||||
"/status", "/diff", "/retest", "/integrations", "/quit",
|
||||
];
|
||||
|
||||
@@ -198,6 +198,7 @@ struct Session {
|
||||
mcp: bool,
|
||||
vote_n: usize,
|
||||
max_agents: usize,
|
||||
chain_depth: usize,
|
||||
offline: bool,
|
||||
target: Option<String>,
|
||||
repo: Option<String>,
|
||||
@@ -216,6 +217,7 @@ impl Default for Session {
|
||||
mcp: false,
|
||||
vote_n: 3,
|
||||
max_agents: 0,
|
||||
chain_depth: 2,
|
||||
offline: false,
|
||||
target: None,
|
||||
repo: None,
|
||||
@@ -299,7 +301,7 @@ pub async fn repl(base: &Path) -> anyhow::Result<()> {
|
||||
let backends = harness::installed_cli_backends();
|
||||
println!("\x1b[1m");
|
||||
println!(" ███╗ ██╗███████╗██╗ ██╗██████╗ ██████╗");
|
||||
println!(" ████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit v3.5.4");
|
||||
println!(" ████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit v3.5.5");
|
||||
println!(" ██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ interactive harness");
|
||||
println!(" ██║╚██╗██║██╔══╝ ██║ ██║██╔══██╗██║ ██║ by Joas A Santos");
|
||||
println!(" ██║ ╚████║███████╗╚██████╔╝██║ ██║╚██████╔╝ & Red Team Leaders");
|
||||
@@ -432,7 +434,22 @@ pub async fn repl(base: &Path) -> anyhow::Result<()> {
|
||||
"/offline" => { s.offline = !matches!(arg, "off" | "false" | "0" | "no"); println!(" offline: {}", onoff(s.offline)); }
|
||||
"/integrations" | "/integration" => integrations_cmd(arg),
|
||||
"/votes" => { s.vote_n = arg.parse().unwrap_or(s.vote_n); println!(" votes: {}", s.vote_n); }
|
||||
"/agents" => { s.max_agents = arg.parse().unwrap_or(s.max_agents); println!(" max agents: {}", s.max_agents); }
|
||||
"/chain" => {
|
||||
if arg.is_empty() { println!(" attack-chain depth: {} (0 disables) — set with /chain <n>", s.chain_depth); }
|
||||
else { s.chain_depth = arg.parse().unwrap_or(s.chain_depth); println!(" attack-chain depth: {}", s.chain_depth); }
|
||||
}
|
||||
"/agents" => {
|
||||
if arg == "list" || arg == "ls" {
|
||||
let lib = agents::load(base);
|
||||
println!(" agent library ({} total):", lib.total());
|
||||
println!(" vulns {} · code {} · infra/cloud {} · recon {} · chains {} · meta {}",
|
||||
lib.vulns.len(), lib.code.len(), lib.infra.len(), lib.recon.len(), lib.chains.len(), lib.meta.len());
|
||||
} else if arg.is_empty() {
|
||||
println!(" max agents: {} (0 = all) — set with /agents <n>, or /agents list for counts", s.max_agents);
|
||||
} else {
|
||||
s.max_agents = arg.parse().unwrap_or(s.max_agents); println!(" max agents: {}", s.max_agents);
|
||||
}
|
||||
}
|
||||
"/clear" => { print!("\x1b[2J\x1b[H"); }
|
||||
"/run" | "/go" => {
|
||||
if active.as_ref().map(|a| !a.done.load(Ordering::Relaxed)).unwrap_or(false) {
|
||||
@@ -667,6 +684,7 @@ async fn run(base: &Path, s: &Session, history: &mut Vec<RunRecord>) {
|
||||
cfg.models = s.models.clone();
|
||||
cfg.subscription = s.subscription;
|
||||
cfg.vote_n = s.vote_n;
|
||||
cfg.chain_depth = s.chain_depth;
|
||||
cfg.max_agents = s.max_agents;
|
||||
cfg.verbose = true;
|
||||
cfg.offline = s.offline;
|
||||
@@ -716,6 +734,7 @@ async fn start_background(base: &Path, s: &Session, reader: &mut Reader,
|
||||
cfg.models = s.models.clone();
|
||||
cfg.subscription = s.subscription;
|
||||
cfg.vote_n = s.vote_n;
|
||||
cfg.chain_depth = s.chain_depth;
|
||||
cfg.max_agents = s.max_agents;
|
||||
cfg.verbose = true;
|
||||
cfg.offline = s.offline;
|
||||
@@ -1062,7 +1081,14 @@ fn show(s: &Session) {
|
||||
println!(" │ auth : {}", s.auth.clone().unwrap_or_else(|| "(none)".into()));
|
||||
println!(" │ creds : {}", s.creds.clone().unwrap_or_else(|| "(none)".into()));
|
||||
println!(" │ focus : {}", s.instructions.clone().unwrap_or_else(|| "(none — tests everything)".into()));
|
||||
println!(" │ opts : mcp={} offline={} votes={} max-agents={}", onoff(s.mcp), onoff(s.offline), s.vote_n, s.max_agents);
|
||||
println!(" │ opts : mcp={} offline={} votes={} chain-depth={} max-agents={}", onoff(s.mcp), onoff(s.offline), s.vote_n, s.chain_depth, s.max_agents);
|
||||
// Integrations at a glance (see /integrations for detail).
