mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-03 01:55:44 +02:00
v3.5.5 — cloud infrastructure testing + REPL polish
Cloud testing: - +17 cloud agents (agents_md/infra/) for AWS/GCP/Azure: IAM/RBAC privesc, storage exposure (S3/GCS/Blob), compute & network exposure + IMDS, secrets (Secrets Manager / Secret Manager / Key Vault), SA/SP key abuse, Entra ID enum, and a multi-cloud footprint/identity recon agent. Library 348 -> 365. - creds.yaml gains aws:/gcp:/azure: blocks (Creds::cloud). The harness exports provider env vars (AWS_*, GOOGLE_APPLICATION_CREDENTIALS, AZURE_* SP) so aws/gcloud/az authenticate automatically, and injects a cloud directive. GCP inline JSON is written to a temp file. Best-practice auth per provider. REPL polish: - /chain <n> (attack-chain depth, wired to Session.chain_depth), /agents list (library category counts incl. infra/cloud); /show now shows chain-depth and enabled integrations. Tab-completion + help updated. Docs: README badges (365 agents / 14 providers), new "Cloud credentials" section; RELEASE notes. Version 3.5.4 -> 3.5.5.
This commit is contained in:
+5
-5
@@ -1,4 +1,4 @@
|
||||
# NeuroSploit — Tutorial & User Guide (v3.5.4)
|
||||
# NeuroSploit — Tutorial & User Guide (v3.5.5)
|
||||
|
||||
A complete, hands-on guide to installing, configuring and running NeuroSploit —
|
||||
the autonomous, multi-model penetration-testing harness.
|
||||
@@ -40,7 +40,7 @@ You give NeuroSploit a **target** (URL, repo, app, or host/IP). It:
|
||||
|
||||
1. **Recons** the target with real tools (curl/nmap/…).
|
||||
2. **Intelligently selects** only the agents whose preconditions match the recon
|
||||
(it does *not* blindly run all 329).
|
||||
(it does *not* blindly run all 365).
|
||||
3. **Exploits** in parallel — each agent works in a ReAct loop and must prove its
|
||||
claim with a **tool receipt** (raw output).
|
||||
4. **Validates** every candidate by **cross-model voting** (a different model
|
||||
@@ -98,8 +98,8 @@ Agents **degrade gracefully**: if `rustscan` is absent they use `nmap`; if neith
|
||||
### Verify
|
||||
|
||||
```bash
|
||||
neurosploit --version # neurosploit 3.5.4
|
||||
neurosploit agents # {"vulns":196,...,"chains":12,"total":329}
|
||||
neurosploit --version # neurosploit 3.5.5
|
||||
neurosploit agents # {"vulns":196,...,"chains":12,"total":365}
|
||||
neurosploit models # all providers & models
|
||||
```
|
||||
|
||||
@@ -468,7 +468,7 @@ built from SAST/dataflow), so uncertainty becomes *path reachability*, not state
|
||||
|
||||
## 13. The agent library
|
||||
|
||||
`agents_md/` holds **329** markdown agents in categories:
|
||||
`agents_md/` holds **365** markdown agents in categories:
|
||||
|
||||
| Category | Dir | Count | Purpose |
|
||||
|----------|-----|-------|---------|
|
||||
|
||||
Reference in New Issue
Block a user