From 39c28b541b64fde37e5738ef9ffb0642adb506b4 Mon Sep 17 00:00:00 2001 From: CyberSecurityUP Date: Mon, 6 Jul 2026 10:52:40 -0300 Subject: [PATCH] decision-driven deep exploitation: DECISION doctrine, multi-role /auth, +6 agents MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - DECISION_DOCTRINE injected into exploit/grey/chain prompts: analyse responses to pick the technique; map & connect routes (endpoint output → next endpoint input); hunt sensitive flows; mine parameters (incl. hidden from JS/source maps) and test per-param; mock realistic (non-PII) data to reach deeper logic; exploit the authenticated surface after login and compare roles; build PoCs when a proof needs an artifact; bypass 401/403/redirect controls. - REPL /auth now supports multiple named identities (/auth admin , /auth user ; bare token → Bearer). With >=2 roles the run gets the access-control directive (IDOR/BOLA/BFLA/privesc, authorized-vs-unauthorized) and tests both. - +6 decision agents (library 389): param_miner, endpoint_flow_linker, authenticated_surface_exploit, clickjacking_poc (HTML PoC), csrf_poc (HTML PoC), access_control_bypass. - Docs: counts 383->389, RELEASE + /auth help updated. --- README.md | 4 +- RELEASE.md | 20 +++ TUTORIAL.md | 6 +- agents_md/vulns/access_control_bypass.md | 36 ++++++ .../vulns/authenticated_surface_exploit.md | 36 ++++++ agents_md/vulns/clickjacking_poc.md | 36 ++++++ agents_md/vulns/csrf_poc.md | 36 ++++++ agents_md/vulns/endpoint_flow_linker.md | 36 ++++++ agents_md/vulns/param_miner.md | 36 ++++++ neurosploit-rs/app/src/repl.rs | 63 ++++++++- neurosploit-rs/crates/harness/src/pipeline.rs | 24 +++- scripts/build_decision_agents_v355.py | 121 ++++++++++++++++++ 12 files changed, 439 insertions(+), 15 deletions(-) create mode 100644 agents_md/vulns/access_control_bypass.md create mode 100644 agents_md/vulns/authenticated_surface_exploit.md create mode 100644 agents_md/vulns/clickjacking_poc.md create mode 100644 agents_md/vulns/csrf_poc.md create mode 100644 agents_md/vulns/endpoint_flow_linker.md create mode 100644 agents_md/vulns/param_miner.md create mode 100644 scripts/build_decision_agents_v355.py diff --git a/README.md b/README.md index 95780be..cb79255 100755 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ - + @@ -44,7 +44,7 @@ LLMs** — via **API key** or local **subscription** (Claude Code / Codex / Gemi Grok) — recons the target, **intelligently selects only the agents that match the discovered surface**, runs them in parallel, **chains** findings into deeper impact, and **validates every claim by cross-model voting + tool-receipt -grounding** before reporting. It ships **383 markdown agents** and a **Mission +grounding** before reporting. It ships **389 markdown agents** and a **Mission Control TUI**. ### Engagement modes diff --git a/RELEASE.md b/RELEASE.md index 95e0b8a..ed1d7e7 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -102,6 +102,26 @@ interactive line-editing. - **Rate-limit testing** is a first-class control check (small non-disruptive burst → look for 429/lockout/Retry-After), never a DoS. +## Decision-driven deep exploitation + +- **DECISION doctrine** injected into every exploit/grey/chain prompt: analyse + responses FIRST and let the evidence pick the technique; **map & connect + routes** (one endpoint's output feeds another's input) and hunt sensitive flows + (auth, reset, payment, upload, admin, export); **mine parameters** + (query/body/header/cookie + hidden ones from JS/source maps) and test the + fitting attack per param; **mock realistic data** to reach deeper logic (never + real PII); **exploit the authenticated surface** after logging in and compare + each role; **build PoCs** when a proof needs an artifact; and **bypass controls** + (verb/path/encoding/header tricks) on anything blocked. +- **Multi-role `/auth`** — set several identities in the REPL: + `/auth admin ` · `/auth user ` (Bearer/cookie/API-key; a bare token + becomes `Authorization: Bearer …`). With ≥2 roles the run gets the access-control + directive (IDOR/BOLA/BFLA/privesc, authorized-vs-unauthorized proof) and tests + both scenarios. (Same as the `creds.yaml` role blocks, now one command away.) +- **+6 decision agents** (library **389**): `param_miner`, `endpoint_flow_linker`, + `authenticated_surface_exploit`, `clickjacking_poc` (writes a framing HTML PoC), + `csrf_poc` (writes an auto-submitting HTML PoC), and `access_control_bypass`. + ## Browser-driven testing & SPA agents (Juice Shop-ready) - **Agents now actively drive the browser while testing.** The tool doctrine was diff --git a/TUTORIAL.md b/TUTORIAL.md index 7d865f7..d1d9432 100644 --- a/TUTORIAL.md +++ b/TUTORIAL.md @@ -40,7 +40,7 @@ You give NeuroSploit a **target** (URL, repo, app, or host/IP). It: 1. **Recons** the target with real tools (curl/nmap/…). 2. **Intelligently selects** only the agents whose preconditions match the recon - (it does *not* blindly run all 383). + (it does *not* blindly run all 389). 3. **Exploits** in parallel — each agent works in a ReAct loop and must prove its claim with a **tool receipt** (raw output). 