|
||||
{
|
||||
let ig = harness::integrations::Integrations::load(&proj_dir());
|
||||
let on: Vec<&str> = [(ig.github.enabled, "github"), (ig.gitlab.enabled, "gitlab"), (ig.jira.enabled, "jira")]
|
||||
.iter().filter(|(e, _)| *e).map(|(_, n)| *n).collect();
|
||||
println!(" │ integr. : {}", if on.is_empty() { "(none — /integrations)".into() } else { on.join(", ") });
|
||||
}
|
||||
// API-key status for the providers your selected models need.
|
||||
if !s.subscription {
|
||||
let provs: std::collections::BTreeSet<String> = s.models.iter()
|
||||
@@ -1111,8 +1137,9 @@ fn help() {
|
||||
|
||||
println!("\n \x1b[2mOPTIONS\x1b[0m");
|
||||
h("/mcp on|off", "Playwright MCP browser /offline on|off self-test");
|
||||
h("/votes <n>", "validator votes /agents <n> cap agents");
|
||||
h("/theme color|mono", "/show (config) /clear /quit");
|
||||
h("/votes <n>", "validator votes /chain <n> attack-chain depth");
|
||||
h("/agents <n>|list", "cap agents · list counts /theme color|mono");
|
||||
h("/show (config)", "/clear /quit");
|
||||
|
||||
println!("\n \x1b[2mMODES — black-box: set /target · white-box: set /repo · grey-box: set BOTH /repo + /target · host: /target <ip> + /creds\x1b[0m");
|
||||
println!(" \x1b[2mFindings are checkpointed live to .neurosploit/ — quit/crash mid-run and they're recovered into /runs next launch.\x1b[0m");
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! NeuroSploit v3.5.4 — TUI "Mission Control" mode.
|
||||
//! NeuroSploit v3.5.5 — TUI "Mission Control" mode.
|
||||
//!
|
||||
//! Concurrent panels that update live while the engagement runs in the
|
||||
//! background, with a composer input that stays active during execution:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! POMDP belief-state world model (v3.5.4).
|
||||
//! POMDP belief-state world model (v3.5.5).
|
||||
//!
|
||||
//! The target is only partially observable, so we don't track booleans — we
|
||||
//! track a **belief**: a property graph whose nodes (host / service / vuln /
|
||||
|
||||
@@ -51,6 +51,35 @@ pub struct Win {
|
||||
pub hash: String, // NTLM hash for pass-the-hash (LM:NT or NT)
|
||||
}
|
||||
|
||||
/// Cloud provider credentials for cloud-infra testing (AWS / GCP / Azure).
|
||||
/// Secrets are read from `creds.yaml` and exported to the process environment so
|
||||
/// the `aws` / `gcloud` / `az` CLIs the agents use pick them up automatically.
|
||||
#[derive(Default, Debug, Clone)]
|
||||
pub struct Cloud {
|
||||
// AWS — static keys (access key + secret [+ session token]) OR a named profile.
|
||||
pub aws_access_key_id: String,
|
||||
pub aws_secret_access_key: String,
|
||||
pub aws_session_token: String,
|
||||
pub aws_region: String,
|
||||
pub aws_profile: String,
|
||||
// GCP — a service-account JSON (path, recommended) or inline single-line JSON.
|
||||
pub gcp_sa_json: String,
|
||||
pub gcp_project: String,
|
||||
// Azure — a service principal (recommended for non-interactive automation).
