ReaperBot integration (#169)

* ReaperBot integration

* build ui

* add key back for built-in agent config

---------

Co-authored-by: Josh Larsen <2565382+joshlarsen@users.noreply.github.com>

Author: bgeesaman

.air.toml

@@ -7,7 +7,7 @@ tmp_dir = "tmp"
   bin = "./tmp/reaper-server"
   cmd = "go build -o ./tmp/reaper-server ./cmd/reaper"
   delay = 1000
-  exclude_dir = ["assets", "files", "tmp", "vendor", "docs", "ui"]
+  exclude_dir = ["assets", "files", "tmp", "vendor", "docs", "ui", "reaperbot"]
   exclude_file = []
   exclude_regex = ["_test.go"]
   exclude_unchanged = false

.gitignore

@@ -42,3 +42,6 @@ ui/dist/**
 
 # ...even if they are in subdirectories
 !*/
+
+!/reaperbot/
+!/reaperbot/**

cmd/reaper/dist/assets/index-BPSUUKh2.js renamed to cmd/reaper/dist/assets/index-YOw9QSzM.js

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="https://d1548abrjij03p.cloudfront.net/icon.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Reaper - A Ghost Labs Project</title>
-    <script type="module" crossorigin src="/assets/index-BPSUUKh2.js"></script>
+    <script type="module" crossorigin src="/assets/index-YOw9QSzM.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-BAugfWnD.css">
   </head>
   <body class="h-screen">

cmd/reaper/dist/index.html

@@ -3,12 +3,12 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
+    env_file: .env
     environment:
       - ENV=docker
       - HOST=0.0.0.0
       - PORT=8000
       - PROXY_PORT=8080
-      - NGROK_AUTHTOKEN=your_nrok_token
       - OPENAI_API_KEY=your_openai_key
     volumes:
       - ./files:/app/files

docker-compose.yml

@@ -0,0 +1,14 @@
+# Python-generated files
+__pycache__/
+*.py[oc]
+build/
+dist/
+wheels/
+*.egg-info
+
+# Virtual environments
+.venv
+
+# Config files
+.env
+utils/*.sqlite

reaperbot/.gitignore

@@ -0,0 +1 @@
+3.13

reaperbot/.python-version

@@ -0,0 +1,8 @@
+.PHONY: run ui
+
+run:
+	# Start the FastAPI app using uvicorn
+	uv run python3 main.py
+ui:
+	# Open Chrome at the specified URL
+	open http://localhost:11000

reaperbot/Makefile

@@ -0,0 +1,63 @@
+# ReaperBot
+
+ReaperBot is an experimental Agentic AI system designed specifically to orchestrate the Reaper project via its APIs to solve the Ghostbank challenge and showcase the emergent behavior of this type of system applied to the AppSec testing space. It uses multiple specialized agents using the [Pydantic-AI](https://ai.pydantic.dev/) framework powered by [OpenAI](https://openai.com/api/) models for tasks like discovering live hosts, scanning domains, identifying potential security vulnerabilities (e.g., BOLA/IDOR), and reporting on the findings.
+
+## Setup Instructions
+
+1. **Clone the repository**:
+    ```bash
+    git clone https://github.com/yourusername/reaperbot.git
+    cd reaperbot
+    ```
+
+2. **Ensure you have Python 3.13+ and uv installed**.
+    ```bash
+    python3 --version
+    uv -V
+    ```
+
+3. **Install the dependencies**:
+    ```bash
+    uv sync
+    ```
+
+4. **Obtain API keys**:
+    - [OpenAI API Key](https://platform.openai.com/account/api-keys)
+    - Reaper Token - Navigate to the Reaper UI and fetch the token by clicking the key icon in the lower left of the navbar.
+
+5. **Set up environment variables**:
+    Create a `.env` file based on the `sample.env` and fill in the required keys:
+    ```ini
+    OPENAI_API_KEY="sk_your_openai_api_key"
+    X_REAPER_TOKEN="your_reaper_api_key"
+    REAPER_BASE_URL="http://localhost:8000"
+    ```
+
+6. **Run the application**:
+    Start the FastAPI app with Uvicorn:
+    ```bash
+    make run
+    ```
+
+7. **Access the chat interface**:
+    ```
+    make ui
+    ```
+    or browse to `http://localhost:11000`
+
+    ![ReaperBot Chat UI](static/chat-ui.png)
+
+## Usage
+
+Once the application is running, you can interact with ReaperBot through the WebSocket interface. Type in a command or request related to web application security, and ReaperBot will guide you through the steps to scan domains, find live hosts and endpoints, and test for vulnerabilities.
+
+### Example Commands:
+- "Scan the (domain_name) domain"
+- "What are the live hosts for (domain_name)?"
+- "What endpoints in (domain_name) are vulnerable to BOLA?"
+- "Which endpoints in the (domain_name) application are vulnerable to BOLA? Write a technical report on the findings."
+
+
+## License
+
+This project is licensed under the Apache 2.0 License - see the [LICENSE](../LICENSE) file for details.

