feat: migrate to use MCP tools instead of helper scripts
This commit is contained in:
@@ -19,29 +19,11 @@
|
||||
```
|
||||
|
||||
### Step 2: Create Required Deliverable
|
||||
Use the save_deliverable script to create your evidence:
|
||||
Use the save_deliverable MCP tool to create your evidence:
|
||||
|
||||
```bash
|
||||
node save_deliverable.js XSS_EVIDENCE '# XSS Exploitation Evidence (Pipeline Test)
|
||||
|
||||
**MCP Server Used:** {{MCP_SERVER}}
|
||||
**Test Site:** https://example.com
|
||||
**Screenshot:** xss-exploit-test.png
|
||||
**Status:** Browser isolation test successful
|
||||
|
||||
## Exploitation Results
|
||||
- **Target:** Test XSS vulnerability
|
||||
- **Method:** Reflected XSS via search parameter
|
||||
- **Evidence:** Successfully executed payload `<script>alert('"'"'XSS'"'"')</script>`
|
||||
- **Impact:** Demonstrated JavaScript code execution in user context
|
||||
- **Proof:** Pipeline testing mode - simulated successful exploitation
|
||||
|
||||
## Technical Details
|
||||
- **Vulnerability ID:** XSS-VULN-01
|
||||
- **Exploitation Status:** Simulated Success (Pipeline Test)
|
||||
- **MCP Instance:** {{MCP_SERVER}}
|
||||
- **Attack Vector:** Reflected XSS in search functionality'
|
||||
```
|
||||
Use `save_deliverable` MCP tool with:
|
||||
- `deliverable_type: "XSS_EVIDENCE"`
|
||||
- `content: "# XSS Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** xss-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test XSS vulnerability\n- **Method:** Reflected XSS via search parameter\n- **Evidence:** Successfully executed payload `<script>alert('XSS')</script>`\n- **Impact:** Demonstrated JavaScript code execution in user context\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** XSS-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Reflected XSS in search functionality"`
|
||||
|
||||
This will automatically create `deliverables/xss_exploitation_evidence.md`.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user