humanoidprobe 1.0.0__tar.gz

humanoidprobe-1.0.0/PKG-INFO

@@ -0,0 +1,135 @@
+Metadata-Version: 2.4
+Name: humanoidprobe
+Version: 1.0.0
+Summary: HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back.
+Author-email: CyberSafeLabs <hello.cybersafe@gmail.com>
+Project-URL: Homepage, https://github.com/hellocybersafe/humanoidprobe
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.7
+Description-Content-Type: text/markdown
+
+# HumanoidProbe
+**by CyberSafeLabs**
+
+> *Analyse WAF behaviour. Think like an attacker.*
+
+HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back.
+
+Built from real bug bounty research. Not theory.
+
+---
+
+## What it does
+
+- Fires categorised XSS payload variations at a target URL and parameter
+- Detects WAF blocks via status codes, response body analysis, and response length changes
+- Identifies reflected payloads — the highest value findings
+- Summarises WAF behaviour and what it appears to be filtering
+- Gives you actionable intelligence to craft smarter bypass payloads
+
+---
+
+## Installation
+
+**1. Make sure Python 3 is installed**
+```bash
+python3 --version
+```
+If not:
+```bash
+sudo apt update && sudo apt install python3 python3-pip -y
+```
+
+**2. Install the dependency**
+```bash
+pip3 install requests
+```
+
+---
+
+## Usage
+
+```bash
+python3 humanoidprobe.py -u <URL> -p <parameter>
+```
+
+**Example:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q
+```
+
+**With options:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q --delay 1 --timeout 15
+```
+
+---
+
+## Options
+
+| Flag | Description | Default |
+|------|-------------|---------|
+| `-u` / `--url` | Target URL | Required |
+| `-p` / `--parameter` | GET parameter to test | Required |
+| `--payloads` | Custom payload file path | payloads/xss.txt |
+| `--delay` | Seconds between requests | 0.5 |
+| `--timeout` | Request timeout in seconds | 10 |
+
+---
+
+## Output verdicts
+
+| Verdict | Meaning |
+|---------|---------|
+| `REFLECTED` | Payload passed AND appeared in the response — investigate in browser immediately |
+| `PASSED` | WAF did not block — worth exploring further |
+| `BLOCKED` | WAF caught this payload |
+| `ERROR` | Request failed (timeout, connection error) |
+
+---
+
+## Project structure
+
+```
+humanoidprobe/
+├── humanoidprobe.py    # Main entry point — what you run
+├── payloads/
+│   └── xss.txt         # XSS payload list
+├── core/
+│   ├── requester.py    # Sends HTTP requests
+│   ├── detector.py     # Analyses responses (blocked vs passed)
+│   └── reporter.py     # Terminal output and summary
+└── README.md
+```
+
+---
+
+## Roadmap
+
+- [ ] WAF memory — builds a profile of WAF behaviour across sessions
+- [ ] Intelligent bypass suggestions — generates mutations based on what passed
+- [ ] POST parameter support
+- [ ] SQLi payload module
+- [ ] Output to file (JSON / txt)
+- [ ] Burp Suite integration
+- [ ] Full recon and attack surface mapping modules
+- [ ] Humanoid Intelligence — AI layer (coming in future versions)
+
+---
+
+## Legal & ethical use
+
+Only use HumanoidProbe against targets you have explicit permission to test.
+Unauthorised testing is illegal. This tool is built for legitimate security research and bug bounty programmes only.
+
+---
+
+## About
+
+HumanoidProbe is the first tool from **CyberSafeLabs** — an independent cybersecurity research initiative focused on protecting digital assets through offensive research, vulnerability discovery, and practical security tooling.
+
+The long-term vision: **Humanoid Intelligence** — an AI-powered security research platform built from real hunting experience.
+
+*CyberSafeLabs — protecting digital assets through research*

