CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-29 23:05:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

v3.5.3 — Integrations (GitHub · GitLab · Jira)

Browse Source 
New harness module `integrations` (+ app commands) wiring NeuroSploit into the
SDLC. Config persists per-project to .neurosploit/integrations.json; secrets are
NEVER stored — only the env-var name is saved, values read from the environment.

GitHub:
- private-repo clone (token injected into the clone URL for whitebox/greybox/tui)
- `neurosploit pr <owner/repo> <n>`: clone the PR head (refs/pull/N/head),
  white-box review, optional `--comment` (PR summary) and `--jira` (cards)
- `neurosploit watch <owner/repo> --branch --interval`: re-review on each new commit
GitLab:
- private-repo clone (oauth2 token) for whitebox/greybox (gitlab.com or self-hosted)
Jira:
- `--jira` on any engagement opens one card per finding (REST /issue, basic auth)

Control:
- `/integrations` (REPL): show · enable/disable · setup jira|gitlab|github
- `neurosploit integrations [show|enable|disable] [github|gitlab|jira]` (CLI)

Docs: README "Integrations" section + new TUTORIAL-INTEGRATION.md (per-tool setup,
scopes, recipes, troubleshooting). Version bumped 3.5.2 → 3.5.3.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
CyberSecurityUP
2026-06-27 01:56:49 -03:00
parent ae5bb247a3
commit 64decada3e
17 changed files with 805 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+43 -8
View File
@@ -1,4 +1,4 @@
<h1 align="center">🧠 NeuroSploit v3.5.2</h1>
<h1 align="center">🧠 NeuroSploit v3.5.3</h1>
<p align="center">
<a href="https://github.com/JoasASantos/NeuroSploit/stargazers"><img src="https://img.shields.io/github/stars/JoasASantos/NeuroSploit?style=for-the-badge&logo=github&color=8b5cf6" alt="Stars"></a>
@@ -8,7 +8,7 @@
</p>
<p align="center">
<img src="https://img.shields.io/badge/Version-3.5.2-blue?style=flat-square">
<img src="https://img.shields.io/badge/Version-3.5.3-blue?style=flat-square">
<img src="https://img.shields.io/badge/Harness-Rust%20%7C%20tokio-e6b673?style=flat-square">
<img src="https://img.shields.io/badge/License-MIT-green?style=flat-square">
<img src="https://img.shields.io/badge/MD%20Agents-329-red?style=flat-square">
@@ -24,12 +24,12 @@
>
> 📖 **New here? Read the [full Tutorial & User Guide →](TUTORIAL.md)** — every mode, flag, config and example explained.
> 🆕 **New in v3.5.2Exploitation Depth & Report Hygiene:** a **DEPTH doctrine**
> makes the engine *use* what it finds (exposed → exploited), **chain** findings
> across modules, decode/fingerprint artifacts → CVEs, and **audit tokens** (JWT
> alg-confusion / weak HS256 secrets). A deterministic post-pass **calibrates
> severity to proven impact** and **consolidates duplicated hygiene** findings.
> See [RELEASE.md](RELEASE.md).
> 🆕 **New in v3.5.3Integrations:** connect **GitHub / GitLab** (clone private
> repos, review a **Pull Request's** code, **watch** a branch and re-review on
> every commit) and **Jira** (open a vulnerability **card per finding**). Toggle
> them with **`/integrations`** in the REPL or `neurosploit integrations`. Full
> setup in **[TUTORIAL-INTEGRATION.md](TUTORIAL-INTEGRATION.md)**.
> *(v3.5.2 added the DEPTH doctrine + report-hygiene pass — see [RELEASE.md](RELEASE.md).)*
---
@@ -149,6 +149,41 @@ No login? Use an **API key** instead — see [Authentication](#authentication--r
---
## 🔌 Integrations (GitHub · GitLab · Jira)
Wire NeuroSploit into your SDLC. Toggle from the REPL (`/integrations`) or the CLI
(`neurosploit integrations enable github|gitlab|jira`). **Tokens are never stored**
— only the *name* of the env var is saved; the value is read from your environment.
```bash
export GITHUB_TOKEN=ghp_... # PAT with `repo` scope (private repos)
neurosploit integrations enable github
# Review a Pull Request's code (clones the PR head, white-box) and comment back:
neurosploit pr digininja/DVWA 42 --subscription --model anthropic:claude-opus-4-8 --comment
# Watch a branch and re-review on every new commit:
neurosploit watch myorg/private-app --branch main --subscription --model anthropic:claude-opus-4-8
# Private GitLab repo (token-injected clone) — works in whitebox/greybox:
export GITLAB_TOKEN=glpat-... ; neurosploit integrations enable gitlab
neurosploit whitebox https://gitlab.com/myorg/private-svc --subscription --model anthropic:claude-opus-4-8
# Open a Jira card per finding (any engagement):
export JIRA_EMAIL=you@org.com JIRA_API_TOKEN=... # set base/project once: /integrations setup jira
neurosploit whitebox https://github.com/myorg/app --jira --subscription --model anthropic:claude-opus-4-8
```
| Integration | What you get | Env vars |
|-------------|--------------|----------|
| **GitHub** | private clone · `pr` review + comment · `watch` branch | `GITHUB_TOKEN` |
| **GitLab** | private clone for whitebox/greybox | `GITLAB_TOKEN` |
| **Jira** | one card per finding (`--jira`) | `JIRA_EMAIL`, `JIRA_API_TOKEN` |
📖 Step-by-step setup for each tool: **[TUTORIAL-INTEGRATION.md](TUTORIAL-INTEGRATION.md)**.
---
## Build
```bash
RELEASE.md
+52
View File
@@ -1,3 +1,55 @@
# NeuroSploit v3.5.3 — Release Notes
**Release Date:** June 2026
**Codename:** Integrations (GitHub · GitLab · Jira)
**License:** MIT
**Credits:** Joas A Santos & Red Team Leaders
---
## TL;DR
v3.5.3 plugs NeuroSploit into your SDLC: review **private** GitHub/GitLab repos
and **Pull Requests**, **watch** a branch and re-review on every commit, and open
a **Jira card per finding** — all toggleable via a new `/integrations` command.
## Highlights
- **GitHub integration**
- **Private repos**: when enabled, `whitebox` / `greybox --repo` / `tui --repo`
inject your `GITHUB_TOKEN` into the clone URL (token never printed/stored).
- **`neurosploit pr <owner/repo> <number>`** — clones the **PR head**
(`refs/pull/N/head`), runs a white-box review, optionally **posts a summary
comment** back on the PR (`--comment`) and/or **opens Jira cards** (`--jira`).
