websec-validator 0.2.0__py3-none-any.whl

websec_validator/templates/probes/dlp-bypass-offline.py

@@ -0,0 +1,149 @@
+#!/usr/bin/env python3
+"""
+DLP bypass corpus — OFFLINE regex analysis.
+
+Pulls the live DLP rules from the API, then tests each rule's regex
+against an encoding corpus (the same payload encoded different ways).
+If the regex DOES NOT match an encoded variant, that variant is a bypass.
+
+No messages are sent. No network calls beyond fetching the rule list.
+
+Output: per-rule per-encoding match/bypass table.
+
+PRECONDITION: your project has a DLP / content-filtering feature with rules
+the admin can list via API. If not, this script is N/A.
+"""
+import base64, json, re, subprocess, sys, urllib.parse
+from pathlib import Path
+
+ROOT = Path(__file__).resolve().parents[2].parent
+ENV = {}
+for line in (ROOT / 'security/zap/.env').read_text().splitlines():
+    if '=' in line and not line.lstrip().startswith('#'):
+        k, v = line.split('=', 1); ENV[k.strip()] = v.strip()
+
+TARGET = ENV['ZAP_TARGET']
+# TODO: adjust login response shape if needed.
+ADMIN_TOK_RESP = subprocess.run(['curl','-fsS','-X','POST',f"{TARGET}/api/auth/login",
+                                 '-H','Content-Type: application/json',
+                                 '-d',json.dumps({'email':ENV['ZAP_ADMIN_USER'],'password':ENV['ZAP_ADMIN_PASS']})],
+                                capture_output=True, text=True).stdout
+ADMIN_TOK = json.loads(ADMIN_TOK_RESP)['tokens']['accessToken']
+
+# PROJECT-SPECIFIC START
+# TODO: adjust the DLP-rules endpoint and the rule schema. Common shapes:
+#   GET /api/dlp/rules    -> [{id, name, pattern, action, scope}]
+#   GET /api/policies     -> [{id, regex, action}]
+RULES_ENDPOINT = "/api/dlp/rules"
+# PROJECT-SPECIFIC END
+
+rules_raw = subprocess.run(['curl','-fsS',f"{TARGET}{RULES_ENDPOINT}",
+                            '-H',f"Authorization: Bearer {ADMIN_TOK}"],
+                           capture_output=True, text=True).stdout
+all_rules = json.loads(rules_raw)
+
+# Filter to content (regex) rules, skipping any media/file-type-prefix rules
+content_rules = [r for r in all_rules if not r.get('pattern','').startswith('MEDIA_TYPE:')]
+print(f"=== {len(content_rules)} content-pattern DLP rules loaded ===")
+for r in content_rules:
+    print(f"  - {r.get('id','?'):50s} action={r.get('action','?')} scope={r.get('scope','?')}")
+
+# Sensitive payloads — fake but format-correct
+PAYLOADS = {
+    'amex_card':    '3782 822463 10005',      # American Express test number
+    'visa_card':    '4111-1111-1111-1111',    # Visa test number
+    'ssn':          '123-45-6789',
+    'email':        'victim@example.com',
+    'phone':        '+1 (212) 555-1234',
+}
+
+def encodings(text):
+    """Generate same payload in different encodings/obfuscations"""
+    return {
+        'plain':                    text,
+        'base64':                   base64.b64encode(text.encode()).decode(),
+        'base64_padded':            'data:text/plain;base64,' + base64.b64encode(text.encode()).decode(),
+        'hex':                      text.encode().hex(),
+        'url_encoded':              urllib.parse.quote(text),
+        'url_double_encoded':       urllib.parse.quote(urllib.parse.quote(text)),
+        'zero_width_split':         text[:2] + '​' + text[2:],  # zero-width space
+        'rtl_override':             '‮' + text,
+        'spacing_split':            ' '.join(text),
+        'rot13':                    text.translate(str.maketrans(
+            'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz',
+            'NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm')),
+        'html_entity_digit':        re.sub(r'(\d)', lambda m: f"&#{ord(m.group(1))};", text),
+        'leet':                     text.replace('1','l').replace('0','O').replace('4','A'),
+        'json_unicode_escape':      ''.join(f'\\u{ord(c):04x}' if c.isdigit() else c for c in text),
+        'mixed_case_keyword':       text.upper(),
+        'comment_inline':           text.replace(' ', '/*x*/'),
+    }
+
+print()
+print("=== Bypass matrix: rule x payload x encoding -> matches? ===")
+print()
+
+findings = []
+
+for rule in content_rules:
+    pat = rule.get('pattern', '')
+    name = rule.get('name', '?')
