Skip to content

Commit e755646

Browse files
Av7dangerAv7danger
committed
Add bug bounty mode with strict scope enforcement.
Introduce bug bounty policy models, CLI/API policy inputs, session policy persistence, and planner plus runtime scope gates that block out-of-scope invocations before tool execution.
1 parent 14705ba commit e755646

20 files changed

Lines changed: 1516 additions & 201 deletions

File tree

README.md

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -114,13 +114,18 @@ secnodeapi --target https://api.example.com/swagger.json --auth-header "Authoriz
114114
secnodeapi --target https://api.example.com/swagger.json --proxy http://127.0.0.1:8080 --insecure
115115
secnodeapi --target https://api.example.com/swagger.json --mode agent --request-budget 500 --max-iterations 6
116116
secnodeapi --target https://api.example.com/swagger.json --mode microservices
117+
secnodeapi --target https://api.example.com --mode bugbounty --program "Acme BBP" --scope host:api.example.com --scope path:/api --bb-instruction "Only test assigned API assets"
118+
```
119+
120+
```bash
121+
secnodeapi-tui --target https://api.example.com --backend local
122+
secnodeapi-tui --target https://api.example.com --backend remote --api-base-url http://127.0.0.1:8000
117123
```
118124

119125
### Key options
120126

121127
- `--target` URL or local path to OpenAPI schema (required)
122-
- `--mode` `agent` (default) or `legacy` execution pipeline
123-
- `--mode` `agent`, `legacy`, or `microservices`
128+
- `--mode` `agent`, `legacy`, `microservices`, `greybox`, or `bugbounty`
124129
- `--concurrency` concurrent request workers
125130
- `--auth-header` single inline auth header
126131
- `--auth-file` JSON file of auth headers
@@ -133,6 +138,25 @@ secnodeapi --target https://api.example.com/swagger.json --mode microservices
133138
- `--max-iterations` max plan/execute loops in agent mode
134139
- `--proxy` route traffic via proxy
135140
- `--insecure` disable TLS verification for controlled environments
141+
- `--scope` bug bounty scope entries (`host:`, `path:`, `method:`, `deny-host:`, `deny-path:`)
142+
- `--scope-file` JSON scope config for bug bounty mode
143+
- `--bb-instruction` repeatable bug bounty instruction passed to planning and enforcement
144+
- `--program` bug bounty program identifier for session metadata
145+
146+
TUI command highlights:
147+
148+
- `/scan <target>` create and run a scan session
149+
- `/skill <name>` run a selected skill
150+
- `/sessions` list saved snapshots from `~/.api-agent/sessions`
151+
- `/load <session-id>` load a saved snapshot into TUI panels
152+
153+
### Bug bounty strict scope mode
154+
155+
`--mode bugbounty` enables strict scope enforcement. When this mode is active, out-of-scope invocations are blocked at both planning and runtime.
156+
157+
- Scope is required via `--scope` or `--scope-file`
158+
- Rules are persisted with the session policy
159+
- Any invocation outside allowed host/path/method constraints is rejected before tool execution
136160

137161
## Output
138162

0 commit comments

Comments
 (0)