|
||||
pub azure_tenant_id: String,
|
||||
pub azure_client_id: String,
|
||||
pub azure_client_secret: String,
|
||||
pub azure_subscription_id: String,
|
||||
}
|
||||
|
||||
impl Cloud {
|
||||
fn is_empty(&self) -> bool {
|
||||
self.aws_access_key_id.is_empty() && self.aws_profile.is_empty()
|
||||
&& self.gcp_sa_json.is_empty()
|
||||
&& self.azure_client_id.is_empty()
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Default, Debug, Clone)]
|
||||
pub struct Creds {
|
||||
pub jwt: Option<String>,
|
||||
@@ -59,6 +88,7 @@ pub struct Creds {
|
||||
pub login: Option<Login>,
|
||||
pub ssh: Option<Ssh>,
|
||||
pub win: Option<Win>,
|
||||
pub cloud: Option<Cloud>,
|
||||
}
|
||||
|
||||
impl Creds {
|
||||
@@ -68,8 +98,9 @@ impl Creds {
|
||||
let mut login = Login { method: "POST".into(), ..Default::default() };
|
||||
let mut ssh = Ssh { port: "22".into(), ..Default::default() };
|
||||
let mut win = Win::default();
|
||||
let mut cloud = Cloud::default();
|
||||
let (mut have_login, mut have_ssh, mut have_win) = (false, false, false);
|
||||
let mut block = ""; // "", "login", "ssh", "windows"
|
||||
let mut block = ""; // "", "login", "ssh", "windows", "aws", "gcp", "azure"
|
||||
for raw in text.lines() {
|
||||
let line = raw.split('#').next().unwrap_or("");
|
||||
if line.trim().is_empty() {
|
||||
@@ -86,6 +117,9 @@ impl Creds {
|
||||
"login" => { have_login = true; "login" }
|
||||
"ssh" => { have_ssh = true; "ssh" }
|
||||
"windows" | "win" | "ad" => { have_win = true; "windows" }
|
||||
"aws" => "aws",
|
||||
"gcp" | "google" | "gcloud" => "gcp",
|
||||
"azure" | "az" => "azure",
|
||||
_ => "",
|
||||
};
|
||||
continue;
|
||||
@@ -118,6 +152,26 @@ impl Creds {
|
||||
"hash" | "ntlm" => win.hash = v,
|
||||
_ => {}
|
||||
},
|
||||
"aws" => match k.as_str() {
|
||||
"access_key_id" | "access_key" | "key" => cloud.aws_access_key_id = v,
|
||||
"secret_access_key" | "secret" => cloud.aws_secret_access_key = v,
|
||||
"session_token" | "token" => cloud.aws_session_token = v,
|
||||
"region" => cloud.aws_region = v,
|
||||
"profile" => cloud.aws_profile = v,
|
||||
_ => {}
|
||||
},
|
||||
"gcp" => match k.as_str() {
|
||||
"service_account_json" | "sa_json" | "key" | "keyfile" | "credentials" => cloud.gcp_sa_json = v,
|
||||
"project" | "project_id" => cloud.gcp_project = v,
|
||||
_ => {}
|
||||
},
|
||||
"azure" => match k.as_str() {
|
||||
"tenant_id" | "tenant" => cloud.azure_tenant_id = v,
|
||||
"client_id" | "app_id" => cloud.azure_client_id = v,
|
||||
"client_secret" | "secret" | "password" => cloud.azure_client_secret = v,
|
||||
"subscription_id" | "subscription" => cloud.azure_subscription_id = v,
|
||||
_ => {}
|
||||
},
|
||||
_ => {}
|
||||
}
|
||||
continue;
|
||||
@@ -133,13 +187,81 @@ impl Creds {
|
||||
if have_login && !login.url.is_empty() { c.login = Some(login); }
|
||||
if have_ssh && !ssh.host.is_empty() { c.ssh = Some(ssh); }
|
||||
if have_win && !win.host.is_empty() { c.win = Some(win); }
|
||||
if !cloud.is_empty() { c.cloud = Some(cloud); }
|
||||
if c.jwt.is_none() && c.header.is_none() && c.cookie.is_none()
|
||||
&& c.login.is_none() && c.ssh.is_none() && c.win.is_none() {
|
||||
&& c.login.is_none() && c.ssh.is_none() && c.win.is_none() && c.cloud.is_none() {
|
||||
return None;
|
||||
}
|
||||
Some(c)
|
||||
}
|
||||
|
||||
/// Environment variables to export so the `aws`/`gcloud`/`az` CLIs the agents
|
||||
/// run pick up the cloud credentials automatically. For inline GCP JSON the
|
||||
/// content is written to a temp file and that path is returned.
|
||||
pub fn cloud_env(&self) -> Vec<(String, String)> {
|
||||
let mut e: Vec<(String, String)> = Vec::new();
|
||||
let Some(c) = &self.cloud else { return e };
|
||||
// AWS
|
||||
if !c.aws_access_key_id.is_empty() {
|
||||
e.push(("AWS_ACCESS_KEY_ID".into(), c.aws_access_key_id.clone()));
|
||||
e.push(("AWS_SECRET_ACCESS_KEY".into(), c.aws_secret_access_key.clone()));
|
||||
if !c.aws_session_token.is_empty() {
|
||||
e.push(("AWS_SESSION_TOKEN".into(), c.aws_session_token.clone()));
|
||||
}
|
||||
}
|
||||
if !c.aws_profile.is_empty() { e.push(("AWS_PROFILE".into(), c.aws_profile.clone())); }
|
||||
if !c.aws_region.is_empty() {
|
||||
e.push(("AWS_DEFAULT_REGION".into(), c.aws_region.clone()));
|
||||
e.push(("AWS_REGION".into(), c.aws_region.clone()));
|
||||
}
|
||||
// GCP — path (recommended) or inline JSON written to a temp file.