humanoidprobe-1.0.0/README.md

@@ -0,0 +1,123 @@
+# HumanoidProbe
+**by CyberSafeLabs**
+
+> *Analyse WAF behaviour. Think like an attacker.*
+
+HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back.
+
+Built from real bug bounty research. Not theory.
+
+---
+
+## What it does
+
+- Fires categorised XSS payload variations at a target URL and parameter
+- Detects WAF blocks via status codes, response body analysis, and response length changes
+- Identifies reflected payloads — the highest value findings
+- Summarises WAF behaviour and what it appears to be filtering
+- Gives you actionable intelligence to craft smarter bypass payloads
+
+---
+
+## Installation
+
+**1. Make sure Python 3 is installed**
+```bash
+python3 --version
+```
+If not:
+```bash
+sudo apt update && sudo apt install python3 python3-pip -y
+```
+
+**2. Install the dependency**
+```bash
+pip3 install requests
+```
+
+---
+
+## Usage
+
+```bash
+python3 humanoidprobe.py -u <URL> -p <parameter>
+```
+
+**Example:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q
+```
+
+**With options:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q --delay 1 --timeout 15
+```
+
+---
+
+## Options
+
+| Flag | Description | Default |
+|------|-------------|---------|
+| `-u` / `--url` | Target URL | Required |
+| `-p` / `--parameter` | GET parameter to test | Required |
+| `--payloads` | Custom payload file path | payloads/xss.txt |
+| `--delay` | Seconds between requests | 0.5 |
+| `--timeout` | Request timeout in seconds | 10 |
+
+---
+
+## Output verdicts
+
+| Verdict | Meaning |
+|---------|---------|
+| `REFLECTED` | Payload passed AND appeared in the response — investigate in browser immediately |
+| `PASSED` | WAF did not block — worth exploring further |
+| `BLOCKED` | WAF caught this payload |
+| `ERROR` | Request failed (timeout, connection error) |
+
+---
+
+## Project structure
+
+```
+humanoidprobe/
+├── humanoidprobe.py    # Main entry point — what you run
+├── payloads/
+│   └── xss.txt         # XSS payload list
+├── core/
+│   ├── requester.py    # Sends HTTP requests
+│   ├── detector.py     # Analyses responses (blocked vs passed)
+│   └── reporter.py     # Terminal output and summary
+└── README.md
+```
+
+---
+
+## Roadmap
+
+- [ ] WAF memory — builds a profile of WAF behaviour across sessions
+- [ ] Intelligent bypass suggestions — generates mutations based on what passed
+- [ ] POST parameter support
+- [ ] SQLi payload module
+- [ ] Output to file (JSON / txt)
+- [ ] Burp Suite integration
+- [ ] Full recon and attack surface mapping modules
+- [ ] Humanoid Intelligence — AI layer (coming in future versions)
+
+---
+
+## Legal & ethical use
+
+Only use HumanoidProbe against targets you have explicit permission to test.
+Unauthorised testing is illegal. This tool is built for legitimate security research and bug bounty programmes only.
+
+---
+
+## About
+
+HumanoidProbe is the first tool from **CyberSafeLabs** — an independent cybersecurity research initiative focused on protecting digital assets through offensive research, vulnerability discovery, and practical security tooling.
+
+The long-term vision: **Humanoid Intelligence** — an AI-powered security research platform built from real hunting experience.
+
+*CyberSafeLabs — protecting digital assets through research*