- **`neurosploit watch <owner/repo> --branch <b> --interval <s>`** — polls the
branch and runs a white-box review **each time a new commit lands**.
- **GitLab integration** — private clone (token-injected) for `whitebox`/`greybox`
against `gitlab.com` or a self-hosted base.
- **Jira integration** — `--jira` on any engagement (or `pr`/`watch`) opens **one
card per finding** (summary, severity, CVSS, CWE, location, PoC, evidence,
remediation) in your project via the Jira REST API.
- **`/integrations` (REPL) + `neurosploit integrations` (CLI)** — `show`,
`enable`/`disable <github|gitlab|jira>`, and `setup <jira|gitlab|github>`
(interactive). Config persists to `<project>/.neurosploit/integrations.json`.
**Secrets are never stored** — only the env-var *name* is saved; values come
from the environment at use time.
- New harness module `integrations` + app commands `pr` / `watch` /
`integrations`, plus a `--jira` flag on `run` / `whitebox`.
## Setup
Step-by-step for tokens, scopes and configuration is in
**[TUTORIAL-INTEGRATION.md](TUTORIAL-INTEGRATION.md)** and summarized in the README.
## Notes
- Additive and back-compatible: all existing modes/flags are unchanged; if no
integration is enabled the behavior is identical to v3.5.2.
- Tokens use env vars: `GITHUB_TOKEN`, `GITLAB_TOKEN`, `JIRA_EMAIL` +
`JIRA_API_TOKEN` (names configurable per integration).
---
# NeuroSploit v3.5.2 — Release Notes
**Release Date:** June 2026
TUTORIAL-INTEGRATION.md
+210
View File
@@ -0,0 +1,210 @@
# NeuroSploit — Integrations Setup Guide (v3.5.3)
Connect NeuroSploit to **GitHub**, **GitLab** and **Jira** so it can review private
repositories and Pull Requests, watch branches for new code, and file a Jira
**card per vulnerability**.
> ⚠️ **Authorized testing only.** Use integrations against code/projects you own or
> are explicitly permitted to test.
---
## Table of contents
1. [How it works (config & secrets)](#1-how-it-works)
2. [The `/integrations` command](#2-the-integrations-command)
3. [GitHub](#3-github)
4. [GitLab](#4-gitlab)
5. [Jira](#5-jira)
6. [Recipes](#6-recipes)
7. [Troubleshooting](#7-troubleshooting)
---
## 1. How it works
- Integration config is **per project**, stored at
`<cwd>/.neurosploit/integrations.json`.
- **Secrets are never written to disk.** The config only stores the **name** of
the environment variable that holds each token (e.g. `GITHUB_TOKEN`). The real
value is read from your environment at use time. Keep tokens in your shell /
secret manager, not in the repo.
- Enable/disable per integration; each is independent.
Default env-var names (configurable):
| Integration | Token env var(s) |
|-------------|------------------|
| GitHub | `GITHUB_TOKEN` |
| GitLab | `GITLAB_TOKEN` |
| Jira | `JIRA_EMAIL` + `JIRA_API_TOKEN` |
---
## 2. The `/integrations` command
In the **REPL** (`neurosploit` with no args):
```
/integrations # show status of all three
/integrations enable github # toggle on (also: gitlab | jira)
/integrations disable jira # toggle off
/integrations setup jira # interactive: base URL, project key, issue type
/integrations setup gitlab # set the GitLab base (gitlab.com or self-hosted)
/integrations setup github # set the API base (change only for GitHub Enterprise)
```
From the **CLI**:
```bash
neurosploit integrations # show status
neurosploit integrations enable github # enable / disable <github|gitlab|jira>
```
`show` prints whether each is on and whether the token env var is currently set
(`✓ token` / `⚠ token env not set`).
---
## 3. GitHub
**a. Create a token.** GitHub → *Settings → Developer settings → Personal access
tokens*. A classic PAT with the **`repo`** scope (read access to the private repos
you'll test) is enough. Fine-grained tokens also work (grant *Contents: Read* and,
for PR comments, *Pull requests: Read & write*).
**b. Export it and enable:**
```bash
export GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxx
neurosploit integrations enable github
```
**c. What you can now do:**
- **Clone & review a private repo** (token is injected into the clone URL,
never printed):
```bash
neurosploit whitebox https://github.com/myorg/private-app \
--subscription --model anthropic:claude-opus-4-8 -v
```
- **Review a Pull Request's code** — clones the PR head (`refs/pull/N/head`):
```bash
neurosploit pr myorg/private-app 128 \
--subscription --model anthropic:claude-opus-4-8 --comment
```
- `--comment` posts a Markdown findings summary back on the PR.
- `--jira` also opens a card per finding (needs Jira configured).
- **Watch a branch** and re-review on every new commit:
```bash
neurosploit watch myorg/private-app --branch main --interval 300 \
--subscription --model anthropic:claude-opus-4-8
```
It polls the branch tip via the GitHub API and runs a white-box review whenever
the SHA changes (Ctrl-C to stop).
**GitHub Enterprise:** `/integrations setup github` and set the API base to your
GHE URL (e.g. `https://ghe.mycorp.com/api/v3`).
---
## 4. GitLab
**a. Create a token.** GitLab → *Preferences → Access Tokens* (or a project/group
token) with the **`read_repository`** scope (add `api` if you want more later).
**b. Export it and enable:**
```bash
export GITLAB_TOKEN=glpat-xxxxxxxxxxxxxxxxxxxx
neurosploit integrations enable gitlab
# self-hosted? set the base:
# /integrations setup gitlab → https://gitlab.mycorp.com
```
**c. Review a private GitLab repo** (token-injected clone, works in whitebox &
greybox):
```bash
neurosploit whitebox https://gitlab.com/myorg/private-svc \
--subscription --model anthropic:claude-opus-4-8 -v
```
> To review a specific Merge Request, check out its source branch and point
> `whitebox` at that clone, or pass the MR source branch URL.
---
## 5. Jira
**a. Create an API token.** https://id.atlassian.com/manage-profile/security/api-tokens
→ *Create API token*. Note the email of the Atlassian account that owns it.
**b. Export credentials:**
```bash
export JIRA_EMAIL=you@yourorg.com
export JIRA_API_TOKEN=xxxxxxxxxxxxxxxxxxxx
```
**c. Configure base URL + project (once):**
```
# in the REPL:
/integrations setup jira
Jira base URL (https://your-org.atlassian.net): https://yourorg.atlassian.net
Jira project key (e.g. SEC): SEC
Issue type [Bug]: Bug
```
This enables Jira and saves the base URL / project key / issue type to
`.neurosploit/integrations.json` (no secrets).
