mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-06 11:27:52 +02:00
v3.4.x: intelligent agent selection, whitebox, recon/code agents, Gemini, artifacts, RL, XBOW GUI
Harness intelligence: - After recon, the model SELECTS which specialist agents match the target (select_agents) — runs the relevant subset, not blindly top-N - RL reward store (rl.rs): per-agent weights persist to data/rl_state_rs.json, reward validated findings (severity-weighted), decay idle, bias next run - Run artifacts persisted as JSON + MD (recon, exploitation transcript, findings, html report) under runs/<target>-<ts>/ for reuse by other AIs Whitebox mode: - run_whitebox: walks a repo, builds bounded source context, runs code agents, validates by adversarial vote. CLI `whitebox <path>` + web "White-box" mode Agents: +12 recon (subdomain/tech/js/api/secrets/dns/content/param/waf/cloud/ graphql/osint) and +24 code SAST reviewers (sqli/cmdi/path/ssrf/xss/deser/ secrets/crypto/authz/idor/xxe/redirect/ssti/race/eval/csrf/random/logging/ upload/mass-assign/jwt/cors). Loader gains recon/ + code/ categories → 249 total Models: +Google Gemini provider (API + gemini CLI subscription); installed_cli_ backends now detects gemini; chat_cli handles gemini/codex/grok + optional Playwright MCP (.mcp.json) on the subscription path with autonomy flags GUI: full XBOW-style redesign — sidebar (Operate/Library), topbar status, mode segment (black-box/white-box), model panel, live console, severity cards, agent browser with category filters, models view; responsive + aligned Verified: cargo build --release clean; CLI agents/whitebox; LIVE subscription run shows model selecting 23→4 agents, RL update, artifacts written; GUI + white-box toggle in Playwright. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,36 @@
|
||||
# API Surface Discovery Specialist Agent
|
||||
|
||||
## User Prompt
|
||||
You are performing reconnaissance on **{target}** to enumerate REST/GraphQL/gRPC/WebSocket surfaces.
|
||||
|
||||
**Recon Context:**
|
||||
{recon_json}
|
||||
|
||||
**METHODOLOGY:**
|
||||
|
||||
### 1. Find specs
|
||||
- Probe /openapi.json, /swagger, /graphql, /.well-known, /v1 /v2 prefixes
|
||||
|
||||
### 2. Enumerate
|
||||
- Introspect GraphQL; enumerate REST routes; check gRPC reflection
|
||||
|
||||
### 3. Catalog
|
||||
- Record methods, params, auth requirements per endpoint
|
||||
|
||||
### 4. Report Format
|
||||
For each CONFIRMED finding:
|
||||
```
|
||||
FINDING:
|
||||
- Title: API Surface Discovery Specialist at [asset/endpoint]
|
||||
- Severity: Info
|
||||
- CWE: CWE-200
|
||||
- Endpoint: [URL/host]
|
||||
- Vector: [what/where]
|
||||
- Payload: [PoC / vulnerable code snippet]
|
||||
- Evidence: [proof / exact code quoted]
|
||||
- Impact: Undocumented API endpoints widen attack surface
|
||||
- Remediation: Gate non-public APIs; remove exposed schemas
|
||||
```
|
||||
|
||||
## System Prompt
|
||||
You are an API-recon specialist. Report only endpoints you confirmed respond, with method and a sample response signature. No speculation.
|
||||
Reference in New Issue
Block a user