+    rid = rule.get('id', '?')
+    print(f"\n--- {name} ({rid}) ---")
+    print(f"    pattern: {pat[:80]}{'...' if len(pat) > 80 else ''}")
+    try:
+        regex = re.compile(pat, re.IGNORECASE)
+    except re.error as e:
+        print(f"    !! rule pattern invalid: {e}")
+        continue
+
+    relevant_payloads = []
+    if 'amex' in rid: relevant_payloads.append('amex_card')
+    if 'visa' in rid or 'mc' in rid: relevant_payloads.append('visa_card')
+    if 'ssn' in rid.lower() or 'social' in name.lower(): relevant_payloads.append('ssn')
+    if 'email' in rid.lower(): relevant_payloads.append('email')
+    if 'phone' in rid.lower(): relevant_payloads.append('phone')
+
+    if not relevant_payloads:
+        print(f"    (no matching test payload -- skip)")
+        continue
+
+    for pname in relevant_payloads:
+        payload = PAYLOADS[pname]
+        print(f"    test payload: {pname} ({payload!r})")
+        for ename, encoded in encodings(payload).items():
+            matched = bool(regex.search(encoded))
+            mark = 'OK BLOCK' if matched else '!! BYPASS'
+            if ename == 'plain' and not matched:
+                mark = 'XX MISCONFIGURED (regex does not match plain text)'
+            line = f"      [{mark:35s}] {ename:25s} -> {encoded[:60]}"
+            print(line)
+            findings.append({
+                'rule_id': rid,
+                'rule_name': name,
+                'payload': pname,
+                'encoding': ename,
+                'matched': matched,
+                'sample': encoded[:80],
+            })
+
+out = ROOT / 'security/pentest-prep/reports/dlp-bypass/findings.json'
+out.parent.mkdir(parents=True, exist_ok=True)
+out.write_text(json.dumps(findings, indent=2))
+
+bypasses = [f for f in findings if not f['matched'] and f['encoding'] != 'plain']
+plain_misses = [f for f in findings if not f['matched'] and f['encoding'] == 'plain']
+print()
+print(f"=== Summary ===")
+print(f"  Total tests:        {len(findings)}")
+print(f"  Bypasses found:     {len(bypasses)}")
+print(f"  Misconfigured rules:{len(plain_misses)} (regex doesnt match its own intended payload)")
+print(f"  Saved: {out}")
+
+if bypasses:
+    print()
+    print(f"=== Bypass details ===")
+    for b in bypasses[:20]:
+        print(f"  [{b['rule_id']:50s}] {b['encoding']:25s} {b['payload']} -> bypass")
+
+sys.exit(0)

websec_validator/templates/probes/hs256-brute-force.py

@@ -0,0 +1,90 @@
+#!/usr/bin/env python3
+"""
+HS256 JWT secret brute-force probe.
+
+Tries a wordlist of common weak secrets against a captured JWT. If any
+candidate verifies the signature, we have the secret -> can forge any
+token -> critical finding.
+
+This is OFFLINE — no server requests. Run safely against any token.