|
||||
if !c.gcp_sa_json.is_empty() {
|
||||
let path = if c.gcp_sa_json.trim_start().starts_with('{') {
|
||||
let p = std::env::temp_dir().join("neurosploit-gcp-sa.json");
|
||||
let _ = std::fs::write(&p, c.gcp_sa_json.as_bytes());
|
||||
p.display().to_string()
|
||||
} else {
|
||||
c.gcp_sa_json.clone()
|
||||
};
|
||||
e.push(("GOOGLE_APPLICATION_CREDENTIALS".into(), path));
|
||||
}
|
||||
if !c.gcp_project.is_empty() {
|
||||
e.push(("GOOGLE_CLOUD_PROJECT".into(), c.gcp_project.clone()));
|
||||
e.push(("CLOUDSDK_CORE_PROJECT".into(), c.gcp_project.clone()));
|
||||
}
|
||||
// Azure — service principal env (consumed by `az login --service-principal`).
|
||||
if !c.azure_tenant_id.is_empty() { e.push(("AZURE_TENANT_ID".into(), c.azure_tenant_id.clone())); }
|
||||
if !c.azure_client_id.is_empty() { e.push(("AZURE_CLIENT_ID".into(), c.azure_client_id.clone())); }
|
||||
if !c.azure_client_secret.is_empty() { e.push(("AZURE_CLIENT_SECRET".into(), c.azure_client_secret.clone())); }
|
||||
if !c.azure_subscription_id.is_empty() {
|
||||
e.push(("AZURE_SUBSCRIPTION_ID".into(), c.azure_subscription_id.clone()));
|
||||
e.push(("ARM_SUBSCRIPTION_ID".into(), c.azure_subscription_id.clone()));
|
||||
}
|
||||
e
|
||||
}
|
||||
|
||||
/// A directive telling the agents which cloud creds are available and how to
|
||||
/// authenticate the provider CLI, so they enumerate/test the cloud account.
|
||||
pub fn cloud_instruction(&self) -> Option<String> {
|
||||
let c = self.cloud.as_ref()?;
|
||||
let mut s = String::new();
|
||||
if !c.aws_access_key_id.is_empty() || !c.aws_profile.is_empty() {
|
||||
s.push_str(&format!(
|
||||
"AWS ACCESS: credentials are set in the environment{}. Use the `aws` CLI to enumerate and test the account — start with `aws sts get-caller-identity`, then IAM (users/roles/policies, privilege escalation paths), S3 (public/misconfigured buckets), EC2/SG, Lambda, Secrets Manager. Read-only enumeration first; never destructive.\n",
|
||||
if c.aws_region.is_empty() { String::new() } else { format!(" (region {})", c.aws_region) }));
|
||||
}
|
||||
if !c.gcp_sa_json.is_empty() {
|
||||
s.push_str(&format!(
|
||||
"GCP ACCESS: a service account is available via $GOOGLE_APPLICATION_CREDENTIALS{}. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS` first, then enumerate with `gcloud`/`gsutil` — IAM bindings & privilege escalation, buckets, compute, service accounts/keys, Cloud Functions.\n",
|
||||
if c.gcp_project.is_empty() { String::new() } else { format!(" (project {})", c.gcp_project) }));
|
||||
}
|
||||
if !c.azure_client_id.is_empty() {
|
||||
s.push_str(
|
||||
"AZURE ACCESS: a service principal is set in the environment. Authenticate with `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then enumerate with `az` — role assignments (RBAC) & escalation, storage accounts/containers, VMs, Key Vaults, managed identities.\n");
|
||||
}
|
||||
if s.is_empty() { None } else { Some(s) }
|
||||
}
|
||||
|
||||
/// A directive describing the host credentials available to the agents, so
|
||||
/// they can authenticate to Linux (SSH) / Windows (AD) hosts.
|
||||
pub fn host_instruction(&self) -> Option<String> {
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! Verification / grounding engine (v3.5.4).
|
||||
//! Verification / grounding engine (v3.5.5).
|
||||
//!
|
||||
//! Hard rule: **no claim enters the world model without a tool receipt** — raw
|
||||
//! tool output, not the LLM's paraphrase. This is the empirical anti-hallucination
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! NeuroSploit v3.5.4 harness — a robust multi-model runtime for the
|
||||
//! NeuroSploit v3.5.5 harness — a robust multi-model runtime for the
|
||||
//! markdown-driven autonomous pentest engine.
|
||||
//!
|
||||
//! The harness loads the `agents_md/` library, drives a *pool* of LLM models
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
//! POMDP decision layer (v3.5.4): value-of-information planning + the
|
||||
//! POMDP decision layer (v3.5.5): value-of-information planning + the
|
||||
//! anti-hallucination gate.
|
||||
//!