4. **Validates** every candidate by **cross-model voting** (a different model @@ -99,7 +99,7 @@ Agents **degrade gracefully**: if `rustscan` is absent they use `nmap`; if neith ```bash neurosploit --version # neurosploit 3.5.5 -neurosploit agents # {"vulns":196,...,"chains":12,"total":383} +neurosploit agents # {"vulns":196,...,"chains":12,"total":389} neurosploit models # all providers & models ``` @@ -535,7 +535,7 @@ built from SAST/dataflow), so uncertainty becomes *path reachability*, not state ## 13. The agent library -`agents_md/` holds **383** markdown agents in categories: +`agents_md/` holds **389** markdown agents in categories: | Category | Dir | Count | Purpose | |----------|-----|-------|---------| diff --git a/agents_md/vulns/access_control_bypass.md b/agents_md/vulns/access_control_bypass.md new file mode 100644 index 0000000..17f7cee --- /dev/null +++ b/agents_md/vulns/access_control_bypass.md @@ -0,0 +1,36 @@ +# Access-Control Bypass Agent + +## User Prompt +You are testing **{target}** for bypassing 401/403/redirect and other access controls. + +**Recon Context:** +{recon_json} + +**METHODOLOGY:** + +### 1. Find the block +- Identify endpoints that return 401/403/redirect or are hidden from your role + +### 2. Try bypasses +- Verb tampering (GET↔POST↔PUT, HEAD, OPTIONS), path/case/encoding normalization (`//`, `/.`, `%2e`, trailing dot, `;`), header spoofing (X-Original-URL, X-Rewrite-URL, X-Forwarded-For/Host, Referer), missing-vs-invalid token, and direct object/API access behind the UI + +### 3. Confirm +- Show the two requests (blocked vs bypassed) and the protected data/action reached via the bypass + +### 4. Report Format +For each CONFIRMED finding: +``` +FINDING: +- Title: Access-Control Bypass at [endpoint] +- Severity: High +- CWE: CWE-284 +- Endpoint: [full URL] +- Vector: [what/where] +- Payload: [exact request / PoC file path] +- Evidence: [raw request+response / PoC output proving it] +- Impact: Unauthorized access to protected resources/actions +- Remediation: Consistent server-side authorization independent of method/path formatting/headers; canonicalize before authz +``` + +## System Prompt +You are a specialist in bypassing 401/403/redirect and other access controls. AUTHORIZED engagement. ANALYSE responses first, then act — let the evidence pick the technique. Connect endpoints and reuse any session you obtain. When a proof needs an artifact, WRITE a PoC to the run's $NEUROSPLOIT_POCS dir and run it. Report ONLY what you proved with a real receipt (request+response / PoC output). DATA SAFETY: read-only; never modify/delete/exfiltrate data or change state without permission; mask PII; no destructive/DoS. Credits: Joas A Santos and Red Team Leaders. diff --git a/agents_md/vulns/authenticated_surface_exploit.md b/agents_md/vulns/authenticated_surface_exploit.md new file mode 100644 index 0000000..d2d4909 --- /dev/null +++ b/agents_md/vulns/authenticated_surface_exploit.md @@ -0,0 +1,36 @@ +# Authenticated Surface Exploitation Agent + +## User Prompt +You are testing **{target}** for vulnerabilities reachable only after authentication. + +**Recon Context:** +{recon_json} + +**METHODOLOGY:** + +### 1. Authenticate +- Use the provided creds/roles or perform the login flow; capture and REUSE the session/JWT/cookie + +### 2. Enumerate authed surface +- List endpoints/params only reachable while logged in (account, settings, orders, admin, API); mock realistic data where a valid body is needed to go deeper + +### 3. Exploit & compare roles +- Test those authenticated endpoints for IDOR/injection/mass-assignment/logic; if you have multiple roles (user AND admin), run as each and compare who can reach what + +### 4. Report Format +For each CONFIRMED finding: +``` +FINDING: +- Title: Authenticated Surface Exploitation at [endpoint] +- Severity: High +- CWE: CWE-306 +- Endpoint: [full URL] +- Vector: [what/where] +- Payload: [exact request / PoC file path] +- Evidence: [raw request+response / PoC output proving it] +- Impact: High-impact bugs on the privileged surface +- Remediation: Authorize every authenticated endpoint by the session user/role; least privilege +``` + +## System Prompt +You are a specialist in vulnerabilities reachable only after authentication. AUTHORIZED engagement. ANALYSE responses first, then act — let the evidence pick the technique. Connect endpoints and reuse any session you obtain. When a proof needs an artifact, WRITE a PoC to the run's $NEUROSPLOIT_POCS dir and run it. Report ONLY what you proved with a real receipt (request+response / PoC output). DATA SAFETY: read-only; never modify/delete/exfiltrate data or change state without permission; mask PII; no destructive/DoS. Credits: Joas A Santos and Red Team Leaders. diff --git a/agents_md/vulns/clickjacking_poc.md b/agents_md/vulns/clickjacking_poc.md new file mode 100644 index 0000000..a3e14d3 --- /dev/null +++ b/agents_md/vulns/clickjacking_poc.md @@ -0,0 +1,36 @@ +# Clickjacking PoC Builder Agent + +## User Prompt +You are testing **{target}** for clickjacking / UI redress on state-changing pages. + +**Recon Context:** +{recon_json} + +**METHODOLOGY:** + +### 1. Check framing +- Inspect X-Frame-Options and CSP frame-ancestors on sensitive/state-changing pages; if absent or permissive, the page is framable + +### 2. Build a PoC +- WRITE an HTML PoC to $NEUROSPLOIT_POCS that frames the target page with a decoy overlay (an `