feat: migrate to use MCP tools instead of helper scripts

This commit is contained in:
ajmallesh
2025-10-23 11:56:47 -07:00
parent cfe8dc8bc8
commit eae0b8d654
46 changed files with 1444 additions and 381 deletions
+4 -23
View File
@@ -19,30 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js AUTH_EVIDENCE '# Authentication Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** auth-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test authentication vulnerability
- **Method:** Authentication bypass via parameter manipulation
- **Evidence:** Successfully bypassed login using admin=true parameter
- **Impact:** Demonstrated unauthorized access to protected resources
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** AUTH-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}
- **Attack Vector:** Parameter-based authentication bypass
- **Bypass Method:** URL parameter manipulation'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTH_EVIDENCE"`
- `content: "# Authentication Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** auth-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authentication vulnerability\n- **Method:** Authentication bypass via parameter manipulation\n- **Evidence:** Successfully bypassed login using admin=true parameter\n- **Impact:** Demonstrated unauthorized access to protected resources\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTH-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Parameter-based authentication bypass\n- **Bypass Method:** URL parameter manipulation"`
This will automatically create `deliverables/auth_exploitation_evidence.md`.
+4 -23
View File
@@ -19,30 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js AUTHZ_EVIDENCE '# Authorization Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** authz-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test authorization vulnerability
- **Method:** Privilege escalation via direct object reference
- **Evidence:** Successfully accessed admin panel with user-level privileges
- **Impact:** Demonstrated unauthorized access to privileged functionality
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** AUTHZ-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}
- **Attack Vector:** Insecure Direct Object Reference (IDOR)
- **Escalation Method:** User ID manipulation in API calls'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTHZ_EVIDENCE"`
- `content: "# Authorization Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** authz-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authorization vulnerability\n- **Method:** Privilege escalation via direct object reference\n- **Evidence:** Successfully accessed admin panel with user-level privileges\n- **Impact:** Demonstrated unauthorized access to privileged functionality\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTHZ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Insecure Direct Object Reference (IDOR)\n- **Escalation Method:** User ID manipulation in API calls"`
This will automatically create `deliverables/authz_exploitation_evidence.md`.
+4 -21
View File
@@ -19,28 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js INJECTION_EVIDENCE '# Injection Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** injection-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test injection vulnerability
- **Method:** SQL injection via query parameter
- **Evidence:** Successfully executed test payload `'"'"'; DROP TABLE users; --`
- **Impact:** Demonstrated ability to manipulate database queries
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** INJ-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "INJECTION_EVIDENCE"`
- `content: "# Injection Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test injection vulnerability\n- **Method:** SQL injection via query parameter\n- **Evidence:** Successfully executed test payload `'; DROP TABLE users; --`\n- **Impact:** Demonstrated ability to manipulate database queries\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** INJ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}"`
This will automatically create `deliverables/injection_exploitation_evidence.md`.
+4 -23
View File
@@ -19,30 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js SSRF_EVIDENCE '# SSRF Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** ssrf-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test SSRF vulnerability
- **Method:** Server-Side Request Forgery via URL parameter
- **Evidence:** Successfully forced server to make request to internal network
- **Impact:** Demonstrated access to internal services and potential data exfiltration
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** SSRF-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}
- **Attack Vector:** URL parameter manipulation
- **Target:** Internal network services (localhost:8080)'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "SSRF_EVIDENCE"`
- `content: "# SSRF Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** ssrf-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test SSRF vulnerability\n- **Method:** Server-Side Request Forgery via URL parameter\n- **Evidence:** Successfully forced server to make request to internal network\n- **Impact:** Demonstrated access to internal services and potential data exfiltration\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** SSRF-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** URL parameter manipulation\n- **Target:** Internal network services (localhost:8080)"`
This will automatically create `deliverables/ssrf_exploitation_evidence.md`.
+4 -22
View File
@@ -19,29 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js XSS_EVIDENCE '# XSS Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** xss-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test XSS vulnerability
- **Method:** Reflected XSS via search parameter
- **Evidence:** Successfully executed payload `<script>alert('"'"'XSS'"'"')</script>`
- **Impact:** Demonstrated JavaScript code execution in user context
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** XSS-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}
- **Attack Vector:** Reflected XSS in search functionality'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "XSS_EVIDENCE"`
- `content: "# XSS Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** xss-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test XSS vulnerability\n- **Method:** Reflected XSS via search parameter\n- **Evidence:** Successfully executed payload `<script>alert('XSS')</script>`\n- **Impact:** Demonstrated JavaScript code execution in user context\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** XSS-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Reflected XSS in search functionality"`
This will automatically create `deliverables/xss_exploitation_evidence.md`.