|
||||
//! The choice "scan more vs exploit now" is **not** a heuristic here — it falls
|
||||
|
||||
@@ -97,9 +97,9 @@ pub fn html(target: &str, findings: &[Finding]) -> String {
|
||||
h4{{margin:12px 0 3px;font-size:12px;text-transform:uppercase;letter-spacing:.5px;color:#8b5cf6}}\
|
||||
.b{{color:#8b5cf6;font-weight:800}}</style></head><body>\
|
||||
<h1><span class=b>NeuroSploit</span> Penetration Test Report</h1>\
|
||||
<div class=meta>Target: <b>{t}</b> · v3.5.4 Rust harness · multi-model validated</div>\
|
||||
<div class=meta>Target: <b>{t}</b> · v3.5.5 Rust harness · multi-model validated</div>\
|
||||
<div>{chips}</div>{graph_block}<h2>Findings ({n})</h2>{body}\
|
||||
<p class=meta>Authorized testing only. Findings confirmed by multi-model adversarial voting.<br>NeuroSploit v3.5.4 · by <b>Joas A Santos</b> & <b>Red Team Leaders</b></p></body></html>",
|
||||
<p class=meta>Authorized testing only. Findings confirmed by multi-model adversarial voting.<br>NeuroSploit v3.5.5 · by <b>Joas A Santos</b> & <b>Red Team Leaders</b></p></body></html>",
|
||||
t = esc(target), chips = chips, n = sorted.len(), body = body, graph_block = graph_block,
|
||||
)
|
||||
}
|
||||
@@ -135,7 +135,7 @@ pub fn typst_report(target: &str, findings: &[Finding], dir: &Path) -> std::io::
|
||||
let mut data = String::new();
|
||||
data.push_str(&format!(
|
||||
"#let meta = (target: {}, run_id: {}, generated: {}, model: {})\n",
|
||||
tq(target), tq(&run_id), tq("NeuroSploit v3.5.4"), tq("multi-model")
|
||||
tq(target), tq(&run_id), tq("NeuroSploit v3.5.5"), tq("multi-model")
|
||||
));
|
||||
data.push_str("#let findings = (\n");
|
||||
for f in sorted_findings(findings) {
|
||||
|
||||
@@ -0,0 +1,177 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
NeuroSploit v3.5.5 — cloud infrastructure test agents.
|
||||
|
||||
Adds AWS / GCP / Azure cloud-security agents to agents_md/infra/. They drive the
|
||||
provider CLIs (`aws`, `gcloud`/`gsutil`, `az`) using credentials the operator
|
||||
supplies via creds.yaml (aws:/gcp:/azure: blocks, exported to the environment).
|
||||
Read-only enumeration first, non-destructive, authorized only.
|
||||
Credits: Joas A Santos & Red Team Leaders.
|
||||
"""
|
||||
import os
|
||||
|
||||
ROOT = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||
OUT = os.path.join(ROOT, "agents_md", "infra")
|
||||
CREDITS = "Credits: Joas A Santos and Red Team Leaders."
|
||||
|
||||
|
||||
def render(a):
|
||||
L = [f"# {a['title']} Agent\n", "## User Prompt",
|
||||
f"You are testing the **{a['cloud']}** cloud account/target **{{target}}** for {a['for']}.\n",
|
||||
"**Recon Context:**\n{recon_json}\n",
|
||||
f"**ACCESS:** {a['access']}\n",
|
||||
"**METHODOLOGY:**\n"]
|
||||
for i, (s, bs) in enumerate(a["steps"], 1):
|
||||
L.append(f"### {i}. {s}")
|
||||
L += [f"- {b}" for b in bs]
|
||||
L.append("")
|
||||
n = len(a["steps"]) + 1
|
||||
L += [f"### {n}. Report Format", "For each CONFIRMED finding:", "```", "FINDING:",
|
||||
f"- Title: {a['title']} - [resource]", f"- Severity: {a['sev']}", f"- CWE: {a['cwe']}",
|
||||
"- Endpoint: [cloud resource ARN/URI/id]", "- Vector: [what/where]",
|
||||
"- Payload: [exact CLI command run]", "- Evidence: [raw CLI output proving it]",
|
||||
f"- Impact: {a['impact']}", f"- Remediation: {a['fix']}", "```\n",
|
||||
"## System Prompt", a["system"]]
|
||||
return "\n".join(L) + "\n"
|
||||
|
||||
|
||||
def A(name, title, cloud, vc, cwe, sev, access, steps, fix, impact):
|
||||
return {"name": name, "title": title, "cloud": cloud, "for": vc, "sev": sev, "cwe": cwe,
|
||||
"impact": impact, "fix": fix, "steps": steps, "access": access,
|
||||
"system": (f"You are a {cloud} cloud-security specialist. AUTHORIZED engagement. Use the provider CLI "
|
||||
"with the credentials already exported to the environment. Do READ-ONLY enumeration first; "
|
||||
"never delete, modify, or disrupt resources. Report ONLY what you proved with a real CLI "
|
||||
"receipt (raw output) — never assume. Confirm the account/identity before claiming a "
|
||||
f"misconfiguration is exploitable. {CREDITS}")}
|
||||
|
||||
|
||||
AWS_ACCESS = "AWS credentials are exported (AWS_ACCESS_KEY_ID/SECRET[/SESSION_TOKEN], region). Use the `aws` CLI; start with `aws sts get-caller-identity`."