**d. Open cards.** Add `--jira` to any engagement (or `pr` / `watch`). One card is
created per **validated** finding, with severity, CVSS, CWE, location, PoC,
evidence and remediation:
```bash
neurosploit whitebox https://github.com/myorg/app --jira \
--subscription --model anthropic:claude-opus-4-8 -v
```
The created issue keys are printed (e.g. `🪪 Jira cards opened: SEC-481, SEC-482`).
> Uses the Jira REST API (`POST /rest/api/2/issue`) with Basic auth
> (`JIRA_EMAIL` : `JIRA_API_TOKEN`). The `issuetype` must exist in your project
> (use `Vulnerability` if your project defines it).
---
## 6. Recipes
**PR gate in CI** (block a PR if Critical/High findings appear):
```bash
export GITHUB_TOKEN=... # CI secret
neurosploit integrations enable github
neurosploit pr "$REPO" "$PR_NUMBER" --model anthropic:claude-opus-4-8 --comment --jira
```
**Nightly drift review** of a private app, filing Jira cards:
```bash
neurosploit integrations enable github
neurosploit integrations enable jira
neurosploit watch myorg/app --branch main --interval 3600 --jira \
--model anthropic:claude-opus-4-8
```
**Local private-repo audit** (no PR), cards to Jira:
```bash
neurosploit whitebox https://github.com/myorg/app --jira \
--subscription --model anthropic:claude-opus-4-8 -v
```
---
## 7. Troubleshooting
- **`⚠ token env not set`** — the integration is enabled but the env var isn't
exported in this shell. Export it (`export GITHUB_TOKEN=...`) and re-run.
- **`git clone failed` on a private repo** — confirm the token scope (`repo` /
`read_repository`) and that the integration is enabled (`neurosploit
integrations`). The token is only injected when the matching integration is on.
- **`jira create failed: 400`** — the `issuetype` name doesn't exist in the
project, or a required field is enforced. Try `Bug`, or set your project's type
via `/integrations setup jira`.
- **`jira ... not set`** — export `JIRA_EMAIL` and `JIRA_API_TOKEN`.
- **GitHub comment fails (403/404)** — the token needs *Pull requests: write*
(fine-grained) or `repo` (classic), and you must have access to the repo.
- **Tokens in CI** — pass them as masked secrets; NeuroSploit never logs or
stores token values.
TUTORIAL.md
+2 -2
View File
@@ -1,4 +1,4 @@
# NeuroSploit — Tutorial & User Guide (v3.5.2)
# NeuroSploit — Tutorial & User Guide (v3.5.3)
A complete, hands-on guide to installing, configuring and running NeuroSploit —
the autonomous, multi-model penetration-testing harness.
@@ -98,7 +98,7 @@ Agents **degrade gracefully**: if `rustscan` is absent they use `nmap`; if neith
### Verify
```bash
neurosploit --version # neurosploit 3.5.2
neurosploit --version # neurosploit 3.5.3
neurosploit agents # {"vulns":196,...,"chains":12,"total":329}
neurosploit models # all providers & models
```
install.ps1
+1 -1
View File
@@ -11,7 +11,7 @@ function Ok ($m) { Write-Host " + $m" -ForegroundColor Green }
function Warn($m){ Write-Host " ! $m" -ForegroundColor Yellow }
Write-Host ""
Write-Host " NeuroSploit installer (Windows) — v3.5.2" -ForegroundColor Cyan
Write-Host " NeuroSploit installer (Windows) — v3.5.3" -ForegroundColor Cyan
$arch = $env:PROCESSOR_ARCHITECTURE
Say "Platform: Windows / $arch"
neurosploit-rs/Cargo.lock
Generated
+2 -2
View File
@@ -871,7 +871,7 @@ dependencies = [
[[package]]
name = "neurosploit"
version = "3.5.2"
version = "3.5.3"
dependencies = [
"anyhow",
"clap",
@@ -888,7 +888,7 @@ dependencies = [
[[package]]
name = "neurosploit-harness"
version = "3.5.2"
version = "3.5.3"
dependencies = [
"anyhow",
"futures",
neurosploit-rs/Cargo.toml
+1 -1
View File
@@ -3,7 +3,7 @@ members = ["crates/harness", "app"]
resolver = "2"
[workspace.package]
version = "3.5.2"
version = "3.5.3"
edition = "2021"
license = "MIT"
repository = "https://github.com/JoasASantos/NeuroSploit"
neurosploit-rs/app/src/main.rs
+220 -8
View File
@@ -1,4 +1,4 @@
//! NeuroSploit v3.5.2 — interactive harness + CLI (`run` / `whitebox` / `agents` / `models`).
//! NeuroSploit v3.5.3 — interactive harness + CLI (`run` / `whitebox` / `agents` / `models`).
mod repl;
mod tui;
@@ -11,8 +11,8 @@ use std::path::{Path, PathBuf};
#[command(
name = "neurosploit",
version,
about = "NeuroSploit v3.5.2 — multi-model autonomous pentest harness",
long_about = "NeuroSploit v3.5.2 — a Rust multi-model harness that drives a pool of LLMs \
about = "NeuroSploit v3.5.3 — multi-model autonomous pentest harness",
long_about = "NeuroSploit v3.5.3 — a Rust multi-model harness that drives a pool of LLMs \
(API key or local subscription: Claude/Codex/Gemini/Grok) to autonomously test a target. \
After recon it INTELLIGENTLY selects only the agents matching the discovered surface, runs \
them in parallel, then validates every finding by cross-model voting before reporting.\n\n\
@@ -61,6 +61,9 @@ enum Cmd {
/// Free-text focus, e.g. "injection and broken access control".
#[arg(long)]
focus: Option<String>,
/// Open a Jira card per finding (needs the jira integration enabled).
#[arg(long)]
jira: bool,
/// Verbose: log each agent as it launches, recon, and votes.
#[arg(short, long)]
verbose: bool,
@@ -80,6 +83,9 @@ enum Cmd {
offline: bool,
#[arg(long)]
subscription: bool,
/// Open a Jira card per finding (needs the jira integration enabled).
#[arg(long)]
jira: bool,
#[arg(short, long)]
verbose: bool,
},
@@ -155,6 +161,52 @@ enum Cmd {
#[arg(short, long)]
verbose: bool,
},
/// Review a GitHub Pull Request's code (clones the PR head, white-box).