humanoidprobe-1.0.0/humanoidprobe/core/detector.py

@@ -0,0 +1,103 @@
+# This module analyses each response and determines whether
+# the payload was BLOCKED by the WAF or PASSED through.
+
+# Status codes that typically indicate a WAF block
+BLOCK_STATUS_CODES = [403, 406, 429, 503, 400]
+
+# Keywords in the response body that suggest a WAF blocked the request
+BLOCK_BODY_KEYWORDS = [
+    "blocked",
+    "forbidden",
+    "access denied",
+    "security",
+    "firewall",
+    "not acceptable",
+    "request rejected",
+    "detected as attack",
+    "malicious",
+    "illegal request",
+    "waf",
+    "cloudflare",
+    "incapsula",
+    "sucuri",
+    "akamai",
+    "barracuda",
+    "modsecurity",
+]
+
+
+def analyse_result(result, baseline_length=None):
+    """
+    Takes a single request result and classifies it as:
+    - BLOCKED   : WAF caught the payload
+    - PASSED    : Payload got through
+    - ERROR     : Request failed entirely
+    - REFLECTED : Payload passed AND was reflected in the response body (high interest)
+    """
+
+    # If there was a network error, mark it
+    if result["error"]:
+        result["verdict"] = "ERROR"
+        result["reason"] = result["error"]
+        return result
+
+    status = result["status_code"]
+    body = result["response_body"].lower()
+    payload = result["payload"].lower()
+
+    # Check if status code indicates a block
+    if status in BLOCK_STATUS_CODES:
+        result["verdict"] = "BLOCKED"
+        result["reason"] = f"Status code {status}"
+        return result
+
+    # Check if response body contains WAF block keywords
+    for keyword in BLOCK_BODY_KEYWORDS:
+        if keyword in body:
+            result["verdict"] = "BLOCKED"
+            result["reason"] = f"Body contains WAF keyword: '{keyword}'"
+            return result
+
+    # Check if response length is significantly shorter than baseline
+    # (WAF sometimes returns a short block page)
+    if baseline_length and result["response_length"] < (baseline_length * 0.5):
+        result["verdict"] = "BLOCKED"
+        result["reason"] = "Response significantly shorter than baseline (possible block page)"
+        return result
+
+    # Check if the payload was reflected in the response body
+    # This is the most interesting case — payload got through AND appeared in the page
+    if result["payload"].lower() in body:
+        result["verdict"] = "REFLECTED"
+        result["reason"] = "Payload passed through AND was reflected in response"
+        return result
+
+    # If none of the above — payload passed but wasn't reflected
+    result["verdict"] = "PASSED"
+    result["reason"] = "No block indicators detected"
+    return result
+
+
+def analyse_all(results, baseline_length=None):
+    """
+    Runs analyse_result on every result in the list.
+    Returns the full analysed list.
+    """
+    return [analyse_result(r, baseline_length) for r in results]
+
+
+def get_baseline_length(url, parameter, timeout=10):
+    """
+    Sends a clean harmless request first to get a normal response length.
+    This gives us a baseline to compare against when looking for block pages.
+    """
+    import requests
+
+    try:
+        headers = {
+            "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36"
+        }
+        response = requests.get(url, params={parameter: "hello"}, headers=headers, timeout=timeout)
+        return len(response.text)
+    except Exception:
+        return None