|
||||
GCP_ACCESS = "A GCP service account is active via $GOOGLE_APPLICATION_CREDENTIALS. Run `gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS`, then use `gcloud`/`gsutil`."
|
||||
AZ_ACCESS = "An Azure service principal is exported. Authenticate: `az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET --tenant $AZURE_TENANT_ID`, then use `az`."
|
||||
|
||||
AGENTS = [
|
||||
# ---------- generic ----------
|
||||
A("cloud_recon_footprint", "Cloud Footprint & Identity Recon", "multi-cloud",
|
||||
"identifying the provider, current identity and reachable resources", "CWE-1008", "Info",
|
||||
"Whichever provider CLI has credentials exported (aws/gcloud/az).",
|
||||
[("Identify identity", ["Determine the active principal: `aws sts get-caller-identity`, `gcloud auth list`+`gcloud config get project`, or `az account show`",
|
||||
"Note account/subscription/project id and whether it's a user, role or service principal"]),
|
||||
("Map reachable services", ["Enumerate what the identity can list across IAM, storage, compute, secrets, functions",
|
||||
"Record every service that returns data vs AccessDenied — this scopes the blast radius"]),
|
||||
("Prioritise", ["Flag high-value reachable resources (secrets, storage, admin roles) for the specialist agents"])],
|
||||
"Scope credentials to least privilege; alert on broad list/describe from unexpected principals", "Reconnaissance baseline for cloud attack surface"),
|
||||
|
||||
# ---------- AWS ----------
|
||||
A("aws_identity_scope", "AWS Credential Scope & Caller Identity", "AWS",
|
||||
"over-privileged or unexpected credential scope", "CWE-269", "Medium", AWS_ACCESS,
|
||||
[("Who am I", ["`aws sts get-caller-identity`; resolve the attached identity (user/role)"]),
|
||||
("What can I do", ["Enumerate attached and inline policies (`aws iam list-attached-*-policies`, `get-*-policy`, `list-policies`)",
|
||||
"Simulate key actions with `aws iam simulate-principal-policy` where allowed"]),
|
||||
("Confirm", ["Show the identity holds broad or admin-equivalent permissions it should not"])],
|
||||
"Apply least privilege; remove wildcard `*` actions/resources; rotate long-lived keys", "Excessive permissions → account compromise"),
|
||||
A("aws_iam_privesc", "AWS IAM Privilege Escalation", "AWS",
|
||||
"IAM privilege-escalation paths", "CWE-269", "High", AWS_ACCESS,
|
||||
[("Enumerate", ["List users, roles, groups, policies and pass-role / attach-policy / create-* permissions"]),
|
||||
("Find paths", ["Check known escalation primitives: iam:PassRole+lambda/ec2, CreatePolicyVersion, AttachUserPolicy, UpdateAssumeRolePolicy, sts:AssumeRole chains"]),
|
||||
("Confirm safely", ["Prove a path with a non-destructive check (e.g. simulate-principal-policy) or a benign read via the escalated role — never persist changes"])],
|
||||
"Remove dangerous IAM permissions from non-admin principals; monitor iam:* and sts:AssumeRole", "Escalation from low-privilege creds to admin"),
|
||||
A("aws_s3_exposure", "AWS S3 Bucket Exposure", "AWS",
|
||||
"public or misconfigured S3 buckets", "CWE-732", "High", AWS_ACCESS,
|
||||
[("Enumerate buckets", ["`aws s3 ls`; for each: `get-bucket-policy`, `get-bucket-acl`, `get-public-access-block`"]),
|
||||
("Assess exposure", ["Identify buckets readable/writable by AllUsers/AuthenticatedUsers or a permissive policy"]),
|
||||
("Confirm", ["List/read a sensitive object to prove exposure (no exfiltration beyond proof)"])],
|
||||
"Enable S3 Block Public Access; tighten bucket policies/ACLs; least-privilege access", "Data exposure / tampering"),
|
||||
A("aws_secrets_exposure", "AWS Secrets & Parameter Exposure", "AWS",
|
||||
"secrets accessible to the current identity", "CWE-522", "High", AWS_ACCESS,
|
||||
[("Enumerate", ["`aws secretsmanager list-secrets`, `aws ssm describe-parameters` (and get-parameter --with-decryption where allowed)"]),
|
||||
("Assess", ["Determine which secrets/parameters the identity can read"]),
|
||||
("Confirm", ["Show a readable high-value secret (redact the value in the report; prove access only)"])],
|
||||
"Restrict secret resource policies; scope kms:Decrypt; audit access", "Credential/secret disclosure → lateral movement"),
