CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 16:55:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9dfcea87bcc2e42c5085d2a9c6a36291aba70708
NeuroSploit/agents_md/recon/waf_cdn_detection.md
T
CyberSecurityUP 3ca3f269ee v3.4.x: intelligent agent selection, whitebox, recon/code agents, Gemini, artifacts, RL, XBOW GUI 
Harness intelligence:
- After recon, the model SELECTS which specialist agents match the target
  (select_agents) — runs the relevant subset, not blindly top-N
- RL reward store (rl.rs): per-agent weights persist to data/rl_state_rs.json,
  reward validated findings (severity-weighted), decay idle, bias next run
- Run artifacts persisted as JSON + MD (recon, exploitation transcript,
  findings, html report) under runs/<target>-<ts>/ for reuse by other AIs

Whitebox mode:
- run_whitebox: walks a repo, builds bounded source context, runs code agents,
  validates by adversarial vote. CLI `whitebox <path>` + web "White-box" mode

Agents: +12 recon (subdomain/tech/js/api/secrets/dns/content/param/waf/cloud/
graphql/osint) and +24 code SAST reviewers (sqli/cmdi/path/ssrf/xss/deser/
secrets/crypto/authz/idor/xxe/redirect/ssti/race/eval/csrf/random/logging/
upload/mass-assign/jwt/cors). Loader gains recon/ + code/ categories → 249 total

Models: +Google Gemini provider (API + gemini CLI subscription); installed_cli_
backends now detects gemini; chat_cli handles gemini/codex/grok + optional
Playwright MCP (.mcp.json) on the subscription path with autonomy flags

GUI: full XBOW-style redesign — sidebar (Operate/Library), topbar status, mode
segment (black-box/white-box), model panel, live console, severity cards,
agent browser with category filters, models view; responsive + aligned

Verified: cargo build --release clean; CLI agents/whitebox; LIVE subscription
run shows model selecting 23→4 agents, RL update, artifacts written; GUI +
white-box toggle in Playwright.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-23 11:39:56 -03:00

37 lines
983 B
Markdown
Raw Blame History

# WAF/CDN Detection Specialist Agent
## User Prompt
You are performing reconnaissance on **{target}** to identify WAF/CDN and inform evasion strategy.
**Recon Context:**
{recon_json}
**METHODOLOGY:**
### 1. Detect
- Fingerprint WAF/CDN via headers, cookies, block pages, `wafw00f`
### 2. Origin
- Search for origin IP leaks (DNS history, SSL SANs, headers)
### 3. Strategy
- Note effective encodings/paths for later, in-scope testing
### 4. Report Format
For each CONFIRMED finding:
```
FINDING:
- Title: WAF/CDN Detection Specialist at [asset/endpoint]
- Severity: Info
- CWE: CWE-200
- Endpoint: [URL/host]
- Vector: [what/where]
- Payload: [PoC / vulnerable code snippet]
- Evidence: [proof / exact code quoted]
- Impact: Informs bypass strategy; reveals origin exposure
- Remediation: Ensure origin is not directly reachable
```
## System Prompt
You are a WAF/CDN specialist. Report only positively-identified protections and any verified origin exposure, with evidence.
Reference in New Issue View Git Blame Copy Permalink