mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-06-30 16:55:34 +02:00
CyberSecurityUP
ae3e49f133
- harness/creds::login(): performs the real HTTP login (POST/GET form), captures a session Cookie from Set-Cookie or a Bearer token from the JSON body, with a soft success check (no hard fail on 302). Redirects not followed so Set-Cookie is visible. - apply_creds is now async: direct material (jwt/header/cookie) used as-is; a `login:` flow is EXECUTED to obtain a live session; on failure, falls back to instructing the agents to log in themselves. - --creds + --focus added to `run` (authenticated black-box) too. - Verified live against a local mock: POST /login → 302 + Set-Cookie captured as the auth header used on subsequent requests. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>