|
||||
A("aws_compute_exposure", "AWS EC2 / Network Exposure & IMDS", "AWS",
|
||||
"exposed compute, permissive security groups and IMDSv1 SSRF risk", "CWE-284", "High", AWS_ACCESS,
|
||||
[("Enumerate", ["`aws ec2 describe-instances`, `describe-security-groups`, `describe-snapshots --owner-ids self`, `describe-images`"]),
|
||||
("Assess", ["Find 0.0.0.0/0 ingress on sensitive ports, public instances, public EBS snapshots/AMIs, and instances allowing IMDSv1"]),
|
||||
("Confirm", ["Show a concrete exposure (e.g. an SG open to the world, a public snapshot, or IMDSv1 enabled enabling SSRF cred theft)"])],
|
||||
"Restrict SGs; require IMDSv2; make snapshots/AMIs private", "Network exposure / credential theft via SSRF"),
|
||||
A("aws_lambda_review", "AWS Lambda & Resource-Policy Review", "AWS",
|
||||
"insecure Lambda configuration and permissive resource policies", "CWE-732", "Medium", AWS_ACCESS,
|
||||
[("Enumerate", ["`aws lambda list-functions`, `get-policy`, `get-function-configuration` (env vars)"]),
|
||||
("Assess", ["Look for secrets in env vars, public/loose resource policies, over-privileged execution roles"]),
|
||||
("Confirm", ["Show a function with a permissive policy or plaintext secret"])],
|
||||
"Remove secrets from env; scope resource policies & execution roles", "Secret disclosure / unauthorized invoke"),
|
||||
|
||||
# ---------- GCP ----------
|
||||
A("gcp_iam_privesc", "GCP IAM Privilege Escalation", "GCP",
|
||||
"IAM binding weaknesses and privilege-escalation paths", "CWE-269", "High", GCP_ACCESS,
|
||||
[("Enumerate", ["`gcloud projects get-iam-policy $PROJECT`, list roles/bindings for the active SA"]),
|
||||
("Find paths", ["Check escalation primitives: iam.serviceAccounts.actAs/getAccessToken, setIamPolicy, roles.update, deploymentmanager, cloudfunctions deploy as a privileged SA"]),
|
||||
("Confirm safely", ["Prove a path (e.g. impersonate a more-privileged SA with `--impersonate-service-account`) with a benign read"])],
|
||||
"Remove actAs/setIamPolicy from low-priv SAs; least privilege; audit bindings", "Escalation to project owner"),
|
||||
A("gcp_storage_exposure", "GCP Cloud Storage Exposure", "GCP",
|
||||
"public or misconfigured GCS buckets", "CWE-732", "High", GCP_ACCESS,
|
||||
[("Enumerate", ["`gsutil ls`; `gsutil iam get gs://<bucket>` for each"]),
|
||||
("Assess", ["Find buckets granting allUsers/allAuthenticatedUsers read/write"]),
|
||||
("Confirm", ["List/read a sensitive object to prove exposure"])],
|
||||
"Enforce uniform bucket-level access; remove allUsers bindings; VPC-SC", "Data exposure / tampering"),
|
||||
A("gcp_serviceaccount_keys", "GCP Service Account Key & Impersonation", "GCP",
|
||||
"service-account key abuse and impersonation", "CWE-522", "High", GCP_ACCESS,
|
||||
[("Enumerate", ["List SAs and keys (`gcloud iam service-accounts list`, `keys list`); check actAs/tokenCreator bindings"]),
|
||||
("Assess", ["Identify SAs the identity can impersonate or mint keys for"]),
|
||||
("Confirm", ["Mint a short-lived token via impersonation (non-destructive) to prove access"])],
|
||||
"Disable SA key creation; use workload identity; restrict tokenCreator", "Identity theft / lateral movement"),
|
||||
A("gcp_compute_exposure", "GCP Compute & Firewall Exposure", "GCP",
|
||||
"permissive firewall rules and exposed VMs/metadata", "CWE-284", "High", GCP_ACCESS,
|
||||
[("Enumerate", ["`gcloud compute firewall-rules list`, `instances list`, check metadata & OS Login"]),
|
||||
("Assess", ["Find 0.0.0.0/0 ingress, public IPs on sensitive services, project-wide SSH keys, permissive metadata"]),
|
||||
("Confirm", ["Show a world-open firewall rule or an exposed instance"])],
|
||||
"Restrict firewall source ranges; least-privilege metadata; OS Login", "Network exposure / compromise"),
|
||||
A("gcp_secrets_functions", "GCP Secret Manager & Cloud Functions", "GCP",
|
||||
"readable secrets and insecure Cloud Functions", "CWE-522", "High", GCP_ACCESS,
|
||||
[("Enumerate", ["`gcloud secrets list` (+ versions access), `gcloud functions list` (+ get-iam-policy, env)"]),
|
||||
("Assess", ["Find secrets the SA can access and functions with public invoker or secrets in env"]),