/// Optionally comments back on the PR and/or opens Jira cards per finding.
Pr {
/// `owner/repo` or a GitHub URL.
repo: String,
/// Pull request number.
number: u64,
#[arg(long = "model")]
models: Vec<String>,
#[arg(long, default_value_t = 2)]
vote_n: usize,
#[arg(long)]
subscription: bool,
/// Post a summary comment back on the PR (needs github integration on).
#[arg(long)]
comment: bool,
/// Open a Jira card per finding (needs jira integration on).
#[arg(long)]
jira: bool,
#[arg(short, long)]
verbose: bool,
},
/// Watch a GitHub repo branch; white-box review each time a new commit lands.
Watch {
/// `owner/repo` or a GitHub URL.
repo: String,
#[arg(long, default_value = "main")]
branch: String,
/// Poll interval in seconds.
#[arg(long, default_value_t = 300)]
interval: u64,
#[arg(long = "model")]
models: Vec<String>,
#[arg(long)]
subscription: bool,
#[arg(long)]
jira: bool,
#[arg(short, long)]
verbose: bool,
},
/// Manage integrations: `integrations [show|enable|disable] [github|gitlab|jira]`.
Integrations {
#[arg(default_value = "show")]
action: String,
name: Option<String>,
},
/// Show agent library counts.
Agents,
/// List providers and models.
@@ -215,7 +267,7 @@ async fn main() -> anyhow::Result<()> {
}
}
}
Cmd::Run { url, models, max_agents, vote_n, offline, subscription, mcp, creds, focus, verbose } => {
Cmd::Run { url, models, max_agents, vote_n, offline, subscription, mcp, creds, focus, jira, verbose } => {
let url = if url.starts_with("http") { url } else { format!("https://{url}") };
let mut cfg = RunConfig::new(&url);
cfg.max_agents = max_agents;
@@ -230,8 +282,10 @@ async fn main() -> anyhow::Result<()> {
apply_creds(&mut cfg, creds.as_deref()).await;
let out = run_engagement(&base, cfg, mcp, false).await?;
print_findings(&out);
let ig = harness::integrations::Integrations::load(&repl::proj_dir());
post_integrations(&ig, &url, &out, jira, false, None).await;
}
Cmd::Whitebox { path, models, max_agents, vote_n, offline, subscription, verbose } => {
Cmd::Whitebox { path, models, max_agents, vote_n, offline, subscription, jira, verbose } => {
let path = resolve_source(&base, &path)?; // local path OR github URL/owner/repo
let mut cfg = RunConfig::new(&path);
cfg.max_agents = max_agents;
@@ -244,6 +298,8 @@ async fn main() -> anyhow::Result<()> {
}
let out = run_engagement(&base, cfg, false, true).await?;
print_findings(&out);
let ig = harness::integrations::Integrations::load(&repl::proj_dir());
post_integrations(&ig, &path, &out, jira, false, None).await;
}
Cmd::Greybox { repo, url, models, creds, focus, max_agents, vote_n, offline, subscription, mcp, verbose } => {
let repo = resolve_source(&base, &repo)?; // local path OR github URL/owner/repo
@@ -294,6 +350,76 @@ async fn main() -> anyhow::Result<()> {
let out = run_mode(&base, cfg, false, Mode::Host).await?;
print_findings(&out);
}
Cmd::Pr { repo, number, models, vote_n, subscription, comment, jira, verbose } => {
let ig = harness::integrations::Integrations::load(&repl::proj_dir());
let owner_repo = normalize_repo(&repo);
let path = clone_pr(&base, &ig, &owner_repo, number)?;
println!(" 🔍 white-box review of {owner_repo} PR #{number}");
let mut cfg = RunConfig::new(&path);
cfg.vote_n = vote_n;
cfg.subscription = subscription;
cfg.verbose = verbose;
cfg.instructions = Some(format!("This is the code of pull request #{number} of {owner_repo}. Focus on vulnerabilities introduced or touched by this change."));
if !models.is_empty() { cfg.models = models; }
let out = run_engagement(&base, cfg, false, true).await?;
print_findings(&out);
post_integrations(&ig, &format!("{owner_repo}#{number}"), &out, jira, comment, Some((&owner_repo, number))).await;
}
Cmd::Watch { repo, branch, interval, models, subscription, jira, verbose } => {
let ig = harness::integrations::Integrations::load(&repl::proj_dir());
let owner_repo = normalize_repo(&repo);
println!(" 👀 watching {owner_repo}@{branch} every {interval}s — Ctrl-C to stop");
let mut last = String::new();
loop {
match ig.github_latest_sha(&owner_repo, &branch).await {
Ok(sha) if sha != last => {
let short = &sha[..7.min(sha.len())];
println!("\n 🔔 {} commit {short} on {owner_repo}@{branch} — reviewing",
if last.is_empty() { "current" } else { "new" });
// fresh clone of the branch tip
let dest = base.join("repos").join(sanitize(&format!("{owner_repo}-{branch}")));
std::fs::remove_dir_all(&dest).ok();
let url = ig.authed_clone_url(&format!("https://github.com/{owner_repo}"));
if run_git(&["clone", "--depth", "1", "--branch", &branch, &url, &dest.display().to_string()]).is_ok() {
let mut cfg = RunConfig::new(&dest.display().to_string());
cfg.subscription = subscription;
cfg.verbose = verbose;
if !models.is_empty() { cfg.models = models.clone(); }
if let Ok(out) = run_engagement(&base, cfg, false, true).await {
print_findings(&out);
post_integrations(&ig, &format!("{owner_repo}@{short}"), &out, jira, false, None).await;
}
}
last = sha;
}
Ok(_) => {}
Err(e) => eprintln!(" watch: {e}"),
}
tokio::time::sleep(std::time::Duration::from_secs(interval.max(15))).await;
}
}
Cmd::Integrations { action, name } => {
let dir = repl::proj_dir();
let mut ig = harness::integrations::Integrations::load(&dir);
match action.as_str() {
"enable" | "disable" => {
let on = action == "enable";
match name.as_deref() {
Some("github") => ig.github.enabled = on,
Some("gitlab") => ig.gitlab.enabled = on,
Some("jira") => ig.jira.enabled = on,
_ => { eprintln!(" usage: integrations {action} <github|gitlab|jira>"); return Ok(()); }
}
ig.save(&dir)?;
println!(" {} {}", name.unwrap_or_default(), if on { "enabled ✓" } else { "disabled" });
}
_ => {
println!(" integrations · {}", dir.display());
for l in ig.status_lines() { println!(" {l}"); }
println!(" toggle: `neurosploit integrations enable github|gitlab|jira` · full setup in the REPL: /integrations");
}
}
}
}
Ok(())
}
@@ -384,7 +510,7 @@ pub(crate) fn spawn_engagement(base: &Path, mut cfg: RunConfig, mcp: bool, mode:
cfg.rl_path = Some(base.join("data").join("rl_state_rs.json").display().to_string());
write_status(&workdir, "running", &format!("\"target\":{:?}", cfg.target));
println!(" ┌─ NeuroSploit v3.5.2 · by Joas A Santos & Red Team Leaders");
println!(" ┌─ NeuroSploit v3.5.3 · by Joas A Santos & Red Team Leaders");
println!(" │ run id : {run_id}");
println!(" │ target : {}", cfg.target);
println!(" │ models : {}", cfg.models.join(", "));
@@ -564,9 +690,14 @@ pub(crate) fn resolve_source(base: &Path, arg: &str) -> anyhow::Result<String> {
println!(" [*] repo cache hit → {} (delete it to re-clone)", dest.display());
return Ok(dest.display().to_string());
}
println!(" [*] cloning {url}{}", dest.display());
// If a GitHub/GitLab integration is enabled, inject its token so PRIVATE
// repos clone without an interactive prompt (token never printed).
