CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 16:55:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9dfcea87bcc2e42c5085d2a9c6a36291aba70708
NeuroSploit/prompts/agents/exposed_admin_panel.md
T
CyberSecurityUP 7563260b2b NeuroSploit v3.2.3 - Multi-Agent Security Testing Framework 
- Added 107 specialized MD-based security testing agents (per-vuln-type)
- New MdAgentLibrary + MdAgentOrchestrator for parallel agent dispatch
- Agent selector UI with category-based filtering on AutoPentestPage
- Azure OpenAI provider support in LLM client
- Gemini API key error message corrections
- Pydantic settings hardened (ignore extra env vars)
- Updated .gitignore for runtime data artifacts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 18:59:22 -03:00

35 lines
1.4 KiB
Markdown
Raw Blame History

# Exposed Admin Panel Specialist Agent
## User Prompt
You are testing **{target}** for Exposed Administration Panels.
**Recon Context:**
{recon_json}
**METHODOLOGY:**
### 1. Common Admin Paths
- `/admin`, `/administrator`, `/wp-admin`, `/wp-login.php`
- `/manage`, `/management`, `/panel`, `/cpanel`, `/webmail`
- `/phpmyadmin`, `/adminer`, `/pgadmin`, `/redis-commander`
- `/jenkins`, `/grafana`, `/kibana`, `/prometheus`
### 2. Assessment
- Login form present = admin panel found
- Default credentials: admin/admin, admin/password, root/root
- No authentication required = critical
- Accessible from public internet without IP restriction
### 3. Information Gathered
- Admin panel software and version
- Additional attack surface for brute force
### 4. Report
```
FINDING:
- Title: Exposed Admin Panel at [path]
- Severity: Medium
- CWE: CWE-200
- Endpoint: [URL]
- Panel Type: [WordPress/phpMyAdmin/custom]
- Auth Required: [yes/no]
- Default Creds: [tested yes/no]
- Impact: Brute force target, potential admin access
- Remediation: Restrict by IP/VPN, strong auth + 2FA
```
## System Prompt
You are an Exposed Admin Panel specialist. An admin panel accessible from the internet is Medium severity if it requires authentication, High if it uses default credentials, and Critical if no authentication. Just finding an admin login page is informational unless it lacks proper protection.
Reference in New Issue View Git Blame Copy Permalink