humanoidprobe-1.0.0/humanoidprobe/core/reporter.py

@@ -0,0 +1,136 @@
+# This module handles all terminal output.
+# It prints results cleanly as they come in and gives a final summary.
+
+# ANSI colour codes for terminal output
+GREEN  = "\033[92m"
+RED    = "\033[91m"
+YELLOW = "\033[93m"
+CYAN   = "\033[96m"
+BOLD   = "\033[1m"
+RESET  = "\033[0m"
+
+
+def print_banner():
+    """Prints the tool banner when it starts."""
+    print(f"""
+{CYAN}{BOLD}
+  _    _                                 _     _  _____           _          
+ | |  | |                               (_)   | ||  __ \         | |         
+ | |__| |_   _ _ __ ___   __ _ _ __   ___  __| || |__) | __ ___ | |__   ___ 
+ |  __  | | | | '_ ` _ \ / _` | '_ \ / _ |/ _` ||  ___/ '__/ _ \| '_ \ / _ |
+ | |  | | |_| | | | | | | (_| | | | | (_) | (_| || |   | | | (_) | |_) |  __/
+ |_|  |_|\__,_|_| |_| |_|\__,_|_| |_|\___/ \__,_||_|   |_|  \___/|_.__/ \___|
+{RESET}
+{BOLD}  HumanoidProbe — XSS WAF Intelligence Tool{RESET}
+{CYAN}  by CyberSafeLabs{RESET}
+  Analyse WAF behaviour. Think like an attacker.
+    """)
+
+
+def print_result(result, index, total):
+    """Prints a single result line as each payload is tested."""
+    verdict = result.get("verdict", "UNKNOWN")
+    payload = result["payload"]
+
+    # Truncate long payloads for display
+    display_payload = payload if len(payload) <= 60 else payload[:57] + "..."
+
+    if verdict == "REFLECTED":
+        status = f"{GREEN}{BOLD}[REFLECTED]{RESET}"
+    elif verdict == "PASSED":
+        status = f"{YELLOW}[PASSED]{RESET}"
+    elif verdict == "BLOCKED":
+        status = f"{RED}[BLOCKED]{RESET}"
+    else:
+        status = f"{CYAN}[ERROR]{RESET}"
+
+    print(f"  [{index}/{total}] {status} {display_payload}")
+
+
+def print_summary(results, url, parameter):
+    """Prints the final WAF behaviour summary after all payloads are tested."""
+
+    total     = len(results)
+    blocked   = [r for r in results if r.get("verdict") == "BLOCKED"]
+    passed    = [r for r in results if r.get("verdict") == "PASSED"]
+    reflected = [r for r in results if r.get("verdict") == "REFLECTED"]
+    errors    = [r for r in results if r.get("verdict") == "ERROR"]
+
+    print(f"\n{BOLD}{'─' * 60}{RESET}")
+    print(f"{BOLD}  HUMANOIDPROBE — SCAN SUMMARY{RESET}")
+    print(f"{BOLD}{'─' * 60}{RESET}")
+    print(f"  Target     : {url}")
+    print(f"  Parameter  : {parameter}")
+    print(f"  Total      : {total} payloads tested")
+    print(f"  {RED}Blocked    : {len(blocked)}{RESET}")
+    print(f"  {YELLOW}Passed     : {len(passed)}{RESET}")
+    print(f"  {GREEN}Reflected  : {len(reflected)}{RESET}")
+    print(f"  {CYAN}Errors     : {len(errors)}{RESET}")
+
+    # Show reflected payloads — these are the most important findings
+    if reflected:
+        print(f"\n{GREEN}{BOLD}  [!] REFLECTED PAYLOADS (Investigate these):{RESET}")
+        for r in reflected:
+            print(f"      {GREEN}→ {r['payload']}{RESET}")
+
+    # Show passed payloads
+    if passed:
+        print(f"\n{YELLOW}{BOLD}  [+] PASSED PAYLOADS (WAF did not block):{RESET}")
+        for r in passed:
+            print(f"      {YELLOW}→ {r['payload']}{RESET}")
+
+    # WAF behaviour analysis
+    print(f"\n{BOLD}  WAF BEHAVIOUR ANALYSIS:{RESET}")
+
+    if len(blocked) == total:
+        print(f"  {RED}→ WAF blocked everything. Highly aggressive filtering.{RESET}")
+        print(f"     Try: heavy encoding, unusual event handlers, exotic tags.")
+
+    elif len(blocked) == 0:
+        print(f"  {GREEN}→ No blocks detected. WAF may be absent or very permissive.{RESET}")
+        print(f"     Focus on reflected payloads and test for actual execution.")
+
+    elif len(reflected) > 0:
+        print(f"  {GREEN}→ Some payloads reflected. Potential XSS surface found.{RESET}")
+        print(f"     Prioritise reflected payloads and test in browser.")
+
+    else:
+        block_rate = (len(blocked) / total) * 100
+        print(f"  → WAF blocked {block_rate:.0f}% of payloads.")
+        print(f"     Review passed payloads — WAF has gaps worth exploring.")
+
+    # Analyse what types of payloads got blocked
+    _analyse_block_patterns(blocked)
+
+    print(f"\n{CYAN}  Humanoid sees what others miss.{RESET}")
+    print(f"{BOLD}{'─' * 60}{RESET}\n")
+
+
+def _analyse_block_patterns(blocked):
+    """Looks at blocked payloads and tries to identify what the WAF is filtering."""
+    if not blocked:
+        return
+
+    payloads = [r["payload"].lower() for r in blocked]
+
+    patterns = {
+        "script tags"      : ["<script", "</script>"],
+        "event handlers"   : ["onerror", "onload", "onfocus", "onclick", "onmouseover"],
+        "javascript:"      : ["javascript:"],
+        "svg tags"         : ["<svg"],
+        "iframe tags"      : ["<iframe"],
+        "encoded payloads" : ["%3c", "%3e", "&#x", "%2f"],
+        "case variations"  : ["<Script", "<SCRIPT", "<sCrIpT"],
+    }
+
+    detected = []
+    for pattern_name, keywords in patterns.items():
+        for payload in payloads:
+            if any(k.lower() in payload for k in keywords):
+                detected.append(pattern_name)
+                break
+
+    if detected:
+        print(f"\n  {BOLD}WAF appears to filter:{RESET}")
+        for d in detected:
+            print(f"      → {d}")