+
+Usage: python3 hs256-brute-force.py <jwt_token>
+"""
+import sys, hmac, hashlib, base64
+
+if len(sys.argv) != 2:
+    print("Usage: hs256-brute-force.py <jwt_token>", file=sys.stderr)
+    sys.exit(2)
+
+token = sys.argv[1].strip()
+try:
+    h_b64, p_b64, s_b64 = token.split('.')
+except ValueError:
+    print("Token isn't a 3-part JWT", file=sys.stderr)
+    sys.exit(2)
+
+def b64url_pad(s):
+    return s + '=' * (-len(s) % 4)
+
+signed = (h_b64 + '.' + p_b64).encode()
+expected_sig = base64.urlsafe_b64decode(b64url_pad(s_b64))
+
+# Wordlist: common weak JWT secrets seen in the wild.
+# Real bug bounties: "secret", "your-256-bit-secret" (the JWT.io default!),
+# "jwt-secret", common framework defaults, project-name guesses.
+# TODO: Add project-name candidates: variations of <PROJECT_NAME>, the company
+# name, internal team names, any nickname you've seen in docs. Attackers will.
+CANDIDATES = [
+    # JWT.io default (used by tutorials, sometimes makes it to production)
+    "your-256-bit-secret",
+    # NextAuth + Auth.js defaults
+    "your-secret-key", "your-secret",
+    # Express + jsonwebtoken tutorials
+    "secret", "jwt-secret", "jwtsecret", "JWT_SECRET",
+    "supersecret", "supersecretkey",
+    # Common dev placeholders
+    "changeme", "changeit", "changethis", "CHANGEME",
+    "password", "Password1!", "admin", "admin123",
+    "test", "test123", "testing",
+    "dev", "development", "local",
+    "default", "default-secret",
+    # PROJECT-SPECIFIC START
+    # TODO: project-name and company-name guesses go here.
+    # "<project-name>", "<project-slug>", "<company-name>",
+    # PROJECT-SPECIFIC END
+    # Common framework env defaults
+    "your-secret-jwt-key", "secretkey",
+    # Length-32 placeholders
+    "0123456789abcdef0123456789abcdef",
+    "abcdefghijklmnopqrstuvwxyz123456",
+    # Empty/null secrets (sometimes accepted)
+    "",
+    "null", "undefined",
+    # Common from leaked-secret datasets
+    "123456", "12345678", "qwerty",
+]
+
+print(f"=== HS256 brute force test ===")
+print(f"  Token header.payload length: {len(h_b64) + 1 + len(p_b64)} bytes")
+print(f"  Trying {len(CANDIDATES)} candidate secrets (offline, no requests)...")
+print()
+
+found = None
+for cand in CANDIDATES:
+    computed = hmac.new(cand.encode(), signed, hashlib.sha256).digest()
+    if hmac.compare_digest(computed, expected_sig):
+        found = cand
+        break
+
+if found is not None:
+    print(f"  !! CRITICAL: signing secret cracked!")
+    print(f"  Secret value: {'<EMPTY STRING>' if not found else repr(found)}")
+    print(f"  Implication: any attacker can forge JWTs for any user/role.")
+    print(f"  Action: ROTATE the JWT signing secret IMMEDIATELY.")
+    sys.exit(1)
+else:
+    print(f"  OK -- none of {len(CANDIDATES)} weak-secret candidates work.")
+    print(f"  This does NOT prove the secret is strong -- only that it's not in")
+    print(f"  this short wordlist. For a real engagement, use hashcat mode 16500")
+    print(f"  against rockyou.txt or larger lists.")
+    sys.exit(0)

websec_validator/templates/probes/jwt-attacks.sh

@@ -0,0 +1,161 @@
+#!/usr/bin/env bash
+#
+# jwt-attacks.sh — manual JWT attack probe.
+#
+# Six classic JWT attacks pentest teams run:
+#
+#   1. alg:none — sign with no algorithm. If the backend accepts it, total auth bypass.
+#   2. HS256 with garbage secret — tamper claims and resign with a wrong key.
