## https://sploitus.com/exploit?id=C6A90DC0-BAD7-54E0-9D54-927FA6A07BB5
```
*
/|\
/ | \
____/ | \____
/ / | \ \
_____/ / | \ \_____
/________/_____|_____\________\
\ | /
\____|____/
|
/ \
/ \
โโโ โโโโโโโโโโ โโโ โโโโโโโ โโโโ โโโโ โโโโโโ โโโโ โโโ
โโโ โโโโโโโโโโโ โโโโโโโโโโโ โโโโโ โโโโโโโโโโโโโโโโโโ โโโ
โโโ โโ โโโโโโโโโโโโ โโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโ โโโ โโโโโโ โโโโโโ โโโโโโ
โโโโโโโโ โโโโโโ โโโโโ โโโโโโโ โโโ โโโโโโ โโโโโโ โโโโโ
autonomous web penetration testing ยท human-augmented
```
Wingman, an AI-assisted web penetration testing framework that uses Claude Code agents to automate reconnaissance, vulnerability scanning, exploitation, and reporting โ while keeping the human tester in control of every critical decision.
The framework is built around a human + agent collaboration model. Agents work autonomously in the background; the human uses Burp Suite interactively at their own pace. All findings require human validation before any exploitation is attempted.
> **All testing performed using this framework must be against authorized targets only.**
---
## How it works
Five specialized agents handle distinct phases of an engagement:
| Agent | Role |
|-------|------|
| **Recon** | Port scanning, subdomain enumeration, tech fingerprinting, directory brute-forcing, crawling |
| **Orchestrator** | Translates recon findings into a prioritized test case queue |
| **Scanner** | Runs vulnerability tests against all queued endpoints via Burp MCP |
| **Exploiter** | Crafts and executes PoCs for human-validated findings (requires approval per finding) |
| **Reporter** | Generates a structured markdown report for each confirmed exploit |
All agent state is stored in human-readable markdown files under `state/`. You can read, edit, and annotate them directly in any editor alongside Burp Suite.
---
## Dependencies
### Required
| Dependency | Purpose |
|-----------|---------|
| [Claude Code](https://claude.ai/code) | Runs all agents |
| [Burp Suite Professional](https://portswigger.net/burp/pro) | HTTP proxy, active scanner, Collaborator, Repeater/Intruder |
| [Burp MCP Server extension](https://github.com/PortSwigger/mcp-server) | Exposes Burp's API to Claude agents via MCP (default port `9876`) |
| Node.js โฅ 18 + npm | Required to run Playwright MCP |
| `nmap` | Port scanning and service fingerprinting |
| `gobuster` | Directory and DNS brute-forcing |
### Optional (external targets only)
| Dependency | Purpose |
|-----------|---------|
| `subfinder` | Passive subdomain enumeration via public APIs |
| `amass` | Active and passive subdomain enumeration |
| `waybackurls` | Historical URL discovery from Wayback Machine |
These tools are only invoked when `internet: true` is set in `targets/scope.yml`.
---
## Installing dependencies
### Claude Code
```bash
npm install -g @anthropic-ai/claude-code
```
Follow the [Claude Code quickstart](https://docs.anthropic.com/en/docs/claude-code/quickstart) to authenticate.
### Burp MCP extension
1. In Burp Suite Professional, go to **Extensions โ BApp Store** and install the **MCP Server** extension.
2. In the extension settings, enable the MCP SSE server. The default port is `9876`.
3. If you change the port, update `.claude/settings.json` to match:
```json
{
"mcpServers": {
"burp-mcp": {
"command": "/path/to/BurpSuitePro/jre/bin/java",
"args": [
"-jar",
"/path/to/autonomous_webpt_gin_juice/mcp-proxy.jar",
"--sse-url",
"http://127.0.0.1:9876"
]
}
}
}
```
### Playwright MCP
Playwright MCP runs on demand via `npx` โ no separate install required as long as Node.js โฅ 18 is present. Verify:
```bash
sudo apt install nodejs npm
```
```bash
node --version # must be โฅ 18
npx @playwright/mcp@latest --help
```
### CLI tools
```bash
# nmap
sudo apt install nmap # Debian/Ubuntu
brew install nmap # macOS
# gobuster
sudo apt install gobuster
brew install gobuster
# subfinder (optional โ external targets only)
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
# amass (optional โ external targets only)
go install -v github.com/owasp-amass/amass/v4/...@master
# waybackurls (optional โ external targets only)
go install github.com/tomnomnom/waybackurls@latest
```
### Wordlists
The framework reads wordlist paths from `config/wordlists.conf`. Install a wordlist collection and update the config:
```bash
# Or clone manually
git clone https://github.com/danielmiessler/SecLists /usr/share/seclists
```
---
## Preconfiguration
Complete these steps before starting any engagement.
### 1. Define scope
Edit `targets/scope.yml`:
```yaml
internet: false # set true for external targets (enables subfinder, amass passive, waybackurls)
in_scope:
- 192.168.1.0/24
- app.example.internal
out_of_scope:
- 192.168.1.1
rules:
- No DoS or service disruption
- Exfiltration of real PII is prohibited
```
No agent will touch a target not listed under `in_scope`.
