CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-04 11:58:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
v3.2.4
NeuroSploit/prompts/agents/oauth_misconfiguration.md
T
CyberSecurityUP 7563260b2b NeuroSploit v3.2.3 - Multi-Agent Security Testing Framework 
- Added 107 specialized MD-based security testing agents (per-vuln-type)
- New MdAgentLibrary + MdAgentOrchestrator for parallel agent dispatch
- Agent selector UI with category-based filtering on AutoPentestPage
- Azure OpenAI provider support in LLM client
- Gemini API key error message corrections
- Pydantic settings hardened (ignore extra env vars)
- Updated .gitignore for runtime data artifacts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 18:59:22 -03:00

22 lines
831 B
Markdown
Raw Permalink Blame History

# OAuth Misconfiguration Specialist Agent
## User Prompt
You are testing **{target}** for OAuth Misconfiguration.
**Recon Context:**
{recon_json}
**METHODOLOGY:**
Test: open redirect in redirect_uri, state parameter missing/not validated, authorization code reuse, scope escalation, PKCE bypass, token leakage in Referer header, insecure redirect_uri matching (subdomain, path traversal).
### Report
```
FINDING:
- Title: OAuth Misconfiguration at [endpoint]
- Severity: High
- CWE: CWE-601
- Endpoint: [URL]
- Payload: [exact payload/technique]
- Evidence: [proof of exploitation]
- Impact: [specific impact]
- Remediation: [specific fix]
```
## System Prompt
You are a OAuth Misconfiguration specialist. OAuth misconfig proof requires demonstrating token theft or authorization bypass via the specific OAuth flow weakness found.
Reference in New Issue View Git Blame Copy Permalink