humanoidprobe-1.0.0/humanoidprobe/core/requester.py

@@ -0,0 +1,72 @@
+import requests
+import time
+
+# This module handles sending HTTP requests to the target URL
+# with each payload injected into the specified GET parameter.
+
+def send_payload(url, parameter, payload, timeout=10):
+    """
+    Sends a single GET request with the payload injected into the parameter.
+    Returns a result dictionary with the payload, status code, and response body.
+    """
+    try:
+        # Build the parameters dict — injects payload into the target parameter
+        params = {parameter: payload}
+
+        # Set a browser-like User-Agent to avoid being blocked for looking like a bot
+        headers = {
+            "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36"
+        }
+
+        # Send the GET request
+        response = requests.get(url, params=params, headers=headers, timeout=timeout)
+
+        return {
+            "payload": payload,
+            "status_code": response.status_code,
+            "response_body": response.text,
+            "response_length": len(response.text),
+            "error": None
+        }
+
+    except requests.exceptions.Timeout:
+        return {
+            "payload": payload,
+            "status_code": None,
+            "response_body": "",
+            "response_length": 0,
+            "error": "Timeout"
+        }
+
+    except requests.exceptions.ConnectionError:
+        return {
+            "payload": payload,
+            "status_code": None,
+            "response_body": "",
+            "response_length": 0,
+            "error": "Connection error"
+        }
+
+    except Exception as e:
+        return {
+            "payload": payload,
+            "status_code": None,
+            "response_body": "",
+            "response_length": 0,
+            "error": str(e)
+        }
+
+
+def send_all_payloads(url, parameter, payloads, delay=0.5):
+    """
+    Loops through every payload, sends each one, and collects the results.
+    delay = seconds to wait between requests (be respectful to the target server).
+    """
+    results = []
+
+    for payload in payloads:
+        result = send_payload(url, parameter, payload)
+        results.append(result)
+        time.sleep(delay)  # Small delay between requests
+
+    return results

