feat: migrate to use MCP tools instead of helper scripts

This commit is contained in:
ajmallesh
2025-10-23 11:56:47 -07:00
parent cfe8dc8bc8
commit eae0b8d654
46 changed files with 1444 additions and 381 deletions
+4 -23
View File
@@ -19,30 +19,11 @@
```
### Step 2: Create Required Deliverable
Use the save_deliverable script to create your evidence:
Use the save_deliverable MCP tool to create your evidence:
```bash
node save_deliverable.js SSRF_EVIDENCE '# SSRF Exploitation Evidence (Pipeline Test)
**MCP Server Used:** {{MCP_SERVER}}
**Test Site:** https://example.com
**Screenshot:** ssrf-exploit-test.png
**Status:** Browser isolation test successful
## Exploitation Results
- **Target:** Test SSRF vulnerability
- **Method:** Server-Side Request Forgery via URL parameter
- **Evidence:** Successfully forced server to make request to internal network
- **Impact:** Demonstrated access to internal services and potential data exfiltration
- **Proof:** Pipeline testing mode - simulated successful exploitation
## Technical Details
- **Vulnerability ID:** SSRF-VULN-01
- **Exploitation Status:** Simulated Success (Pipeline Test)
- **MCP Instance:** {{MCP_SERVER}}
- **Attack Vector:** URL parameter manipulation
- **Target:** Internal network services (localhost:8080)'
```
Use `save_deliverable` MCP tool with:
- `deliverable_type: "SSRF_EVIDENCE"`
- `content: "# SSRF Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** ssrf-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test SSRF vulnerability\n- **Method:** Server-Side Request Forgery via URL parameter\n- **Evidence:** Successfully forced server to make request to internal network\n- **Impact:** Demonstrated access to internal services and potential data exfiltration\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** SSRF-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** URL parameter manipulation\n- **Target:** Internal network services (localhost:8080)"`
This will automatically create `deliverables/ssrf_exploitation_evidence.md`.