Share
## https://sploitus.com/exploit?id=C6A90DC0-BAD7-54E0-9D54-927FA6A07BB5
```
                *
               /|\
              / | \
         ____/  |  \____
        /   /   |   \   \
  _____/   /    |    \   \_____
 /________/_____|_____\________\
          \     |     /
           \____|____/
                |
               / \
              /   \

  โ–ˆโ–ˆโ•—    โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•—
  โ–ˆโ–ˆโ•‘    โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ• โ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘
  โ–ˆโ–ˆโ•‘ โ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘
  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘
  โ•šโ–ˆโ–ˆโ–ˆโ•”โ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘ โ•šโ•โ• โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘  โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘
   โ•šโ•โ•โ•โ•šโ•โ•โ• โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ•โ•โ• โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ•     โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ•โ•šโ•โ•  โ•šโ•โ•โ•โ•

  autonomous web penetration testing ยท human-augmented
```

Wingman, an AI-assisted web penetration testing framework that uses Claude Code agents to automate reconnaissance, vulnerability scanning, exploitation, and reporting โ€” while keeping the human tester in control of every critical decision.

The framework is built around a human + agent collaboration model. Agents work autonomously in the background; the human uses Burp Suite interactively at their own pace. All findings require human validation before any exploitation is attempted.

> **All testing performed using this framework must be against authorized targets only.**

---

## How it works

Five specialized agents handle distinct phases of an engagement:

| Agent | Role |
|-------|------|
| **Recon** | Port scanning, subdomain enumeration, tech fingerprinting, directory brute-forcing, crawling |
| **Orchestrator** | Translates recon findings into a prioritized test case queue |
| **Scanner** | Runs vulnerability tests against all queued endpoints via Burp MCP |
| **Exploiter** | Crafts and executes PoCs for human-validated findings (requires approval per finding) |
| **Reporter** | Generates a structured markdown report for each confirmed exploit |

All agent state is stored in human-readable markdown files under `state/`. You can read, edit, and annotate them directly in any editor alongside Burp Suite.

---

## Dependencies

### Required

| Dependency | Purpose |
|-----------|---------|
| [Claude Code](https://claude.ai/code) | Runs all agents |
| [Burp Suite Professional](https://portswigger.net/burp/pro) | HTTP proxy, active scanner, Collaborator, Repeater/Intruder |
| [Burp MCP Server extension](https://github.com/PortSwigger/mcp-server) | Exposes Burp's API to Claude agents via MCP (default port `9876`) |
| Node.js โ‰ฅ 18 + npm | Required to run Playwright MCP |
| `nmap` | Port scanning and service fingerprinting |
| `gobuster` | Directory and DNS brute-forcing |

### Optional (external targets only)

| Dependency | Purpose |
|-----------|---------|
| `subfinder` | Passive subdomain enumeration via public APIs |
| `amass` | Active and passive subdomain enumeration |
| `waybackurls` | Historical URL discovery from Wayback Machine |

These tools are only invoked when `internet: true` is set in `targets/scope.yml`.

---

## Installing dependencies

### Claude Code

```bash
npm install -g @anthropic-ai/claude-code
```

Follow the [Claude Code quickstart](https://docs.anthropic.com/en/docs/claude-code/quickstart) to authenticate.

### Burp MCP extension

1. In Burp Suite Professional, go to **Extensions โ†’ BApp Store** and install the **MCP Server** extension.
2. In the extension settings, enable the MCP SSE server. The default port is `9876`.
3. If you change the port, update `.claude/settings.json` to match:

```json
{
  "mcpServers": {
    "burp-mcp": {
      "command": "/path/to/BurpSuitePro/jre/bin/java",
      "args": [
        "-jar",
        "/path/to/autonomous_webpt_gin_juice/mcp-proxy.jar",
        "--sse-url",
        "http://127.0.0.1:9876"
      ]
  }
 }
}
```

### Playwright MCP

Playwright MCP runs on demand via `npx` โ€” no separate install required as long as Node.js โ‰ฅ 18 is present. Verify:

```bash
sudo apt install nodejs npm
```

```bash
node --version        # must be โ‰ฅ 18
npx @playwright/mcp@latest --help
```

### CLI tools

```bash
# nmap
sudo apt install nmap          # Debian/Ubuntu
brew install nmap              # macOS

# gobuster
sudo apt install gobuster
brew install gobuster

# subfinder (optional โ€” external targets only)
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

# amass (optional โ€” external targets only)
go install -v github.com/owasp-amass/amass/v4/...@master

# waybackurls (optional โ€” external targets only)
go install github.com/tomnomnom/waybackurls@latest
```

### Wordlists

The framework reads wordlist paths from `config/wordlists.conf`. Install a wordlist collection and update the config:

```bash
# Or clone manually
git clone https://github.com/danielmiessler/SecLists /usr/share/seclists
```

---

## Preconfiguration

Complete these steps before starting any engagement.

### 1. Define scope

Edit `targets/scope.yml`:

```yaml
internet: false          # set true for external targets (enables subfinder, amass passive, waybackurls)

in_scope:
  - 192.168.1.0/24
  - app.example.internal

out_of_scope:
  - 192.168.1.1

rules:
  - No DoS or service disruption
  - Exfiltration of real PII is prohibited
```

No agent will touch a target not listed under `in_scope`.