let ig = harness::integrations::Integrations::load(&repl::proj_dir());
let clone_url = ig.authed_clone_url(&url);
let private = clone_url != url;
println!(" [*] cloning {url}{}{}", if private { " (private, via token)" } else { "" }, dest.display());
let status = std::process::Command::new("git")
.args(["clone", "--depth", "1", &url, &dest.display().to_string()])
.args(["clone", "--depth", "1", &clone_url, &dest.display().to_string()])
.status()
.map_err(|e| anyhow::anyhow!("could not start `git clone` (is git installed?): {e}"))?;
if !status.success() {
@@ -576,6 +707,87 @@ pub(crate) fn resolve_source(base: &Path, arg: &str) -> anyhow::Result<String> {
Ok(dest.display().to_string())
}
/// Normalize a GitHub repo reference to `owner/name`.
fn normalize_repo(s: &str) -> String {
s.trim()
.trim_end_matches('/')
.trim_end_matches(".git")
.replace("https://github.com/", "")
.replace("http://github.com/", "")
.replace("git@github.com:", "")
}
/// Run a git command, returning Ok(()) on success.
fn run_git(args: &[&str]) -> anyhow::Result<()> {
let status = std::process::Command::new("git").args(args).status()
.map_err(|e| anyhow::anyhow!("could not run git (is it installed?): {e}"))?;
if !status.success() { anyhow::bail!("git {:?} failed", args.first().unwrap_or(&"")); }
Ok(())
}
/// Clone a repo and check out a Pull Request's HEAD (`refs/pull/N/head`).
fn clone_pr(base: &Path, ig: &harness::integrations::Integrations, owner_repo: &str, number: u64) -> anyhow::Result<String> {
let dest = base.join("repos").join(sanitize(&format!("{owner_repo}-pr{number}")));
std::fs::create_dir_all(base.join("repos")).ok();
std::fs::remove_dir_all(&dest).ok(); // always fresh — PR code changes
let url = ig.authed_clone_url(&format!("https://github.com/{owner_repo}"));
let private = url.contains('@');
println!(" [*] cloning {owner_repo}{} + PR #{number} head → {}", if private { " (private)" } else { "" }, dest.display());
let d = dest.display().to_string();
run_git(&["clone", "--depth", "1", &url, &d])?;
run_git(&["-C", &d, "fetch", "--depth", "1", "origin", &format!("pull/{number}/head:pr-{number}")])?;
run_git(&["-C", &d, "checkout", &format!("pr-{number}")])?;
Ok(d)
}
/// After a run, optionally open Jira cards and/or comment on a GitHub PR.
async fn post_integrations(
ig: &harness::integrations::Integrations,
target: &str,
out: &RunOutput,
jira: bool,
comment: bool,
gh_pr: Option<(&str, u64)>,
) {
if jira && ig.jira.enabled && !out.findings.is_empty() {
let (keys, errs) = ig.jira_cards_for(target, &out.findings).await;
if !keys.is_empty() { println!(" 🪪 Jira cards opened: {}", keys.join(", ")); }
for e in errs { eprintln!(" jira: {e}"); }
}
if comment && ig.github.enabled {
if let Some((repo, number)) = gh_pr {
match ig.github_comment(repo, number, &pr_comment_body(out)).await {
Ok(()) => println!(" 💬 commented results on {repo}#{number}"),
Err(e) => eprintln!(" github comment: {e}"),
}
}
}
}
/// Markdown summary of a run, for a PR comment.
fn pr_comment_body(out: &RunOutput) -> String {
let mut by = std::collections::BTreeMap::new();
for f in &out.findings { *by.entry(f.severity.as_str()).or_insert(0) += 1; }
let chips: Vec<String> = by.iter().map(|(k, v)| format!("{k}: {v}")).collect();
let mut s = format!(
"### 🧠 NeuroSploit white-box review\n\n**{} validated finding(s)** — {}\n\n",
out.findings.len(),
if chips.is_empty() { "none".into() } else { chips.join(" · ") }
);
if out.findings.is_empty() {
s.push_str("_No vulnerabilities confirmed in the reviewed code._\n");
} else {
s.push_str("| Severity | Finding | CWE | Location |\n|---|---|---|---|\n");
for f in &out.findings {
s.push_str(&format!("| {} | {} | {} | {} |\n",
f.severity, f.title.replace('|', "\\|"), f.cwe,
f.endpoint.replace('|', "\\|")));
}
s.push_str("\n_Findings validated by multi-model voting. Authorized testing only._\n");
}
s
}
/// Blocking yes/no prompt (default yes). Used after a graceful Ctrl-C.
fn ask_yes_no(q: &str) -> bool {
use std::io::Write;
neurosploit-rs/app/src/repl.rs
+65 -3
View File
@@ -1,4 +1,4 @@
//! NeuroSploit v3.5.2 — interactive session (Claude-Code / Codex / Cursor-CLI style).
//! NeuroSploit v3.5.3 — interactive session (Claude-Code / Codex / Cursor-CLI style).
//!
