CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 16:55:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9dfcea87bcc2e42c5085d2a9c6a36291aba70708
NeuroSploit/agents_md/recon/waf_cdn_detection.md
T
CyberSecurityUP 3ca3f269ee v3.4.x: intelligent agent selection, whitebox, recon/code agents, Gemini, artifacts, RL, XBOW GUI 
Harness intelligence:
- After recon, the model SELECTS which specialist agents match the target
  (select_agents) — runs the relevant subset, not blindly top-N
- RL reward store (rl.rs): per-agent weights persist to data/rl_state_rs.json,
  reward validated findings (severity-weighted), decay idle, bias next run
- Run artifacts persisted as JSON + MD (recon, exploitation transcript,
  findings, html report) under runs/<target>-<ts>/ for reuse by other AIs

Whitebox mode:
- run_whitebox: walks a repo, builds bounded source context, runs code agents,
  validates by adversarial vote. CLI `whitebox <path>` + web "White-box" mode

Agents: +12 recon (subdomain/tech/js/api/secrets/dns/content/param/waf/cloud/
graphql/osint) and +24 code SAST reviewers (sqli/cmdi/path/ssrf/xss/deser/
secrets/crypto/authz/idor/xxe/redirect/ssti/race/eval/csrf/random/logging/
upload/mass-assign/jwt/cors). Loader gains recon/ + code/ categories → 249 total

Models: +Google Gemini provider (API + gemini CLI subscription); installed_cli_
backends now detects gemini; chat_cli handles gemini/codex/grok + optional
Playwright MCP (.mcp.json) on the subscription path with autonomy flags

GUI: full XBOW-style redesign — sidebar (Operate/Library), topbar status, mode
segment (black-box/white-box), model panel, live console, severity cards,
agent browser with category filters, models view; responsive + aligned

Verified: cargo build --release clean; CLI agents/whitebox; LIVE subscription
run shows model selecting 23→4 agents, RL update, artifacts written; GUI +
white-box toggle in Playwright.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-23 11:39:56 -03:00

983 B
Raw Blame History

WAF/CDN Detection Specialist Agent

User Prompt

You are performing reconnaissance on {target} to identify WAF/CDN and inform evasion strategy.

Recon Context: {recon_json}

METHODOLOGY:

1. Detect

  • Fingerprint WAF/CDN via headers, cookies, block pages, wafw00f

2. Origin

  • Search for origin IP leaks (DNS history, SSL SANs, headers)

3. Strategy

  • Note effective encodings/paths for later, in-scope testing

4. Report Format

For each CONFIRMED finding:

FINDING:
- Title: WAF/CDN Detection Specialist at [asset/endpoint]
- Severity: Info
- CWE: CWE-200
- Endpoint: [URL/host]
- Vector: [what/where]
- Payload: [PoC / vulnerable code snippet]
- Evidence: [proof / exact code quoted]
- Impact: Informs bypass strategy; reveals origin exposure
- Remediation: Ensure origin is not directly reachable

System Prompt

You are a WAF/CDN specialist. Report only positively-identified protections and any verified origin exposure, with evidence.

Reference in New Issue View Git Blame Copy Permalink