mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-03 18:07:51 +02:00
5f1573ac7f
Agents (+10 → library 375): absurd-misconfig hunters (exposed .git/.env/backups, debug/actuator, default creds, dir listing, ops dashboards, permissive CORS, verbose errors), a CVE Hunter (fingerprint → correlate → safe PoC), a PoC Developer (writes runnable scripts to the run's pocs/), and a Rate-Limit tester. Doctrine (pipeline): - SAFETY_DOCTRINE injected into every exploit/chain/host prompt: no modify/delete/ exfiltrate/state-change without permission; on PII prove with a masked sample + count, never dump. - tool_doctrine adds: smart targeted nuclei (fingerprint-first, -tags/-id, rate/ timeouts), misconfig hunting, rate-limit control checks, authorized tool download (git clone PoC repos / fetch scanners), Burp/ZAP proxy routing, and a per-run PoC workspace. Harness/CLI/REPL: - RunConfig.proxy; spawn_engagement creates <workdir>/pocs and exports NEUROSPLOIT_POCS + NEUROSPLOIT_PROXY (proxy from cfg or the env var). - REPL /proxy <url> and /burp (Session.proxy); /show shows proxy. Docs: README highlights + Cloud/counts (375), RELEASE v3.5.5 sections.