humanoidprobe-1.0.0/humanoidprobe/humanoidprobe.py

@@ -0,0 +1,120 @@
+#!/usr/bin/env python3
+
+"""
+humanoidprobe.py — HumanoidProbe
+CyberSafeLabs
+
+Usage:
+  python3 humanoidprobe.py -u <url> -p <parameter>
+
+Example:
+  python3 humanoidprobe.py -u https://example.com/search -p q
+
+For ethical use only. Only test targets you have permission to test.
+"""
+
+import argparse
+import os
+import sys
+
+from .core.requester import send_all_payloads
+from .core.detector  import analyse_all, get_baseline_length
+from .core.reporter  import print_banner, print_result, print_summary
+
+
+def load_payloads(filepath):
+    """Loads payloads from a text file, one per line. Skips blank lines."""
+    if not os.path.exists(filepath):
+        print(f"[ERROR] Payload file not found: {filepath}")
+        sys.exit(1)
+
+    with open(filepath, "r") as f:
+        payloads = [line.strip() for line in f if line.strip()]
+
+    return payloads
+
+
+def main():
+    print_banner()
+
+    # --- Argument parsing ---
+    parser = argparse.ArgumentParser(
+        description="HumanoidProbe — XSS WAF Probe by CyberSafeLabs",
+        epilog="Example: python3 humanoidprobe.py -u https://example.com/search -p q"
+    )
+
+    parser.add_argument(
+        "-u", "--url",
+        required=True,
+        help="Target URL (e.g. https://example.com/search)"
+    )
+
+    parser.add_argument(
+        "-p", "--parameter",
+        required=True,
+        help="GET parameter to inject into (e.g. q)"
+    )
+
+    parser.add_argument(
+        "--payloads",
+        default=os.path.join(os.path.dirname(__file__), "payloads", "xss.txt"),
+        help="Path to custom payload file (default: payloads/xss.txt)"
+    )
+
+    parser.add_argument(
+        "--delay",
+        type=float,
+        default=0.5,
+        help="Delay in seconds between requests (default: 0.5)"
+    )
+
+    parser.add_argument(
+        "--timeout",
+        type=int,
+        default=10,
+        help="Request timeout in seconds (default: 10)"
+    )
+
+    args = parser.parse_args()
+
+    # --- Load payloads ---
+    print(f"  [*] Loading payloads from: {args.payloads}")
+    payloads = load_payloads(args.payloads)
+    print(f"  [*] Loaded {len(payloads)} payloads\n")
+
+    # --- Get baseline response length ---
+    print(f"  [*] Getting baseline response for: {args.url}")
+    baseline_length = get_baseline_length(args.url, args.parameter, timeout=args.timeout)
+    if baseline_length:
+        print(f"  [*] Baseline response length: {baseline_length} bytes\n")
+    else:
+        print(f"  [!] Could not get baseline — continuing without it\n")
+
+    # --- Run the probe ---
+    print(f"  [*] Starting probe on parameter '{args.parameter}'")
+    print(f"  [*] Delay between requests: {args.delay}s\n")
+    print(f"  {'─' * 60}")
+
+    total = len(payloads)
+    all_results = []
+
+    # Send payloads one by one and print result as we go
+    for i, payload in enumerate(payloads, start=1):
+        from core.requester import send_payload
+        from core.detector  import analyse_result
+
+        raw_result      = send_payload(args.url, args.parameter, payload, timeout=args.timeout)
+        analysed_result = analyse_result(raw_result, baseline_length)
+        all_results.append(analysed_result)
+
+        print_result(analysed_result, i, total)
+
+        import time
+        time.sleep(args.delay)
+
+    # --- Print final summary ---
+    print_summary(all_results, args.url, args.parameter)
+
+
+if __name__ == "__main__":
+    main()