+1 -6
View File
@@ -1,6 +1 @@
Run this command and do nothing else:
```bash
node save_deliverable.js CODE_ANALYSIS 'Pre-recon analysis complete'
```
Then say "Done".
Use the save_deliverable MCP tool with `deliverable_type: "CODE_ANALYSIS"` and `content: "Pre-recon analysis complete"`. Then say "Done".
+1 -6
View File
@@ -1,6 +1 @@
Run this command and do nothing else:
```bash
node save_deliverable.js RECON 'Reconnaissance analysis complete'
```
Then say "Done".
Use the save_deliverable MCP tool with `deliverable_type: "RECON"` and `content: "Reconnaissance analysis complete"`. Then say "Done".
+8 -27
View File
@@ -19,38 +19,19 @@
```
### Step 2: Create Required Deliverables
Use the save_deliverable script to create both deliverables:
Use the save_deliverable MCP tool to create both deliverables:
**1. Analysis Report:**
```bash
node save_deliverable.js AUTH_ANALYSIS '# Auth Analysis Complete (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.net
**Screenshot:** auth-agent-test.png
**Status:** Browser isolation test successful'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTH_ANALYSIS"`
- `content: "# Auth Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.net\n**Screenshot:** auth-agent-test.png\n**Status:** Browser isolation test successful"`
**2. Exploitation Queue:**
```bash
node save_deliverable.js AUTH_QUEUE '{
"vulnerabilities": [
{
"ID": "AUTH-VULN-01",
"verdict": "vulnerable",
"confidence": "high",
"notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
"vulnerability_type": "Authentication_Bypass",
"endpoint": "/api/login",
"flaw_type": "Missing token validation",
"exploit_hypothesis": "Empty or invalid token allows access to protected resources",
"witness_payload": "Authorization: Bearer invalid_token"
}
]
}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTH_QUEUE"`
- `content: {"vulnerabilities": [{"ID": "AUTH-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Authentication_Bypass", "endpoint": "/api/login", "flaw_type": "Missing token validation", "exploit_hypothesis": "Empty or invalid token allows access to protected resources", "witness_payload": "Authorization: Bearer invalid_token"}]}`
These commands will automatically create the correct files in `deliverables/`.
These tools will automatically create the correct files in `deliverables/`.
### Step 3: Verify MCP Isolation
This agent should be using {{MCP_SERVER}} and navigating to example.net independently of other parallel agents.
+8 -26
View File
@@ -19,37 +19,19 @@
```
### Step 2: Create Required Deliverables
Use the save_deliverable script to create both deliverables:
Use the save_deliverable MCP tool to create both deliverables:
**1. Analysis Report:**
```bash
node save_deliverable.js AUTHZ_ANALYSIS '# Authorization Analysis Complete (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://jsonplaceholder.typicode.com
**Screenshot:** authz-agent-test.png
**Status:** Browser isolation test successful'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTHZ_ANALYSIS"`
- `content: "# Authorization Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://jsonplaceholder.typicode.com\n**Screenshot:** authz-agent-test.png\n**Status:** Browser isolation test successful"`
**2. Exploitation Queue:**
```bash
node save_deliverable.js AUTHZ_QUEUE '{
"vulnerabilities": [
{
"ID": "AUTHZ-VULN-01",
"verdict": "vulnerable",
"confidence": "high",
"notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
"vulnerability_type": "Vertical",
"endpoint": "/admin/users",
"actual_access": "Regular users can access admin functions",
"witness_payload": "GET /admin/users with regular user token"
}
]
}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "AUTHZ_QUEUE"`
- `content: {"vulnerabilities": [{"ID": "AUTHZ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Vertical", "endpoint": "/admin/users", "actual_access": "Regular users can access admin functions", "witness_payload": "GET /admin/users with regular user token"}]}`
These commands will automatically create the correct files in `deliverables/`.
These tools will automatically create the correct files in `deliverables/`.
### Step 3: Verify MCP Isolation
This agent should be using {{MCP_SERVER}} and navigating to jsonplaceholder.typicode.com independently of other parallel agents.