+#   3. Expired token — exp in the past, expect 401.
+#   4. Stripped signature — empty sig segment.
+#   5. Garbage token — non-JWT string.
+#   6. Refresh-after-logout — logout, then try the still-cached refresh token.
+#
+# Usage:
+#   1. In .env, set ZAP_AGENT_USER / ZAP_AGENT_PASS.
+#   2. ./jwt-attacks.sh
+#   3. Output: one PASS/FAIL per attack; nonzero exit on FAIL.
+#
+# Requires: bash, curl, jq, python3.
+set -euo pipefail
+cd "$(dirname "$0")"
+
+[[ -f .env ]] || { echo "No .env found" >&2; exit 1; }
+
+read_env() {
+    local key="$1"
+    python3 -c "
+for l in open('.env'):
+    l = l.rstrip('\n')
+    if l.startswith('#') or '=' not in l: continue
+    k, v = l.split('=', 1)
+    if k.strip() == '$key':
+        print(v); break
+"
+}
+
+TARGET="$(read_env ZAP_TARGET)"
+USER="$(read_env ZAP_AGENT_USER)"
+PASS="$(read_env ZAP_AGENT_PASS)"
+
+[[ -n "$TARGET" && -n "$USER" && -n "$PASS" ]] || {
+    echo "ERROR: ZAP_TARGET / ZAP_AGENT_USER / ZAP_AGENT_PASS required in .env" >&2; exit 2
+}
+
+# TODO: adjust login / refresh / me / logout paths to your API.
+echo "==> mint legit token..."
+LOGIN_RESP=$(curl -fsS -X POST "$TARGET/api/auth/login" \
+    -H 'Content-Type: application/json' \
+    -d "$(jq -nc --arg e "$USER" --arg p "$PASS" '{email:$e,password:$p}')")
+
+ACCESS_TOKEN=$(echo "$LOGIN_RESP" | jq -r '.tokens.accessToken')
+REFRESH_TOKEN=$(echo "$LOGIN_RESP" | jq -r '.tokens.refreshToken')
+
+[[ -n "$ACCESS_TOKEN" && "$ACCESS_TOKEN" != "null" ]] || { echo "login failed" >&2; exit 3; }
+
+b64url() {
+    python3 -c "import sys, base64; sys.stdout.write(base64.urlsafe_b64encode(sys.stdin.buffer.read()).decode().rstrip('='))"
+}
+
+IFS='.' read -r H P S <<< "$ACCESS_TOKEN"
+
+# A protected endpoint that requires a real session. Adjust to your API.
+TEST_URL="$TARGET/api/auth/me"
+
+PASS_COUNT=0
+FAIL_COUNT=0
+FAIL_LINES=()
+
+check() {
+    local label="$1" expected_code="$2" actual="$3"
+    if [[ "$actual" == "$expected_code" ]]; then
+        printf '  %-4s %-30s expected:%s actual:%s\n' PASS "$label" "$expected_code" "$actual"
+        PASS_COUNT=$((PASS_COUNT+1))
+    else
+        printf '  %-4s %-30s expected:%s actual:%s\n' FAIL "$label" "$expected_code" "$actual"
+        FAIL_COUNT=$((FAIL_COUNT+1))
+        FAIL_LINES+=("$label expected $expected_code got $actual")
+    fi
+}
+
+# === Sanity: legit token works ===
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer $ACCESS_TOKEN")
+check "sanity (legit token)" "200" "$code"
+
+# === Attack 1: alg:none ===
+DECODED_P=$(echo "$P" | python3 -c "import sys, base64; d=sys.stdin.read(); print(base64.urlsafe_b64decode(d + '=='*(4-len(d)%4)).decode())")
+NEW_H=$(echo -n '{"alg":"none","typ":"JWT"}' | b64url)
+NONE_TOKEN="${NEW_H}.${P}."
