mirror of
https://github.com/KeygraphHQ/shannon.git
synced 2026-02-12 17:22:50 +00:00
45 lines
1.3 KiB
YAML
45 lines
1.3 KiB
YAML
# Example configuration file for pentest-agent
|
|
# Copy this file and modify it for your specific testing needs
|
|
|
|
authentication:
|
|
login_type: form # Options: 'form' or 'sso'
|
|
login_url: "https://example.com/login"
|
|
credentials:
|
|
username: "testuser"
|
|
password: "testpassword"
|
|
totp_secret: "JBSWY3DPEHPK3PXP" # Optional TOTP secret for 2FA
|
|
|
|
# Natural language instructions for login flow
|
|
login_flow:
|
|
- "Type $username into the email field"
|
|
- "Type $password into the password field"
|
|
- "Click the 'Sign In' button"
|
|
- "Enter $totp in the verification code field"
|
|
- "Click 'Verify'"
|
|
|
|
success_condition:
|
|
type: url_contains # Options: 'url_contains' or 'element_present'
|
|
value: "/dashboard"
|
|
|
|
rules:
|
|
avoid:
|
|
- description: "Do not test the marketing site subdomain"
|
|
type: subdomain
|
|
url_path: "www"
|
|
|
|
- description: "Skip logout functionality"
|
|
type: path
|
|
url_path: "/logout"
|
|
|
|
- description: "No DELETE operations on user API"
|
|
type: path
|
|
url_path: "/api/v1/users/*"
|
|
|
|
focus:
|
|
- description: "Prioritize beta admin panel subdomain"
|
|
type: subdomain
|
|
url_path: "beta-admin"
|
|
|
|
- description: "Focus on user profile updates"
|
|
type: path
|
|
url_path: "/api/v2/user-profile" |