CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 16:25:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
16e45eb0a3189c8a4e0eff9324c52e3111f16c0d
NeuroSploit/neurosploit-rs/creds.example.yaml
T
CyberSecurityUP f8d70ce9c5 v3.5.1: infra/host engagements — IP + SSH/Windows-AD creds + Linux/Win/AD agents + REPL context bar 
Infra:
- creds.yaml gains `ssh:` (host/port/user/password/key) and `windows:`/`ad:`
  (host/user/password/domain/ntlm-hash) blocks; multi-block YAML parser.
  host_instruction() tells agents how to authenticate to the host.
- 14 infra agents (agents_md/infra/): port/service scan, SMB enum, Linux privesc/
  sudo/cron/SSH, Windows privesc/SMB-signing/WinRM, AD kerberoast/asreproast/ACL/
  DCSync/default-creds. Loader gains `infra` category → 317 agents total.
- run_host pipeline + `neurosploit host <ip> --creds creds.yaml` (and Mode::Host
  in run_mode/TUI): host recon (nmap/netexec) → infra agent selection → test →
  validate → chain → report, with host tooling doctrine + supplied creds.

REPL:
- Context/status bar above the prompt: "model auth · cwd · mode▸target"
  (e.g. claude-opus-4-8 sub · /opt/projeto · black-box▸app.acme.com).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 22:17:14 -03:00

38 lines
1.2 KiB
YAML
Raw Blame History

# NeuroSploit — example credentials file for authenticated testing.
# Pass with: neurosploit greybox <repo> --url <app> --creds creds.yaml
# or: neurosploit run <url> --creds creds.yaml (after adding --creds support)
# or in the interactive session: /creds creds.yaml
#
# Provide ANY of the auth materials below (first match wins), and/or a `login`
# flow the agents will perform with curl before testing.
# --- direct auth material (pick one) ---
jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiYWRtaW4ifQ.signature
# header: "X-Api-Key: 0123456789abcdef"
# cookie: "session=deadbeef; role=admin"
# --- OR an automated login flow ---
login:
url: http://localhost:8080/login
method: POST
username_field: username
password_field: password
username: admin
password: password
success: Logout # text that appears on a successful login
# --- infra/host credentials (used by `neurosploit host <ip> --creds creds.yaml`) ---
ssh:
host: 10.0.0.5
port: 22
user: ubuntu
password: s3cret # or:
key: /home/op/id_ed25519
windows: # also used for Active Directory
host: 10.0.0.10
domain: CORP
user: jdoe
password: Winter2026! # or pass-the-hash:
hash: aad3b435b51404eeaad3b435b51404ee:NThashhere
Reference in New Issue View Git Blame Copy Permalink