|
||||
("Confirm", ["Show a readable secret or a public/loose function"])],
|
||||
"Scope secret accessor roles; remove allUsers invoker; no secrets in env", "Secret disclosure / unauthorized invoke"),
|
||||
|
||||
# ---------- Azure ----------
|
||||
A("azure_rbac_privesc", "Azure RBAC Privilege Escalation", "Azure",
|
||||
"role-assignment weaknesses and escalation paths", "CWE-269", "High", AZ_ACCESS,
|
||||
[("Enumerate", ["`az role assignment list --all`, `az role definition list`; resolve the SP's roles/scope"]),
|
||||
("Find paths", ["Check for Owner/Contributor/User Access Administrator, or roles allowing Microsoft.Authorization/roleAssignments/write"]),
|
||||
("Confirm safely", ["Prove escalation potential via a benign read at the escalated scope — never assign roles"])],
|
||||
"Least-privilege RBAC; avoid Owner/UAA for automation SPs; PIM", "Escalation to subscription owner"),
|
||||
A("azure_storage_exposure", "Azure Storage Account Exposure", "Azure",
|
||||
"public blob containers and weak storage access", "CWE-732", "High", AZ_ACCESS,
|
||||
[("Enumerate", ["`az storage account list`; check `allowBlobPublicAccess`, network rules, list containers"]),
|
||||
("Assess", ["Find containers set to public (blob/container) or accounts allowing public network access"]),
|
||||
("Confirm", ["List/read a blob in a public container to prove exposure"])],
|
||||
"Disable public blob access; use private endpoints; SAS with least scope", "Data exposure"),
|
||||
A("azure_keyvault_access", "Azure Key Vault Access", "Azure",
|
||||
"over-permissive Key Vault access to secrets/keys/certs", "CWE-522", "High", AZ_ACCESS,
|
||||
[("Enumerate", ["`az keyvault list`; check access policies / RBAC and network rules"]),
|
||||
("Assess", ["Determine which vault secrets/keys the SP can read"]),
|
||||
("Confirm", ["Show a readable secret (prove access; redact value)"])],
|
||||
"Least-privilege vault RBAC/policies; firewall; purge protection", "Secret/key disclosure"),
|
||||
A("azure_compute_identity", "Azure VM, NSG & Managed Identity", "Azure",
|
||||
"exposed VMs, permissive NSGs and abusable managed identities", "CWE-284", "High", AZ_ACCESS,
|
||||
[("Enumerate", ["`az vm list`, `az network nsg list`, check public IPs and attached managed identities"]),
|
||||
("Assess", ["Find NSGs open to 0.0.0.0/0 on sensitive ports, public VMs, and managed identities with broad roles (IMDS token abuse)"]),
|
||||
("Confirm", ["Show a world-open NSG rule or a VM identity with excessive scope"])],
|
||||
"Restrict NSGs; least-privilege managed identities; Just-in-Time VM access", "Network exposure / identity abuse"),
|
||||
A("azure_entra_enum", "Azure Entra ID (AAD) Enumeration", "Azure",
|
||||
"Entra ID app/service-principal weaknesses", "CWE-284", "Medium", AZ_ACCESS,
|
||||
[("Enumerate", ["`az ad sp list`, `az ad app list`; review app credentials, API permissions and consent"]),
|
||||
("Assess", ["Find apps with excessive Graph permissions, expired-but-present secrets, or dangerous consent"]),
|
||||
("Confirm", ["Show an over-permissioned or mis-consented app registration"])],
|
||||
"Review app API permissions & consent; rotate SP secrets; conditional access", "Tenant-wide permission abuse / phishing consent"),
|
||||
]
|
||||
|
||||
|
||||
def main():
|
||||
os.makedirs(OUT, exist_ok=True)
|
||||
for a in AGENTS:
|
||||
open(os.path.join(OUT, a["name"] + ".md"), "w").write(render(a))
|
||||
print(f"wrote {len(AGENTS)} cloud agents to {OUT}")
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
@@ -25,7 +25,7 @@ cat <<'BANNER'
|
||||
|
||||
███╗ ██╗███████╗██╗ ██╗██████╗ ██████╗
|
||||
████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit installer
|
||||
██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ v3.5.4 — Rust harness
|
||||
██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ v3.5.5 — Rust harness
|
||||
██║╚██╗██║██╔══╝ ██║ ██║██╔══██╗██║ ██║ by Joas A Santos
|
||||
██║ ╚████║███████╗╚██████╔╝██║ ██║╚██████╔╝ & Red Team Leaders
|
||||
╚═╝ ╚═══╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝
|
||||
|
||||
Reference in New Issue
Block a user