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer $NONE_TOKEN")
+check "alg:none bypass" "401" "$code"
+
+# === Attack 2: HS256 with garbage secret + tampered claims ===
+# TODO: adjust claim names to your token's shape (role, roles, scope, permissions, etc.)
+TAMPERED_P=$(echo "$DECODED_P" | jq -c '.roleIds = ["role-platform-manager","role-developer"] | .iat = (now|floor) | .exp = ((now|floor) + 3600)')
+TAMPERED_P_B64=$(echo -n "$TAMPERED_P" | b64url)
+HEADER_HS256=$(echo -n '{"alg":"HS256","typ":"JWT"}' | b64url)
+WRONG_SIG=$(printf '%s.%s' "$HEADER_HS256" "$TAMPERED_P_B64" \
+    | python3 -c "import sys, hmac, hashlib, base64; data=sys.stdin.buffer.read(); sig=hmac.new(b'wrong-secret-do-not-trust', data, hashlib.sha256).digest(); sys.stdout.write(base64.urlsafe_b64encode(sig).decode().rstrip('='))")
+TAMPERED_TOKEN="${HEADER_HS256}.${TAMPERED_P_B64}.${WRONG_SIG}"
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer $TAMPERED_TOKEN")
+check "claims tampered, wrong sig" "401" "$code"
+
+# === Attack 3: expired token ===
+EXPIRED_P=$(echo "$DECODED_P" | jq -c '.exp = ((now|floor) - 60) | .iat = ((now|floor) - 3600)')
+EXPIRED_P_B64=$(echo -n "$EXPIRED_P" | b64url)
+EXP_SIG=$(printf '%s.%s' "$H" "$EXPIRED_P_B64" \
+    | python3 -c "import sys, hmac, hashlib, base64; data=sys.stdin.buffer.read(); sig=hmac.new(b'will-not-match', data, hashlib.sha256).digest(); sys.stdout.write(base64.urlsafe_b64encode(sig).decode().rstrip('='))")
+EXP_TOKEN="${H}.${EXPIRED_P_B64}.${EXP_SIG}"
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer $EXP_TOKEN")
+check "expired exp + bad sig" "401" "$code"
+
+# === Attack 4: stripped signature ===
+NO_SIG="${H}.${P}."
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer $NO_SIG")
+check "stripped signature" "401" "$code"
+
+# === Attack 5: garbage token ===
+code=$(curl -s -o /dev/null -w '%{http_code}' "$TEST_URL" -H "Authorization: Bearer not-a-jwt")
+check "garbage token" "401" "$code"
+
+# === Attack 6: refresh-token replay after logout ===
+echo "==> logging out then attempting refresh replay..."
+curl -fsS -X POST "$TARGET/api/auth/logout" \
+    -H "Authorization: Bearer $ACCESS_TOKEN" \
+    -H 'Content-Type: application/json' \
+    -d "$(jq -nc --arg r "$REFRESH_TOKEN" '{refreshToken:$r}')" \
+    >/dev/null 2>&1 || echo "  (logout endpoint may not invalidate refresh tokens — continuing)"
+
+if [[ -n "$REFRESH_TOKEN" && "$REFRESH_TOKEN" != "null" ]]; then
+    code=$(curl -s -o /dev/null -w '%{http_code}' -X POST "$TARGET/api/auth/refresh" \
+        -H 'Content-Type: application/json' \
+        -d "$(jq -nc --arg r "$REFRESH_TOKEN" '{refreshToken:$r}')")
+    # Acceptable outcomes:
+    #   401 — token was invalidated on logout (best)
+    #   200 — refresh tokens are stateless and replay is possible (acceptable per
+    #         the project's auth model; document the tradeoff)
+    if [[ "$code" == "401" ]]; then
+        printf '  %-4s %-30s expected:401 actual:%s (refresh token invalidated on logout)\n' PASS "refresh-after-logout" "$code"
+        PASS_COUNT=$((PASS_COUNT+1))
+    elif [[ "$code" == "200" ]]; then
+        printf '  %-4s %-30s expected:401 actual:%s (refresh tokens are stateless; document tradeoff)\n' WARN "refresh-after-logout" "$code"
+    else
+        printf '  %-4s %-30s expected:401 actual:%s\n' FAIL "refresh-after-logout" "$code"
+        FAIL_COUNT=$((FAIL_COUNT+1))
+        FAIL_LINES+=("refresh-after-logout got $code")
+    fi
+else
+    echo "  (refresh token not present in login response — skip)"
+fi
+
+echo
+echo "=== Summary ==="
+echo "  PASS: $PASS_COUNT"
+echo "  FAIL: $FAIL_COUNT"
+if [[ $FAIL_COUNT -gt 0 ]]; then
+    echo
+    echo "FAILED:"
+    printf '  - %s\n' "${FAIL_LINES[@]}"
+    exit 1
+fi
+echo "All JWT attacks blocked — auth layer holds."