+8 -29
View File
@@ -19,40 +19,19 @@
```
### Step 2: Create Required Deliverables
Use the save_deliverable script to create both deliverables:
Use the save_deliverable MCP tool to create both deliverables:
**1. Analysis Report:**
```bash
node save_deliverable.js INJECTION_ANALYSIS '# Injection Analysis Complete (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** injection-agent-test.png
**Status:** Browser isolation test successful'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "INJECTION_ANALYSIS"`
- `content: "# Injection Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-agent-test.png\n**Status:** Browser isolation test successful"`
**2. Exploitation Queue:**
```bash
node save_deliverable.js INJECTION_QUEUE '{
"vulnerabilities": [
{
"ID": "INJ-VULN-01",
"verdict": "vulnerable",
"confidence": "high",
"notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
"vulnerability_type": "SQLi",
"source": "query parameter at app.js:15",
"path": "controller → db.query",
"sink_call": "db.query at app.js:20",
"slot_type": "SQL-val",
"mismatch_reason": "User input directly concatenated into SQL query",
"witness_payload": "'"'"'; DROP TABLE users; --"
}
]
}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "INJECTION_QUEUE"`
- `content: {"vulnerabilities": [{"ID": "INJ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "SQLi", "source": "query parameter at app.js:15", "path": "controller → db.query", "sink_call": "db.query at app.js:20", "slot_type": "SQL-val", "mismatch_reason": "User input directly concatenated into SQL query", "witness_payload": "'; DROP TABLE users; --"}]}`
These commands will automatically create the correct files in `deliverables/`.
These tools will automatically create the correct files in `deliverables/`.
### Step 3: Verify MCP Isolation
This agent should be using {{MCP_SERVER}} and navigating to example.com independently of other parallel agents.
+8 -26
View File
@@ -19,37 +19,19 @@
```
### Step 2: Create Required Deliverables
Use the save_deliverable script to create both deliverables:
Use the save_deliverable MCP tool to create both deliverables:
**1. Analysis Report:**
```bash
node save_deliverable.js SSRF_ANALYSIS '# SSRF Analysis Complete (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://httpbin.org
**Screenshot:** ssrf-agent-test.png
**Status:** Browser isolation test successful'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "SSRF_ANALYSIS"`
- `content: "# SSRF Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://httpbin.org\n**Screenshot:** ssrf-agent-test.png\n**Status:** Browser isolation test successful"`
**2. Exploitation Queue:**
```bash
node save_deliverable.js SSRF_QUEUE '{
"vulnerabilities": [
{
"ID": "SSRF-VULN-01",
"verdict": "vulnerable",
"confidence": "high",
"notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
"vulnerability_type": "URL_Manipulation",
"source": "url parameter in /api/fetch",
"outbound_call": "fetch() at api.js:45",
"witness_payload": "http://internal.localhost/admin"
}
]
}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "SSRF_QUEUE"`
- `content: {"vulnerabilities": [{"ID": "SSRF-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "URL_Manipulation", "source": "url parameter in /api/fetch", "outbound_call": "fetch() at api.js:45", "witness_payload": "http://internal.localhost/admin"}]}`
These commands will automatically create the correct files in `deliverables/`.
These tools will automatically create the correct files in `deliverables/`.
### Step 3: Verify MCP Isolation
This agent should be using {{MCP_SERVER}} and navigating to httpbin.org independently of other parallel agents.
+8 -28
View File
@@ -19,39 +19,19 @@
```
### Step 2: Create Required Deliverables
Use the save_deliverable script to create both deliverables:
Use the save_deliverable MCP tool to create both deliverables:
**1. Analysis Report:**
```bash
node save_deliverable.js XSS_ANALYSIS '# XSS Analysis Complete (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.org
**Screenshot:** xss-agent-test.png
**Status:** Browser isolation test successful'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "XSS_ANALYSIS"`
- `content: "# XSS Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.org\n**Screenshot:** xss-agent-test.png\n**Status:** Browser isolation test successful"`
**2. Exploitation Queue:**
```bash
node save_deliverable.js XSS_QUEUE '{
"vulnerabilities": [
{
"ID": "XSS-VULN-01",
"verdict": "vulnerable",
"confidence": "high",
"notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
"vulnerability_type": "Reflected",
"source": "search parameter",
"sink_function": "template.render at search.js:25",
"render_context": "HTML_BODY",
"mismatch_reason": "User input rendered without HTML encoding",
"witness_payload": "<script>alert(1)</script>"
}
]
}'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "XSS_QUEUE"`
- `content: {"vulnerabilities": [{"ID": "XSS-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Reflected", "source": "search parameter", "sink_function": "template.render at search.js:25", "render_context": "HTML_BODY", "mismatch_reason": "User input rendered without HTML encoding", "witness_payload": "<script>alert(1)</script>"}]}`
These commands will automatically create the correct files in `deliverables/`.
These tools will automatically create the correct files in `deliverables/`.
### Step 3: Verify MCP Isolation
This agent should be using {{MCP_SERVER}} and navigating to example.org independently of other parallel agents.