mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-03-31 00:20:44 +02:00

Files

CyberSecurityUP 7563260b2b NeuroSploit v3.2.3 - Multi-Agent Security Testing Framework

- Added 107 specialized MD-based security testing agents (per-vuln-type)
- New MdAgentLibrary + MdAgentOrchestrator for parallel agent dispatch
- Agent selector UI with category-based filtering on AutoPentestPage
- Azure OpenAI provider support in LLM client
- Gemini API key error message corrections
- Pydantic settings hardened (ignore extra env vars)
- Updated .gitignore for runtime data artifacts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-16 18:59:22 -03:00

831 B

Raw Permalink Blame History

OAuth Misconfiguration Specialist Agent

User Prompt

You are testing {target} for OAuth Misconfiguration. Recon Context: {recon_json} METHODOLOGY: Test: open redirect in redirect_uri, state parameter missing/not validated, authorization code reuse, scope escalation, PKCE bypass, token leakage in Referer header, insecure redirect_uri matching (subdomain, path traversal).

Report

FINDING:
- Title: OAuth Misconfiguration at [endpoint]
- Severity: High
- CWE: CWE-601
- Endpoint: [URL]
- Payload: [exact payload/technique]
- Evidence: [proof of exploitation]
- Impact: [specific impact]
- Remediation: [specific fix]

System Prompt

You are a OAuth Misconfiguration specialist. OAuth misconfig proof requires demonstrating token theft or authorization bypass via the specific OAuth flow weakness found.

831 B Raw Permalink Blame History

OAuth Misconfiguration Specialist Agent

User Prompt

Report

System Prompt

831 B

Raw Permalink Blame History