websec_validator/templates/probes/mass-assignment.py

@@ -0,0 +1,201 @@
+#!/usr/bin/env python3
+"""
+Mass assignment / BOPLA (Broken Object Property Level Authorization) probe.
+
+Tests the OWASP API #3 attack class: handler accepts user-supplied fields
+that should be controlled by the server. Specifically targets:
+
+  1. PATCH /api/users/{userId} (self-edit) — try to escalate own role/groups
+  2. POST /api/admin/users (create) — try to create privileged user
+  3. PUT /api/admin/users/{id} (update) — try to escalate someone via admin path
+  4. PATCH /api/auth/me variants — try to add ownership / billing fields
+
+Findings classification:
+  CRITICAL: extra field was applied (role/group escalation succeeded)
+  HIGH:     extra field was accepted (200) and persisted but didn't fully escalate
+  PASS:     extra field was stripped (200 but field ignored) OR rejected (4xx)
+
+Usage:
+  python3 mass-assignment.py
+  (reads tokens from ../../zap/.env)
+"""
+import json, os, subprocess, sys
+from pathlib import Path
+
+ROOT = Path(__file__).resolve().parents[2].parent  # repo root
+sys.path.insert(0, str(ROOT))
+
+# Read .env (relative to the zap/ folder where the .env lives)
+ENV = {}
+for line in (ROOT / 'security/zap/.env').read_text().splitlines():
+    if '=' in line and not line.lstrip().startswith('#'):
+        k, v = line.split('=', 1)
+        ENV[k.strip()] = v.strip()
+
+TARGET = ENV['ZAP_TARGET']
+
+# TODO: adjust login URL and response parsing to your API.
+def login(user, pwd):
+    r = subprocess.run(['curl', '-fsS', '-X', 'POST', f'{TARGET}/api/auth/login',
+                        '-H', 'Content-Type: application/json',
+                        '-d', json.dumps({'email': user, 'password': pwd})],
+                       capture_output=True, text=True)
+    if r.returncode != 0:
+        raise RuntimeError(f"login failed for {user}: {r.stderr}")
+    return json.loads(r.stdout)['tokens']['accessToken']
+
+def get_me(tok):
+    r = subprocess.run(['curl', '-fsS', f'{TARGET}/api/auth/me',
+                        '-H', f'Authorization: Bearer {tok}'],
+                       capture_output=True, text=True)
+    return json.loads(r.stdout).get('user', {})
+
+print(f"=== minting tokens ===")
+ADMIN_TOK = login(ENV['ZAP_ADMIN_USER'], ENV['ZAP_ADMIN_PASS'])
+AGENT_TOK = login(ENV['ZAP_AGENT_USER'], ENV['ZAP_AGENT_PASS'])
+AGENT_ME = get_me(AGENT_TOK)
+print(f"  agent: {AGENT_ME.get('email')} (id={AGENT_ME.get('id')})")
+# TODO: adjust field names to your role/tenancy shape.