### 2. Configure wordlists
Edit `config/wordlists.conf` with the actual paths on your system:
```ini
dirs_small = /usr/share/seclists/Discovery/Web-Content/common.txt
dirs_medium = /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
dirs_large = /usr/share/wordlists/dirbuster/directory-list-2.3-big.txt
dns = /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt
passwords = /usr/share/wordlists/rockyou.txt
usernames = /usr/share/seclists/Usernames/top-usernames-shortlist.txt
```
### 3. Add test credentials
Copy the template and rename it for your target:
```bash
cp credentials/example.creds credentials/.creds
```
Fill in the credential blocks provided by the client. Supported types: `basic`, `cookie`, `bearer`, `apikey`, `oauth2`. See `credentials/example.creds` for format details.
### 4. Review rate limits
Check `config/rate.conf` and adjust if the target environment is sensitive:
```ini
requests_per_second = 10
requests_per_second_waf = 2
gobuster_threads = 10
playwright_delay_ms = 500
burp_concurrent = 5
```
### 5. Start Burp Suite
Launch Burp Suite Professional before running any agent. Confirm:
- Proxy listener is active on `127.0.0.1:8080`
- MCP extension SSE server is running on port `9876` (check the extension tab)
- A Burp project file is open and saved so history persists across sessions
---
## Starting a fresh engagement
Run these steps in order. Each step feeds the next.
**Open Claude Code in this directory:**
```bash
claude
```
**Step 1 โ WAF detection** (runs automatically at startup, or invoke manually):
```
Ask Claude: run WAF detection against all in-scope hosts
```
Results written to `state/recon.md` under **WAF & Rate Limits**.
**Step 2 โ Login flows** (if `basic` or `oauth2` credentials are present):
```
Ask Claude: run login flows to obtain session cookies
```
Sessions are appended back to the `.creds` file for reuse by all agents.
**Step 3 โ Recon:**
```
Ask Claude: run the Recon agent
```
Discovers hosts, subdomains, endpoints, tech stack. Results written to `state/recon.md`.
**Step 4 โ Orchestration:**
```
Ask Claude: run the Orchestrator
```
Generates a prioritised test case queue in `state/test_cases.md`.
**Step 5 โ Scanning:**
```
Ask Claude: run the Scanner agent
```
Executes all pending test cases via Burp MCP. Findings written to `state/findings.md` with `agent_status: potential`.
**Step 6 โ Human review** *(manual step)*
Open `state/findings.md`. For each finding, set:
- `human_status`: `true_positive` or `false_positive`
- `exploit_requested`: `yes` or `no` (only when `human_status: true_positive`)
**Step 7 โ Exploitation:**
```
Ask Claude: run the Exploiter agent
```
For each `true_positive` + `exploit_requested: yes` row, the Exploiter proposes a PoC plan and waits for your approval before sending any traffic. Results written to `state/exploits.md`.
**Step 8 โ Human verification** *(manual step)*
Verify each PoC result in Burp. The Exploiter moves confirmed rows to `status: confirmed` after you sign off.
**Step 9 โ Reporting:**
```
Ask Claude: run the Reporter agent
```
Generates `reports/F-.md` for each confirmed exploit.
---
## Continuing an existing engagement
When `state/` files already exist from a prior session, agents resume safely โ they deduplicate against existing state and never overwrite or delete rows.
**Open Claude Code in this directory:**
```bash
claude
```
Then run agents as needed:
| What you want to do | Command |
|--------------------|---------|
| Discover new attack surface | Ask Claude: run the Recon agent |
| Generate test cases from new recon | Ask Claude: run the Orchestrator |
| Run outstanding test cases | Ask Claude: run the Scanner agent |
| Exploit newly validated findings | Ask Claude: run the Exploiter agent |
| Generate reports for new confirmed exploits | Ask Claude: run the Reporter agent |
Each agent checks the current state of all relevant files before acting:
- **Recon** โ appends only new discoveries; skips already-recorded hosts and endpoints
- **Orchestrator** โ appends new test cases; skips `(Type, URL, Parameter)` combinations already present
- **Scanner** โ picks up `status: pending` rows only; ignores `done` and `error` rows
- **Exploiter** โ picks up `human_status: true_positive` + `exploit_requested: yes` rows that have no corresponding entry in `exploits.md`
- **Reporter** โ picks up `status: confirmed` + `report_generated: no` rows only
---
## Project structure
```
autonomous_webpt/
โโโ .claude/
โ โโโ settings.json # MCP server configuration (Burp, Playwright)
โโโ agents/ # Agent instruction files
โโโ skills/ # Reusable skill definitions invoked by agents
โโโ config/
โ โโโ rate.conf # Request rate and concurrency limits
โ โโโ wordlists.conf # Wordlist paths
โโโ credentials/ # Per-target test credentials
โโโ targets/
โ โโโ scope.yml # Engagement scope and authorization
โโโ state/
โ โโโ recon.md # All recon discoveries
โ โโโ test_cases.md # Planned and completed test cases
โ โโโ findings.md # Scan results + human validation columns
โ โโโ exploits.md # Confirmed exploits
โโโ reports/
โ โโโ F-.md # One report per confirmed finding (written by Reporter)
โโโ CLAUDE.md # Full framework reference for Claude agents
```