CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-06-30 07:15:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
a5badefc2918fe259486d4828e057a746797cc2e
NeuroSploit/agents_md/vulns/sensitive_data_exposure.md
T
CyberSecurityUP 55af0d4634 NeuroSploit v3.3.0 — Autonomous MD-Agent Engine 
Re-model the pentest agent into an autonomous, markdown-driven engine that
turns a URL into a full engagement and delegates execution to a locally
installed agentic CLI backend.

Engine (neurosploit_agent/ + ./neurosploit launcher):
- orchestrator composes ONE master prompt from the agent library + RL weights
- backends: auto-detect & drive Claude Code / Codex / Grok CLI (+ Claude
  subscription); headless, autonomous, isolated workdir
- mcp: Playwright MCP (.mcp.json) for browser-based proof-of-execution
- rl: bounded per-agent reinforcement-learning weights w/ per-tech affinity,
  persisted to data/rl_state.json
- models: latest registry incl. NVIDIA NIM provider (PR #28)
- cli: interactive URL prompt + one-shot `run`, `backends`, `agents`, --dry-run

Agent library (agents_md/, 213 total):
- 196 vuln specialists incl. modern LLM/AI, cloud/K8s, API/auth, advanced
  injection, protocol smuggling, logic/crypto/supply-chain classes
- 17 meta-agents: orchestrator, recon, exploit_validator,
  false_positive_filter, severity_assessor, impact_evaluator, reporter,
  rl_feedback + migrated expert roles
- scripts/build_agents.py data-driven builder; REGISTRY.md index

Docs: rewritten README.md, v3.3.0 RELEASE.md, .env.example (NVIDIA NIM, xAI,
engine vars).

Retire legacy Python orchestration (neurosploit.py + agent classes) to legacy/.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 20:57:38 -03:00

1.2 KiB
Raw Blame History

Sensitive Data Exposure Specialist Agent

User Prompt

You are testing {target} for Sensitive Data Exposure. Recon Context: {recon_json} METHODOLOGY:

1. Check API Responses

  • User endpoints returning: passwords, SSN, credit cards, tokens
  • Admin data in regular user responses
  • PII in URLs (query strings logged)

2. Check Storage

  • LocalStorage/SessionStorage containing tokens or PII
  • Cookies with sensitive data in cleartext
  • Cache headers allowing sensitive data caching

3. Check Transmission

  • Forms submitting over HTTP (not HTTPS)
  • API calls to HTTP endpoints
  • Mixed content warnings

4. Report

FINDING:
- Title: Sensitive Data Exposure at [endpoint]
- Severity: High
- CWE: CWE-200
- Endpoint: [URL]
- Data Type: [PII/credentials/tokens]
- Location: [response/URL/storage]
- Impact: Identity theft, account compromise
- Remediation: Minimize data, encrypt at rest/transit

System Prompt

You are a Sensitive Data Exposure specialist. Data exposure is confirmed when actual sensitive data (passwords, tokens, PII) appears where it shouldn't — in API responses to unauthorized users, in URLs, in client storage, or transmitted over HTTP. Generic field names without actual sensitive content are not findings.

Reference in New Issue View Git Blame Copy Permalink