//! Launched when `neurosploit` runs with no subcommand. A persistent REPL with
//! real line editing (arrow-key history recall, Ctrl-A/E/K, paste), model
@@ -120,7 +120,7 @@ const COMMANDS: &[&str] = &[
"/help", "/show", "/config", "/providers", "/model", "/key", "/sub", "/target",
"/repo", "/auth", "/creds", "/focus", "/attach", "/context", "/mcp", "/offline",
"/votes", "/agents", "/theme", "/clear", "/run", "/stop", "/continue", "/runs", "/results", "/report",
"/status", "/diff", "/retest", "/quit",
"/status", "/diff", "/retest", "/integrations", "/quit",
];
/// rustyline helper: Tab-completes `/commands` and `@filesystem-paths`,
@@ -299,7 +299,7 @@ pub async fn repl(base: &Path) -> anyhow::Result<()> {
let backends = harness::installed_cli_backends();
println!("\x1b[1m");
println!(" ███╗ ██╗███████╗██╗ ██╗██████╗ ██████╗");
println!(" ████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit v3.5.2");
println!(" ████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit v3.5.3");
println!(" ██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ interactive harness");
println!(" ██║╚██╗██║██╔══╝ ██║ ██║██╔══██╗██║ ██║ by Joas A Santos");
println!(" ██║ ╚████║███████╗╚██████╔╝██║ ██║╚██████╔╝ & Red Team Leaders");
@@ -430,6 +430,7 @@ pub async fn repl(base: &Path) -> anyhow::Result<()> {
}
"/mcp" => { s.mcp = !matches!(arg, "off" | "false" | "0" | "no"); println!(" Playwright MCP: {}", onoff(s.mcp)); }
"/offline" => { s.offline = !matches!(arg, "off" | "false" | "0" | "no"); println!(" offline: {}", onoff(s.offline)); }
"/integrations" | "/integration" => integrations_cmd(arg),
"/votes" => { s.vote_n = arg.parse().unwrap_or(s.vote_n); println!(" votes: {}", s.vote_n); }
"/agents" => { s.max_agents = arg.parse().unwrap_or(s.max_agents); println!(" max agents: {}", s.max_agents); }
"/clear" => { print!("\x1b[2J\x1b[H"); }
@@ -939,6 +940,64 @@ fn sev_rank(s: &str) -> u8 {
}
/// Read one line synchronously (for the /stop choice prompt).
/// `/integrations` — show / enable / disable / setup GitHub, GitLab, Jira.
fn integrations_cmd(arg: &str) {
let dir = proj_dir();
let mut ig = harness::integrations::Integrations::load(&dir);
let mut parts = arg.splitn(2, char::is_whitespace);
let sub = parts.next().unwrap_or("").trim();
let name = parts.next().unwrap_or("").trim();
match sub {
"" | "show" | "status" => {
println!(" \x1b[1mintegrations\x1b[0m · {}", dir.display());
for l in ig.status_lines() { println!(" {l}"); }
println!(" \x1b[2m/integrations enable|disable <github|gitlab|jira> · /integrations setup <jira|gitlab|github>\x1b[0m");
println!(" \x1b[2mtokens come from env vars (never stored): GITHUB_TOKEN · GITLAB_TOKEN · JIRA_EMAIL + JIRA_API_TOKEN\x1b[0m");
}
"enable" | "disable" => {
let on = sub == "enable";
match name {
"github" => ig.github.enabled = on,
"gitlab" => ig.gitlab.enabled = on,
"jira" => ig.jira.enabled = on,
_ => { println!(" usage: /integrations {sub} <github|gitlab|jira>"); return; }
}
let _ = ig.save(&dir);
println!(" {name} {}", if on { "enabled ✓" } else { "disabled" });
}
"setup" => match name {
"jira" => {
let base = ask_line(" Jira base URL (https://your-org.atlassian.net):");
if !base.trim().is_empty() { ig.jira.base_url = base.trim().trim_end_matches('/').to_string(); }
let proj = ask_line(" Jira project key (e.g. SEC):");
if !proj.trim().is_empty() { ig.jira.project_key = proj.trim().to_string(); }
let it = ask_line(" Issue type [Bug]:");
if !it.trim().is_empty() { ig.jira.issue_type = it.trim().to_string(); }
ig.jira.enabled = true;
let _ = ig.save(&dir);
println!(" ✓ jira configured (project {}, {}). Now export {} and {} in your shell.",
ig.jira.project_key, ig.jira.base_url, ig.jira.email_env, ig.jira.token_env);
}
"gitlab" => {
let b = ask_line(" GitLab base [https://gitlab.com]:");
if !b.trim().is_empty() { ig.gitlab.base = b.trim().trim_end_matches('/').to_string(); }
ig.gitlab.enabled = true;
let _ = ig.save(&dir);
println!(" ✓ gitlab enabled (base {}). Export {} (PAT with read_repository).", ig.gitlab.base, ig.gitlab.token_env);
}
"github" => {
let a = ask_line(" GitHub API base [https://api.github.com] (change for GHE):");
if !a.trim().is_empty() { ig.github.api = a.trim().trim_end_matches('/').to_string(); }
ig.github.enabled = true;
let _ = ig.save(&dir);
println!(" ✓ github enabled (api {}). Export {} (PAT with repo scope).", ig.github.api, ig.github.token_env);
}
_ => println!(" usage: /integrations setup <jira|gitlab|github>"),
},
_ => println!(" usage: /integrations [show | enable <name> | disable <name> | setup <name>]"),
}
}
fn ask_line(prompt: &str) -> String {
use std::io::Write;
print!("{prompt} ");
@@ -1047,6 +1106,9 @@ fn help() {
h("/runs", "list runs · /results [n] · /report [n]");
h("/diff /retest [n]", "what changed vs last run · re-verify a past run");
println!("\n \x1b[2mINTEGRATIONS\x1b[0m");
h("/integrations", "show · enable/disable github|gitlab|jira · setup <name>");
println!("\n \x1b[2mOPTIONS\x1b[0m");
h("/mcp on|off", "Playwright MCP browser /offline on|off self-test");
h("/votes <n>", "validator votes /agents <n> cap agents");
neurosploit-rs/app/src/tui.rs
+1 -1
View File
@@ -1,4 +1,4 @@
//! NeuroSploit v3.5.2 — TUI "Mission Control" mode.
//! NeuroSploit v3.5.3 — TUI "Mission Control" mode.
//!
//! Concurrent panels that update live while the engagement runs in the
//! background, with a composer input that stays active during execution:
neurosploit-rs/crates/harness/src/belief.rs
+1 -1
View File
@@ -1,4 +1,4 @@
//! POMDP belief-state world model (v3.5.2).
//! POMDP belief-state world model (v3.5.3).
//!
