Files
NeuroSploit/agents_md/vulns
CyberSecurityUP 39c28b541b decision-driven deep exploitation: DECISION doctrine, multi-role /auth, +6 agents
- DECISION_DOCTRINE injected into exploit/grey/chain prompts: analyse responses to
  pick the technique; map & connect routes (endpoint output → next endpoint input);
  hunt sensitive flows; mine parameters (incl. hidden from JS/source maps) and test
  per-param; mock realistic (non-PII) data to reach deeper logic; exploit the
  authenticated surface after login and compare roles; build PoCs when a proof
  needs an artifact; bypass 401/403/redirect controls.
- REPL /auth now supports multiple named identities (/auth admin <hdr>, /auth user
  <hdr>; bare token → Bearer). With >=2 roles the run gets the access-control
  directive (IDOR/BOLA/BFLA/privesc, authorized-vs-unauthorized) and tests both.
- +6 decision agents (library 389): param_miner, endpoint_flow_linker,
  authenticated_surface_exploit, clickjacking_poc (HTML PoC), csrf_poc (HTML PoC),
  access_control_bypass.
- Docs: counts 383->389, RELEASE + /auth help updated.
2026-07-06 10:52:40 -03:00
..