Skip to content

gmh5225/NeuroSploit

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
screens
screens
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

🧠 NeuroSploit

NeuroSploit is an AI-powered offensive security agent designed to automate penetration testing tasks.
It is built on ChatGPT-5 (with support for other LLMs in the future) and aims to fully solve the Damn Vulnerable Web Application (DVWA) across all difficulty levels.

The goal of NeuroSploit is to provide an intelligent, modular, and automated assistant for pentesters, researchers, and Red Team operators.

⚡ Features

  • AI-driven exploitation using prompt-engineered reasoning.
  • Modular skill system (e.g., xss_dom_low, sqli_blind_high).
  • Support for multiple LLM backends (default: ChatGPT-5).
  • Designed to autonomously solve 100% of DVWA.
  • Extensible for real-world pentesting labs.

🛠️ Installation

1. Clone the repository

git clone https://github.com/yourname/NeuroSploit.git
cd NeuroSploit

2. Create a virtual environment (recommended)

python3 -m venv venv
source venv/bin/activate

3. Install dependencies

pip install -r requirements.txt

🐐 Setting up DVWA

To test NeuroSploit locally, you need DVWA (Damn Vulnerable Web Application).

1. Install DVWA using Docker

git clone https://github.com/digininja/DVWA.git
cd DVWA
docker build -t dvwa .
docker run -it -p 80:80 dvwa

DVWA should now be available at: 👉 http://localhost/DVWA

Default credentials:

  • Username: admin
  • Password: password

2. Configure DVWA

  1. Log in at http://localhost/DVWA/login.php
  2. Navigate to Setup / Reset Database
  3. Click Create / Reset Database
  4. Set the DVWA Security Level (Low, Medium, High, Impossible) from the DVWA Security tab.

🚀 Usage

Example command:

python3 -m src.run --target 'http://localhost/DVWA' --skill xss_dom_low

This tells NeuroSploit to:

  • Use the AI agent backend (ChatGPT-5 by default).
  • Target http://localhost/DVWA.
  • Execute the XSS DOM-based (Low security) exploitation module.

📂 Project Structure

NeuroSploit/
│── src/
│   ├── run.py          # Main entrypoint
│   ├── agents/         # AI agents
│   ├── skills/         # Exploitation modules (XSS, SQLi, CSRF, etc.)
│   └── utils/          # Helpers (HTTP requests, parsing, logging)
│
│── requirements.txt
│── README.md

🔮 Roadmap

  • Add support for SQL Injection automation.
  • Expand to other vulnerable labs (bWAPP, Juice Shop, VulnHub).
  • Integration with Red Team C2 frameworks.
  • Offline LLM support (LLaMA, Falcon).

⚠️ Disclaimer

This project is intended for educational and research purposes only. Do not use it against systems without explicit permission.

Use responsibly. 🛡️

About

Offensive Model AI Agent

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 100.0%