//! The target is only partially observable, so we don't track booleans — we
//! track a **belief**: a property graph whose nodes (host / service / vuln /
neurosploit-rs/crates/harness/src/grounding.rs
+1 -1
View File
@@ -1,4 +1,4 @@
//! Verification / grounding engine (v3.5.2).
//! Verification / grounding engine (v3.5.3).
//!
//! Hard rule: **no claim enters the world model without a tool receipt** — raw
//! tool output, not the LLM's paraphrase. This is the empirical anti-hallucination
neurosploit-rs/crates/harness/src/integrations.rs
+199
View File
@@ -0,0 +1,199 @@
//! External integrations (v3.5.3): GitHub / GitLab (private repos, PR/MR code
//! review, commit watching) and Jira (open one vulnerability card per finding).
//!
//! Config persists to `<project>/.neurosploit/integrations.json`. **Secrets are
//! never stored** — only the *name* of the env var holding each token is saved;
//! the value is read from the environment at use time.
use crate::types::Finding;
use anyhow::{anyhow, Result};
use serde::{Deserialize, Serialize};
use std::path::Path;
#[derive(Serialize, Deserialize, Clone)]
pub struct GithubCfg {
pub enabled: bool,
pub token_env: String, // e.g. GITHUB_TOKEN (a PAT with `repo` scope for private repos)
pub api: String, // https://api.github.com (or GHE base)
}
impl Default for GithubCfg {
fn default() -> Self { Self { enabled: false, token_env: "GITHUB_TOKEN".into(), api: "https://api.github.com".into() } }
}
#[derive(Serialize, Deserialize, Clone)]
pub struct GitlabCfg {
pub enabled: bool,
pub token_env: String, // GITLAB_TOKEN
pub base: String, // https://gitlab.com (or self-hosted)
}
impl Default for GitlabCfg {
fn default() -> Self { Self { enabled: false, token_env: "GITLAB_TOKEN".into(), base: "https://gitlab.com".into() } }
}
#[derive(Serialize, Deserialize, Clone)]
pub struct JiraCfg {
pub enabled: bool,
pub base_url: String, // https://your-org.atlassian.net
pub email_env: String, // JIRA_EMAIL
pub token_env: String, // JIRA_API_TOKEN
pub project_key: String,
pub issue_type: String, // Bug / Vulnerability / Task
}
impl Default for JiraCfg {
fn default() -> Self {
Self { enabled: false, base_url: String::new(), email_env: "JIRA_EMAIL".into(),
token_env: "JIRA_API_TOKEN".into(), project_key: String::new(), issue_type: "Bug".into() }
}
}
#[derive(Serialize, Deserialize, Clone, Default)]
pub struct Integrations {
pub github: GithubCfg,
pub gitlab: GitlabCfg,
pub jira: JiraCfg,
}
fn env(name: &str) -> Option<String> {
std::env::var(name).ok().filter(|v| !v.trim().is_empty())
}
fn client() -> reqwest::Client {
reqwest::Client::builder()
.timeout(std::time::Duration::from_secs(30))
.build()
.unwrap_or_default()
}
impl Integrations {
pub fn path(dir: &Path) -> std::path::PathBuf { dir.join("integrations.json") }
pub fn load(dir: &Path) -> Self {
std::fs::read_to_string(Self::path(dir))
.ok()
.and_then(|t| serde_json::from_str(&t).ok())
.unwrap_or_default()
}
pub fn save(&self, dir: &Path) -> Result<()> {
std::fs::create_dir_all(dir).ok();
std::fs::write(Self::path(dir), serde_json::to_string_pretty(self)?)?;
Ok(())
}
pub fn github_token(&self) -> Option<String> { env(&self.github.token_env) }
pub fn gitlab_token(&self) -> Option<String> { env(&self.gitlab.token_env) }
/// Inject a token into an https git URL so private repos can be cloned.
/// No-op if the matching integration is off, the token env is unset, or the
/// URL doesn't match the configured host.
pub fn authed_clone_url(&self, url: &str) -> String {
if self.github.enabled {
if let Some(rest) = url.strip_prefix("https://github.com/") {
if let Some(tok) = self.github_token() {
return format!("https://x-access-token:{tok}@github.com/{rest}");
}
}
}
if self.gitlab.enabled {
let host = self.gitlab.base.trim_start_matches("https://").trim_start_matches("http://").trim_end_matches('/');
let prefix = format!("https://{host}/");
if let Some(rest) = url.strip_prefix(&prefix) {
if let Some(tok) = self.gitlab_token() {
return format!("https://oauth2:{tok}@{host}/{rest}");
}
}
}
url.to_string()
}
/// Post a comment on a GitHub PR/issue (`repo` = `owner/name`).
pub async fn github_comment(&self, repo: &str, number: u64, body: &str) -> Result<()> {
let tok = self.github_token().ok_or_else(|| anyhow!("{} not set", self.github.token_env))?;
let url = format!("{}/repos/{}/issues/{}/comments", self.github.api.trim_end_matches('/'), repo, number);
let resp = client().post(&url)
.header("User-Agent", "NeuroSploit")
.header("Accept", "application/vnd.github+json")
.bearer_auth(tok)
.json(&serde_json::json!({ "body": body }))
.send().await?;
if !resp.status().is_success() {
return Err(anyhow!("github comment failed: {} {}", resp.status(), resp.text().await.unwrap_or_default()));
}
Ok(())
}
/// Latest commit SHA of a branch via the GitHub API (for `watch`).
pub async fn github_latest_sha(&self, repo: &str, branch: &str) -> Result<String> {
let url = format!("{}/repos/{}/commits/{}", self.github.api.trim_end_matches('/'), repo, branch);
let mut req = client().get(&url)
.header("User-Agent", "NeuroSploit")
.header("Accept", "application/vnd.github+json");
if let Some(t) = self.github_token() { req = req.bearer_auth(t); }
let resp = req.send().await?;
if !resp.status().is_success() {
return Err(anyhow!("github commits API {}: {}", resp.status(), resp.text().await.unwrap_or_default()));
}
let v: serde_json::Value = resp.json().await?;
v["sha"].as_str().map(|s| s.to_string()).ok_or_else(|| anyhow!("no sha in response"))
}
/// Create one Jira issue. Returns the issue key (e.g. SEC-123).
