misconfig/CVE/PoC/rate-limit agents, data-safety guardrail, Burp proxy, PoC dir

Agents (+10 → library 375): absurd-misconfig hunters (exposed .git/.env/backups,
debug/actuator, default creds, dir listing, ops dashboards, permissive CORS,
verbose errors), a CVE Hunter (fingerprint → correlate → safe PoC), a PoC
Developer (writes runnable scripts to the run's pocs/), and a Rate-Limit tester.

Doctrine (pipeline):
- SAFETY_DOCTRINE injected into every exploit/chain/host prompt: no modify/delete/
  exfiltrate/state-change without permission; on PII prove with a masked sample +
  count, never dump.
- tool_doctrine adds: smart targeted nuclei (fingerprint-first, -tags/-id, rate/
  timeouts), misconfig hunting, rate-limit control checks, authorized tool
  download (git clone PoC repos / fetch scanners), Burp/ZAP proxy routing, and a
  per-run PoC workspace.

Harness/CLI/REPL:
- RunConfig.proxy; spawn_engagement creates <workdir>/pocs and exports
  NEUROSPLOIT_POCS + NEUROSPLOIT_PROXY (proxy from cfg or the env var).
- REPL /proxy <url> and /burp (Session.proxy); /show shows proxy.

Docs: README highlights + Cloud/counts (375), RELEASE v3.5.5 sections.
This commit is contained in:
CyberSecurityUP
2026-07-01 23:40:47 -03:00
parent 58aa8698cd
commit 5f1573ac7f
18 changed files with 642 additions and 22 deletions
+3 -3
View File
@@ -40,7 +40,7 @@ You give NeuroSploit a **target** (URL, repo, app, or host/IP). It:
1. **Recons** the target with real tools (curl/nmap/…).
2. **Intelligently selects** only the agents whose preconditions match the recon
(it does *not* blindly run all 365).
(it does *not* blindly run all 375).
3. **Exploits** in parallel — each agent works in a ReAct loop and must prove its
claim with a **tool receipt** (raw output).
4. **Validates** every candidate by **cross-model voting** (a different model
@@ -99,7 +99,7 @@ Agents **degrade gracefully**: if `rustscan` is absent they use `nmap`; if neith
```bash
neurosploit --version # neurosploit 3.5.5
neurosploit agents # {"vulns":196,...,"chains":12,"total":365}
neurosploit agents # {"vulns":196,...,"chains":12,"total":375}
neurosploit models # all providers & models
```
@@ -468,7 +468,7 @@ built from SAST/dataflow), so uncertainty becomes *path reachability*, not state
## 13. The agent library
`agents_md/` holds **365** markdown agents in categories:
`agents_md/` holds **375** markdown agents in categories:
| Category | Dir | Count | Purpose |
|----------|-----|-------|---------|