### 2. Configure wordlists

Edit `config/wordlists.conf` with the actual paths on your system:

```ini
dirs_small   = /usr/share/seclists/Discovery/Web-Content/common.txt
dirs_medium  = /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
dirs_large   = /usr/share/wordlists/dirbuster/directory-list-2.3-big.txt
dns          = /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt
passwords    = /usr/share/wordlists/rockyou.txt
usernames    = /usr/share/seclists/Usernames/top-usernames-shortlist.txt
```

### 3. Add test credentials

Copy the template and rename it for your target:

```bash
cp credentials/example.creds credentials/.creds
```

Fill in the credential blocks provided by the client. Supported types: `basic`, `cookie`, `bearer`, `apikey`, `oauth2`. See `credentials/example.creds` for format details.

### 4. Review rate limits

Check `config/rate.conf` and adjust if the target environment is sensitive:

```ini
requests_per_second      = 10
requests_per_second_waf  = 2
gobuster_threads         = 10
playwright_delay_ms      = 500
burp_concurrent          = 5
```

### 5. Start Burp Suite

Launch Burp Suite Professional before running any agent. Confirm:
- Proxy listener is active on `127.0.0.1:8080`
- MCP extension SSE server is running on port `9876` (check the extension tab)
- A Burp project file is open and saved so history persists across sessions

---

## Starting a fresh engagement

Run these steps in order. Each step feeds the next.

**Open Claude Code in this directory:**
```bash
claude
```

**Step 1 โ€” WAF detection** (runs automatically at startup, or invoke manually):
```
Ask Claude: run WAF detection against all in-scope hosts
```
Results written to `state/recon.md` under **WAF & Rate Limits**.

**Step 2 โ€” Login flows** (if `basic` or `oauth2` credentials are present):
```
Ask Claude: run login flows to obtain session cookies
```
Sessions are appended back to the `.creds` file for reuse by all agents.

**Step 3 โ€” Recon:**
```
Ask Claude: run the Recon agent
```
Discovers hosts, subdomains, endpoints, tech stack. Results written to `state/recon.md`.

**Step 4 โ€” Orchestration:**
```
Ask Claude: run the Orchestrator
```
Generates a prioritised test case queue in `state/test_cases.md`.

**Step 5 โ€” Scanning:**
```
Ask Claude: run the Scanner agent
```
Executes all pending test cases via Burp MCP. Findings written to `state/findings.md` with `agent_status: potential`.

**Step 6 โ€” Human review** *(manual step)*

Open `state/findings.md`. For each finding, set:
- `human_status`: `true_positive` or `false_positive`
- `exploit_requested`: `yes` or `no` (only when `human_status: true_positive`)

**Step 7 โ€” Exploitation:**
```
Ask Claude: run the Exploiter agent
```
For each `true_positive` + `exploit_requested: yes` row, the Exploiter proposes a PoC plan and waits for your approval before sending any traffic. Results written to `state/exploits.md`.

**Step 8 โ€” Human verification** *(manual step)*

Verify each PoC result in Burp. The Exploiter moves confirmed rows to `status: confirmed` after you sign off.

**Step 9 โ€” Reporting:**
```
Ask Claude: run the Reporter agent
```
Generates `reports/F-.md` for each confirmed exploit.

---

## Continuing an existing engagement

When `state/` files already exist from a prior session, agents resume safely โ€” they deduplicate against existing state and never overwrite or delete rows.

**Open Claude Code in this directory:**
```bash
claude
```

Then run agents as needed:

| What you want to do | Command |
|--------------------|---------|
| Discover new attack surface | Ask Claude: run the Recon agent |
| Generate test cases from new recon | Ask Claude: run the Orchestrator |
| Run outstanding test cases | Ask Claude: run the Scanner agent |
| Exploit newly validated findings | Ask Claude: run the Exploiter agent |
| Generate reports for new confirmed exploits | Ask Claude: run the Reporter agent |

Each agent checks the current state of all relevant files before acting:
- **Recon** โ€” appends only new discoveries; skips already-recorded hosts and endpoints
- **Orchestrator** โ€” appends new test cases; skips `(Type, URL, Parameter)` combinations already present
- **Scanner** โ€” picks up `status: pending` rows only; ignores `done` and `error` rows
- **Exploiter** โ€” picks up `human_status: true_positive` + `exploit_requested: yes` rows that have no corresponding entry in `exploits.md`
- **Reporter** โ€” picks up `status: confirmed` + `report_generated: no` rows only

---

## Project structure

```
autonomous_webpt/
โ”œโ”€โ”€ .claude/
โ”‚   โ””โ”€โ”€ settings.json          # MCP server configuration (Burp, Playwright)
โ”œโ”€โ”€ agents/                    # Agent instruction files
โ”œโ”€โ”€ skills/                    # Reusable skill definitions invoked by agents
โ”œโ”€โ”€ config/
โ”‚   โ”œโ”€โ”€ rate.conf              # Request rate and concurrency limits
โ”‚   โ””โ”€โ”€ wordlists.conf         # Wordlist paths
โ”œโ”€โ”€ credentials/               # Per-target test credentials
โ”œโ”€โ”€ targets/
โ”‚   โ””โ”€โ”€ scope.yml              # Engagement scope and authorization
โ”œโ”€โ”€ state/
โ”‚   โ”œโ”€โ”€ recon.md               # All recon discoveries
โ”‚   โ”œโ”€โ”€ test_cases.md          # Planned and completed test cases
โ”‚   โ”œโ”€โ”€ findings.md            # Scan results + human validation columns
โ”‚   โ””โ”€โ”€ exploits.md            # Confirmed exploits
โ”œโ”€โ”€ reports/
โ”‚   โ””โ”€โ”€ F-.md              # One report per confirmed finding (written by Reporter)
โ””โ”€โ”€ CLAUDE.md                  # Full framework reference for Claude agents
```