pub async fn jira_card(&self, summary: &str, description: &str) -> Result<String> {
let email = env(&self.jira.email_env).ok_or_else(|| anyhow!("{} not set", self.jira.email_env))?;
let token = env(&self.jira.token_env).ok_or_else(|| anyhow!("{} not set", self.jira.token_env))?;
if self.jira.base_url.is_empty() || self.jira.project_key.is_empty() {
return Err(anyhow!("jira base_url/project_key not configured (run /integrations setup jira)"));
}
let url = format!("{}/rest/api/2/issue", self.jira.base_url.trim_end_matches('/'));
let payload = serde_json::json!({
"fields": {
"project": { "key": self.jira.project_key },
"summary": summary,
"description": description,
"issuetype": { "name": self.jira.issue_type },
}
});
let resp = client().post(&url)
.basic_auth(email, Some(token))
.header("Accept", "application/json")
.json(&payload)
.send().await?;
let status = resp.status();
let text = resp.text().await.unwrap_or_default();
if !status.is_success() {
return Err(anyhow!("jira create failed: {} {}", status, text));
}
let v: serde_json::Value = serde_json::from_str(&text)?;
Ok(v["key"].as_str().unwrap_or("?").to_string())
}
/// Open one Jira card per finding. Returns (created keys, errors).
pub async fn jira_cards_for(&self, target: &str, findings: &[Finding]) -> (Vec<String>, Vec<String>) {
let (mut keys, mut errs) = (Vec::new(), Vec::new());
for f in findings {
let summary = format!("[{}] {}{}", f.severity, f.title, target);
let description = format!(
"*Target:* {target}\n*Severity:* {} | *CVSS:* {} | *CWE:* {}\n*Location:* {}\n\n*Impact:*\n{}\n\n*PoC / payload:*\n{{code}}{}{{code}}\n\n*Evidence:*\n{{code}}{}{{code}}\n\n*Remediation:*\n{}\n\n_Filed automatically by NeuroSploit._",
f.severity, f.cvss, f.cwe, f.endpoint, f.impact, f.payload, f.evidence, f.remediation
);
match self.jira_card(&summary, &description).await {
Ok(k) => keys.push(k),
Err(e) => errs.push(format!("{}: {e}", f.title)),
}
}
(keys, errs)
}
/// Human-readable status (for `/integrations` and the CLI).
pub fn status_lines(&self) -> Vec<String> {
let badge = |on: bool, tok: bool| if !on { "off".to_string() }
else if tok { "on ✓ token".to_string() } else { "on ⚠ token env not set".to_string() };
vec![
format!("github : {:<18} (clone private repos · PR review · watch) env={}", badge(self.github.enabled, self.github_token().is_some()), self.github.token_env),
format!("gitlab : {:<18} (clone private repos · MR review) env={}", badge(self.gitlab.enabled, self.gitlab_token().is_some()), self.gitlab.token_env),
format!("jira : {:<18} (open a card per finding) project={} base={}",
badge(self.jira.enabled, env(&self.jira.token_env).is_some()),
if self.jira.project_key.is_empty() { "-" } else { &self.jira.project_key },
if self.jira.base_url.is_empty() { "-" } else { &self.jira.base_url }),
]
}
}
neurosploit-rs/crates/harness/src/lib.rs
+2 -1
View File
@@ -1,4 +1,4 @@
//! NeuroSploit v3.5.2 harness — a robust multi-model runtime for the
//! NeuroSploit v3.5.3 harness — a robust multi-model runtime for the
//! markdown-driven autonomous pentest engine.
//!
//! The harness loads the `agents_md/` library, drives a *pool* of LLM models
@@ -12,6 +12,7 @@ pub mod belief;
pub mod creds;
pub mod grounding;
pub mod hygiene;
pub mod integrations;
pub mod pomdp;
pub mod models;
pub mod pipeline;
neurosploit-rs/crates/harness/src/pomdp.rs
+1 -1
View File
@@ -1,4 +1,4 @@
//! POMDP decision layer (v3.5.2): value-of-information planning + the
//! POMDP decision layer (v3.5.3): value-of-information planning + the
//! anti-hallucination gate.
//!
//! The choice "scan more vs exploit now" is **not** a heuristic here — it falls
neurosploit-rs/crates/harness/src/report.rs
+3 -3
View File
@@ -97,9 +97,9 @@ pub fn html(target: &str, findings: &[Finding]) -> String {
h4{{margin:12px 0 3px;font-size:12px;text-transform:uppercase;letter-spacing:.5px;color:#8b5cf6}}\
.b{{color:#8b5cf6;font-weight:800}}</style></head><body>\
<h1><span class=b>NeuroSploit</span> Penetration Test Report</h1>\
<div class=meta>Target: <b>{t}</b> · v3.5.2 Rust harness · multi-model validated</div>\
<div class=meta>Target: <b>{t}</b> · v3.5.3 Rust harness · multi-model validated</div>\
<div>{chips}</div>{graph_block}<h2>Findings ({n})</h2>{body}\
<p class=meta>Authorized testing only. Findings confirmed by multi-model adversarial voting.<br>NeuroSploit v3.5.2 · by <b>Joas A Santos</b> &amp; <b>Red Team Leaders</b></p></body></html>",
<p class=meta>Authorized testing only. Findings confirmed by multi-model adversarial voting.<br>NeuroSploit v3.5.3 · by <b>Joas A Santos</b> &amp; <b>Red Team Leaders</b></p></body></html>",
t = esc(target), chips = chips, n = sorted.len(), body = body, graph_block = graph_block,
)
}
@@ -135,7 +135,7 @@ pub fn typst_report(target: &str, findings: &[Finding], dir: &Path) -> std::io::
let mut data = String::new();
data.push_str(&format!(
"#let meta = (target: {}, run_id: {}, generated: {}, model: {})\n",
tq(target), tq(&run_id), tq("NeuroSploit v3.5.2"), tq("multi-model")
tq(target), tq(&run_id), tq("NeuroSploit v3.5.3"), tq("multi-model")
));
data.push_str("#let findings = (\n");
for f in sorted_findings(findings) {
setup.sh
+1 -1
View File
@@ -25,7 +25,7 @@ cat <<'BANNER'
███╗ ██╗███████╗██╗ ██╗██████╗ ██████╗
████╗ ██║██╔════╝██║ ██║██╔══██╗██╔═══██╗ NeuroSploit installer
██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ v3.5.2 — Rust harness
██╔██╗ ██║█████╗ ██║ ██║██████╔╝██║ ██║ v3.5.3 — Rust harness
██║╚██╗██║██╔══╝ ██║ ██║██╔══██╗██║ ██║ by Joas A Santos
██║ ╚████║███████╗╚██████╔╝██║ ██║╚██████╔╝ & Red Team Leaders
╚═╝ ╚═══╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