+print(f"  agent role: {AGENT_ME.get('role')} roleIds={AGENT_ME.get('roleIds')} groupIds={AGENT_ME.get('groupIds')}")
+
+# === The dangerous extras we try to inject ===
+# PROJECT-SPECIFIC START
+# TODO: tailor these to your project's user-model fields. Common escalations:
+#   - role / roles / roleIds / scope / permissions
+#   - tenant / org / workspace / groupIds — "add to all tenants"
+#   - isAdmin / isOwner / isSuperuser / accessLevel
+#   - createdBy / ownedBy / billingAccount — audit-log spoofing
+#   - id / passwordHash — direct identity overwrite
+DANGER_FIELDS = {
+    'role': 'admin',
+    'roleIds': ['role-platform-manager'],
+    'groupIds': ['*-all-tenants-*'],
+    'isAdmin': True,
+    'accessLevel': 999,
+    'permissions': ['*'],
+    'createdBy': 'admin-user',
+    'passwordHash': 'fake-hash',
+    'id': 'attacker-chosen-id',
+    'status': 'admin',
+    'internalNotes': 'pwned',
+}
+# PROJECT-SPECIFIC END
+
+findings = []
+
+def probe(label, method, path, base_body, tok, expected_field_changes=None):
+    """Issue request with payload = base_body ∪ DANGER_FIELDS, then re-fetch /me to see if anything stuck."""
+    body = {**(base_body or {}), **DANGER_FIELDS}
+    r = subprocess.run(['curl', '-s', '-X', method, f'{TARGET}{path}',
+                        '-H', f'Authorization: Bearer {tok}',
+                        '-H', 'Content-Type: application/json',
+                        '-d', json.dumps(body),
+                        '-w', '\nHTTP_CODE:%{http_code}'],
+                       capture_output=True, text=True)
+    out = r.stdout
+    code = int(out.split('HTTP_CODE:')[-1].strip()) if 'HTTP_CODE:' in out else 0
+    body_text = out.split('\nHTTP_CODE:')[0]
+
+    me_after = get_me(tok)
+
+    escalations = {}
+    for k, v in DANGER_FIELDS.items():
+        before = AGENT_ME.get(k)
+        after = me_after.get(k)
+        if after != before and after == v:
+            escalations[k] = {'before': before, 'after': after}
+
+    if escalations:
+        severity = 'CRITICAL'
+    elif code in (200, 201, 204):
+        severity = 'HIGH' if 'roleIds' in body_text or 'groupIds' in body_text else 'PASS'
+    elif code in (400, 403, 422):
+        severity = 'PASS'
+    else:
+        severity = 'INVESTIGATE'
+
+    findings.append({
+        'label': label, 'method': method, 'path': path, 'status': code,
+        'severity': severity, 'escalations_observed': escalations,
+        'response_preview': body_text[:200],
+    })
+
+    mark = '!!' if severity == 'CRITICAL' else ('??' if severity == 'INVESTIGATE' else ('-' if severity == 'HIGH' else 'OK'))
+    print(f"  [{mark}] [{severity}] {method} {path} -> {code}")
+    if escalations:
+        for k, change in escalations.items():
+            print(f"       FIELD STUCK: {k}  {change['before']!r} -> {change['after']!r}")
+
+# PROJECT-SPECIFIC START
+# TODO: each probe targets a real user-edit endpoint in your project. Replace
+# the paths and base_body fields with the real shape your API expects.