humanoidprobe-1.0.0/humanoidprobe.egg-info/PKG-INFO

@@ -0,0 +1,135 @@
+Metadata-Version: 2.4
+Name: humanoidprobe
+Version: 1.0.0
+Summary: HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back.
+Author-email: CyberSafeLabs <hello.cybersafe@gmail.com>
+Project-URL: Homepage, https://github.com/hellocybersafe/humanoidprobe
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.7
+Description-Content-Type: text/markdown
+
+# HumanoidProbe
+**by CyberSafeLabs**
+
+> *Analyse WAF behaviour. Think like an attacker.*
+
+HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back.
+
+Built from real bug bounty research. Not theory.
+
+---
+
+## What it does
+
+- Fires categorised XSS payload variations at a target URL and parameter
+- Detects WAF blocks via status codes, response body analysis, and response length changes
+- Identifies reflected payloads — the highest value findings
+- Summarises WAF behaviour and what it appears to be filtering
+- Gives you actionable intelligence to craft smarter bypass payloads
+
+---
+
+## Installation
+
+**1. Make sure Python 3 is installed**
+```bash
+python3 --version
+```
+If not:
+```bash
+sudo apt update && sudo apt install python3 python3-pip -y
+```
+
+**2. Install the dependency**
+```bash
+pip3 install requests
+```
+
+---
+
+## Usage
+
+```bash
+python3 humanoidprobe.py -u <URL> -p <parameter>
+```
+
+**Example:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q
+```
+
+**With options:**
+```bash
+python3 humanoidprobe.py -u https://example.com/search -p q --delay 1 --timeout 15
+```
+
+---
+
+## Options
+
+| Flag | Description | Default |
+|------|-------------|---------|
+| `-u` / `--url` | Target URL | Required |
+| `-p` / `--parameter` | GET parameter to test | Required |
+| `--payloads` | Custom payload file path | payloads/xss.txt |
+| `--delay` | Seconds between requests | 0.5 |
+| `--timeout` | Request timeout in seconds | 10 |
+
+---
+
+## Output verdicts
+
+| Verdict | Meaning |
+|---------|---------|
+| `REFLECTED` | Payload passed AND appeared in the response — investigate in browser immediately |
+| `PASSED` | WAF did not block — worth exploring further |
+| `BLOCKED` | WAF caught this payload |
+| `ERROR` | Request failed (timeout, connection error) |
+
+---
+
+## Project structure
+
+```
+humanoidprobe/
+├── humanoidprobe.py    # Main entry point — what you run
+├── payloads/
+│   └── xss.txt         # XSS payload list
+├── core/
+│   ├── requester.py    # Sends HTTP requests
+│   ├── detector.py     # Analyses responses (blocked vs passed)
+│   └── reporter.py     # Terminal output and summary
+└── README.md
+```
+
+---
+
+## Roadmap
+
+- [ ] WAF memory — builds a profile of WAF behaviour across sessions
+- [ ] Intelligent bypass suggestions — generates mutations based on what passed
+- [ ] POST parameter support
+- [ ] SQLi payload module
+- [ ] Output to file (JSON / txt)
+- [ ] Burp Suite integration
+- [ ] Full recon and attack surface mapping modules
+- [ ] Humanoid Intelligence — AI layer (coming in future versions)
+
+---
+
+## Legal & ethical use
+
+Only use HumanoidProbe against targets you have explicit permission to test.
+Unauthorised testing is illegal. This tool is built for legitimate security research and bug bounty programmes only.
+
+---
+
+## About
+
+HumanoidProbe is the first tool from **CyberSafeLabs** — an independent cybersecurity research initiative focused on protecting digital assets through offensive research, vulnerability discovery, and practical security tooling.
+
+The long-term vision: **Humanoid Intelligence** — an AI-powered security research platform built from real hunting experience.
+
+*CyberSafeLabs — protecting digital assets through research*

humanoidprobe-1.0.0/humanoidprobe.egg-info/SOURCES.txt

@@ -0,0 +1,12 @@
+README.md
+pyproject.toml
+humanoidprobe/__init__.py
+humanoidprobe/humanoidprobe.py
+humanoidprobe.egg-info/PKG-INFO
+humanoidprobe.egg-info/SOURCES.txt
+humanoidprobe.egg-info/dependency_links.txt
+humanoidprobe.egg-info/entry_points.txt
+humanoidprobe.egg-info/top_level.txt
+humanoidprobe/core/detector.py
+humanoidprobe/core/reporter.py
+humanoidprobe/core/requester.py

humanoidprobe-1.0.0/humanoidprobe.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

humanoidprobe-1.0.0/humanoidprobe.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+humanoidprobe = humanoidprobe.humanoidprobe:main

humanoidprobe-1.0.0/humanoidprobe.egg-info/top_level.txt

@@ -0,0 +1 @@
+humanoidprobe

humanoidprobe-1.0.0/pyproject.toml

@@ -0,0 +1,25 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "humanoidprobe"
+version = "1.0.0"
+authors = [
+  { name="CyberSafeLabs", email="hello.cybersafe@gmail.com" },
+]
+description = "HumanoidProbe is a command-line XSS WAF intelligence tool that probes how a WAF responds to payload variations — telling you what gets blocked, what passes through, and what gets reflected back."
+readme = "README.md"
+requires-python = ">=3.7"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+]
+dependencies = []
+
+[project.urls]
+"Homepage" = "https://github.com/hellocybersafe/humanoidprobe"
+
+[project.scripts]
+humanoidprobe = "humanoidprobe.humanoidprobe:main"

humanoidprobe-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+