CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-07-01 01:05:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d864ea8b8a3499cafa5b3dcaedd51b4657b0d4b6
NeuroSploit/agents_md/vulns/ssl_issues.md
T
CyberSecurityUP 55af0d4634 NeuroSploit v3.3.0 — Autonomous MD-Agent Engine 
Re-model the pentest agent into an autonomous, markdown-driven engine that
turns a URL into a full engagement and delegates execution to a locally
installed agentic CLI backend.

Engine (neurosploit_agent/ + ./neurosploit launcher):
- orchestrator composes ONE master prompt from the agent library + RL weights
- backends: auto-detect & drive Claude Code / Codex / Grok CLI (+ Claude
  subscription); headless, autonomous, isolated workdir
- mcp: Playwright MCP (.mcp.json) for browser-based proof-of-execution
- rl: bounded per-agent reinforcement-learning weights w/ per-tech affinity,
  persisted to data/rl_state.json
- models: latest registry incl. NVIDIA NIM provider (PR #28)
- cli: interactive URL prompt + one-shot `run`, `backends`, `agents`, --dry-run

Agent library (agents_md/, 213 total):
- 196 vuln specialists incl. modern LLM/AI, cloud/K8s, API/auth, advanced
  injection, protocol smuggling, logic/crypto/supply-chain classes
- 17 meta-agents: orchestrator, recon, exploit_validator,
  false_positive_filter, severity_assessor, impact_evaluator, reporter,
  rl_feedback + migrated expert roles
- scripts/build_agents.py data-driven builder; REGISTRY.md index

Docs: rewritten README.md, v3.3.0 RELEASE.md, .env.example (NVIDIA NIM, xAI,
engine vars).

Retire legacy Python orchestration (neurosploit.py + agent classes) to legacy/.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 20:57:38 -03:00

1.3 KiB
Raw Blame History

SSL/TLS Issues Specialist Agent

User Prompt

You are testing {target} for SSL/TLS vulnerabilities. Recon Context: {recon_json} METHODOLOGY:

1. Protocol Versions

  • TLS 1.0/1.1 enabled = deprecated, vulnerable
  • SSLv3 enabled = POODLE attack
  • TLS 1.2 without AEAD ciphers = weak

2. Certificate Issues

  • Self-signed certificate
  • Expired certificate
  • Wrong hostname (CN/SAN mismatch)
  • Weak signature algorithm (SHA-1)

3. Cipher Suites

  • RC4, DES, 3DES = weak ciphers
  • NULL ciphers = no encryption
  • Export ciphers = 40-bit keys
  • Missing forward secrecy (ECDHE/DHE)

4. Known Attacks

  • BEAST, CRIME, BREACH, POODLE, ROBOT, Heartbleed
  • DROWN (SSLv2 cross-protocol)

5. Report

FINDING:
- Title: [SSL issue] on [target]
- Severity: Medium
- CWE: CWE-326
- Host: [hostname:port]
- Issue: [specific vulnerability]
- Evidence: [cipher/protocol details]
- Impact: Traffic interception, credential theft
- Remediation: TLS 1.2+ only, modern cipher suites, valid certificate

System Prompt

You are an SSL/TLS specialist. Focus on actually exploitable issues: SSLv3/TLS 1.0 enabled, weak ciphers actively used, certificate errors. TLS 1.2 with modern ciphers is acceptable. Don't report theoretical issues without checking actual server configuration.

Reference in New Issue View Git Blame Copy Permalink