+print()
+print("=== Probe 1: PATCH /api/users/{me} with extras (self-edit path) ===")
+probe('self-edit-patch', 'PATCH', f"/api/users/{AGENT_ME['id']}", {'name': AGENT_ME.get('name', 'Test')}, AGENT_TOK)
+
+print()
+print("=== Probe 2: PUT /api/users/{me} with extras (self-edit alt verb) ===")
+probe('self-edit-put', 'PUT', f"/api/users/{AGENT_ME['id']}", {'name': AGENT_ME.get('name', 'Test')}, AGENT_TOK)
+
+print()
+print("=== Probe 3: PATCH /api/auth/me with extras (auth-namespace self-edit) ===")
+probe('auth-me-patch', 'PATCH', "/api/auth/me", {'name': AGENT_ME.get('name', 'Test')}, AGENT_TOK)
+
+print()
+print("=== Probe 4: PUT /api/users/me with extras (string 'me' resolution) ===")
+probe('me-alias-put', 'PUT', "/api/users/me", {'name': AGENT_ME.get('name', 'Test')}, AGENT_TOK)
+
+print()
+print("=== Probe 5: as AGENT (no users:manage), call admin PUT — should 403 ===")
+probe('admin-put-as-agent', 'PUT', f"/api/admin/users/{AGENT_ME['id']}", {'name': AGENT_ME.get('name', 'Test')}, AGENT_TOK)
+
+print()
+print("=== Probe 6: as AGENT, call admin POST create — should 403 ===")
+probe('admin-create-as-agent', 'POST', "/api/admin/users", {'name': 'pwn', 'email': 'pwn@test.com', 'password': 'Pwn123!@', 'role': 'admin'}, AGENT_TOK)
+
+print()
+print("=== Probe 7: as ADMIN, PUT user with mass-assignment payload (does the schema reject extras?) ===")
+admin_me = get_me(ADMIN_TOK)
+probe('admin-put-agent', 'PUT', f"/api/admin/users/{AGENT_ME['id']}",
+      {'name': AGENT_ME.get('name', 'Test')}, ADMIN_TOK)
+# PROJECT-SPECIFIC END
+
+# Save findings
+out_path = ROOT / 'security/pentest-prep/reports/mass-assignment/findings.json'
+out_path.parent.mkdir(parents=True, exist_ok=True)
+out_path.write_text(json.dumps(findings, indent=2))
+
+# Summary
+crit = sum(1 for f in findings if f['severity'] == 'CRITICAL')
+high = sum(1 for f in findings if f['severity'] == 'HIGH')
+investig = sum(1 for f in findings if f['severity'] == 'INVESTIGATE')
+ok = sum(1 for f in findings if f['severity'] == 'PASS')
+
+print()
+print(f"=== Summary ===")
+print(f"  CRITICAL (escalation observed):  {crit}")
+print(f"  HIGH (field accepted, suspect):  {high}")
+print(f"  INVESTIGATE (unusual response):  {investig}")
+print(f"  PASS (rejected or stripped):     {ok}")
+print(f"  Detailed JSON: {out_path}")
+
+# Cleanup: restore agent's roleIds + tenantIds if they were modified
+me_after = get_me(AGENT_TOK)
+needs_restore = False
+for f in ['groupIds', 'roleIds']:  # TODO: update to your tenancy/role field names
+    if me_after.get(f) != AGENT_ME.get(f):
+        needs_restore = True
+        print(f"  ! AGENT's {f} was MODIFIED. Before: {AGENT_ME.get(f)} After: {me_after.get(f)}")
+if needs_restore:
+    print()
+    print(f"  ! Restoring agent profile to original state via admin token...")
+    restore_body = {'roleIds': AGENT_ME.get('roleIds', []), 'groupIds': AGENT_ME.get('groupIds', [])}
+    r = subprocess.run(['curl', '-s', '-X', 'PUT', f"{TARGET}/api/admin/users/{AGENT_ME['id']}",
+                        '-H', f'Authorization: Bearer {ADMIN_TOK}',
+                        '-H', 'Content-Type: application/json',
+                        '-d', json.dumps(restore_body),
+                        '-w', '\nHTTP_CODE:%{http_code}'],
+                       capture_output=True, text=True)
+    print(f"  restore status: {r.stdout.split('HTTP_CODE:')[-1].strip()}")
+
+sys.exit(1 if crit > 0 else 0)