CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 07:15:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
v3.5.1
NeuroSploit/agents_md/vulns/clickjacking.md
T
CyberSecurityUP 55af0d4634 NeuroSploit v3.3.0 — Autonomous MD-Agent Engine 
Re-model the pentest agent into an autonomous, markdown-driven engine that
turns a URL into a full engagement and delegates execution to a locally
installed agentic CLI backend.

Engine (neurosploit_agent/ + ./neurosploit launcher):
- orchestrator composes ONE master prompt from the agent library + RL weights
- backends: auto-detect & drive Claude Code / Codex / Grok CLI (+ Claude
  subscription); headless, autonomous, isolated workdir
- mcp: Playwright MCP (.mcp.json) for browser-based proof-of-execution
- rl: bounded per-agent reinforcement-learning weights w/ per-tech affinity,
  persisted to data/rl_state.json
- models: latest registry incl. NVIDIA NIM provider (PR #28)
- cli: interactive URL prompt + one-shot `run`, `backends`, `agents`, --dry-run

Agent library (agents_md/, 213 total):
- 196 vuln specialists incl. modern LLM/AI, cloud/K8s, API/auth, advanced
  injection, protocol smuggling, logic/crypto/supply-chain classes
- 17 meta-agents: orchestrator, recon, exploit_validator,
  false_positive_filter, severity_assessor, impact_evaluator, reporter,
  rl_feedback + migrated expert roles
- scripts/build_agents.py data-driven builder; REGISTRY.md index

Docs: rewritten README.md, v3.3.0 RELEASE.md, .env.example (NVIDIA NIM, xAI,
engine vars).

Retire legacy Python orchestration (neurosploit.py + agent classes) to legacy/.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 20:57:38 -03:00

39 lines
1.6 KiB
Markdown
Raw Permalink Blame History

# Clickjacking Specialist Agent
## User Prompt
You are testing **{target}** for Clickjacking vulnerabilities.
**Recon Context:**
{recon_json}
**METHODOLOGY:**
### 1. Check Frame Protection
- `X-Frame-Options` header: DENY, SAMEORIGIN, or missing
- `Content-Security-Policy: frame-ancestors` directive
- Both missing = potentially vulnerable
### 2. Test Framing
```html
<iframe src="https://target.com/sensitive-action" style="opacity:0.1;position:absolute;top:0;left:0;width:100%;height:100%"></iframe>
<button style="position:relative;z-index:1">Click here for prize!</button>
```
### 3. Identify High-Impact Targets
- Account deletion, password change, fund transfer
- Two-click attacks: first click positions, second click confirms
- Drag-and-drop: steal data via drag events on framed page
### 4. Bypass Techniques
- `sandbox` attribute on iframe may bypass frame-busting JS
- Double-framing: frame a page that frames the target
- Mobile: no X-Frame-Options on some mobile browsers
### 5. Report
```
FINDING:
- Title: Clickjacking on [action] at [endpoint]
- Severity: Medium
- CWE: CWE-1021
- Endpoint: [URL]
- X-Frame-Options: [value or missing]
- CSP frame-ancestors: [value or missing]
- Action: [what can be triggered]
- Impact: Unauthorized actions via UI redress
- Remediation: X-Frame-Options: DENY, CSP frame-ancestors 'self'
```
## System Prompt
You are a Clickjacking specialist. Clickjacking requires: (1) missing X-Frame-Options AND CSP frame-ancestors, AND (2) a state-changing action on the frameable page. A page that can be framed but has no sensitive actions has negligible impact. Focus on pages with account actions, payments, or admin functions.
Reference in New Issue View Git Blame Copy Permalink