reaperbot/README.md

@@ -0,0 +1,60 @@
+import asyncio
+
+from pydantic_ai import Agent
+from dotenv import load_dotenv
+from devtools import debug
+from pydantic_ai.settings import ModelSettings
+from agents.tools.reaper_tools import (
+        reaper_get_scanned_domain_by_id,
+        reaper_get_scanned_domains,
+        reaper_scan_domain,
+        reaper_get_live_hosts_for_domains,
+        reaper_get_live_endpoints_for_domains,
+        reaper_get_requests_for_endpoint_id,
+)
+
+load_dotenv()
+
+model_settings = ModelSettings(temperature=0.01, max_tokens=16384)
+discoverer_agent = Agent(
+    'openai:gpt-4o-mini',
+    result_type=str, 
+    tools=[
+      reaper_get_scanned_domain_by_id,
+      reaper_get_scanned_domains,
+      reaper_scan_domain,
+      reaper_get_live_hosts_for_domains,
+      reaper_get_live_endpoints_for_domains,
+      reaper_get_requests_for_endpoint_id,
+    ],
+    model_settings=model_settings,
+    system_prompt="""
+      You are an advanced tool calling assistant interacting on behalf of
+      an expert application security engineer with a system called
+      Reaper to perform web application enumeration and testing actions to
+      gather data about target domains, hosts, and endpoints.
+
+      The goal is to help the engineer perform some or all of the following 
+      tasks for a given domain:
+      1. Use a tool (reaper) to scan a domain to discover live hosts if not already
+      scanned by reaper.
+      2. Use a tool (reaper) to retrieve live hosts in that domain
+      3. Use a tool (reaper) to retrive live endpoints on those hosts with certain
+      characteristics useful for planning a test attack.
+
+      The primary starting point for a workflow is a domain name, and most
+      workflows will be focused on that domain until the user changes to another
+      domain to focus on.  Break down complex questions into simple steps that 
+      can be answered with tool calls and execute them in logical order.
+
+      Important: If you haven't been given a domain to focus on by
+      the user, prompt the user to choose one. Do not make up a domain to scan.
+      Do not use example.com, for example.  If a tool is not available, do not 
+      make up responses.
+
+      You are encouraged to run these tools and use their response details to decide
+      which step to take next and run more tools to get the information you
+      need to answer the request.
+    """,
+    retries=2,
+)

reaperbot/__init__.py

@@ -0,0 +1,92 @@
+from pydantic_ai import Agent, RunContext
+from pydantic_ai.settings import ModelSettings
+from dataclasses import dataclass
+
+from agents.discoverer import discoverer_agent
+from agents.tester import tester_agent
+from utils.logging import send_log_message
+
+@dataclass
+class ReaperBotDeps:  # (1)!
+    discoverer_agent: Agent
+    tester_agent: Agent
+
+reaperbot_deps = ReaperBotDeps(
+  discoverer_agent=discoverer_agent,
+  tester_agent=tester_agent,
+)
+
+model_settings = ModelSettings(temperature=0.1, max_tokens=16384)
+reaperbot_agent = Agent(
+    'openai:gpt-4o-mini',
+    deps_type=ReaperBotDeps,
+    result_type=str,
+    model_settings=model_settings,
+    system_prompt=(
+      "You are an assistant helping an expert application security engineer interact with several specialized agents via tools that can complete tasks and fetch data with tools of their own.",
+      "Your job is to take the input from the user, synthesize a step by step plan that aligns to the agents capabilities and tools, prompt the user with an outline of that plan, and execute that plan if the user confirms.",
+      "If the user does not confirm, you should prompt the user with a message asking for adjustments to the plan.", 
+      "If the user does not confirm after a few retries, you should prompt the user with a message that you cannot help with that and provide some example questions you can ask.",
+      "Only prompt for confirmation if the user's question requires a plan of multiple steps, is actionable, and can be executed by the agents/tools available to you.",
+      "To provide the best answers about recommendations or fixes, be sure to have the relevant context about the application, fetch example request/responses to the application, and analyze its source code and related security findings.",
+      "Use the available agents for the actionable portions of the execution.  If the user's question is not related to the capabilities of your tools/agents, say you cannot help with that and prompt the user with some example questions you can ask.",
+      "However, you are not a generalized security advice assistant, so only provide recommendations of steps to take that align with the agents/tools available to you.",
+      "Use the discoverer agent to perform live domain scans and host discovery.",
+      "Use the tester agent to perform live security testing of target applications, APIs, and endpoints.",
+      "When invoking an agent, provide it with sufficient context to perform the task and what it's expected to provide back.",
+      "If one agent responds with an inability to perform a task, see if another agent can perform the task.",
+      "If the tester tool responds with a test result, provide that to the user directly and do not overly summarize.",
+      "Summarize the actions taken, but provide the user with the full details and code snippets from the responses from the agents.",
+      "Domains have hosts and endpoints.",
+      "Apps/Applications are synonymous in this context.",
+      "Endpoints are synonymous with APIs in this context.",
+      "Apps have hosts, apis, and endpoints.",
+      "Apps have metadata, openapi specs, source code, security findings.",
+      "Source code has code, languages, and repo information.",
+      "Endpoints have requests/responses.",
+    ),
+    retries=1,
+)
+@reaperbot_agent.system_prompt
+async def reaperbot_agent_system_prompt_example_questions(ctx: RunContext[str]) -> str:
+    examples = [
+      "Scan the (domain_name) domain",
+      "Which applications are written in go?",
+      "Which hosts in the (domain_name) are live?",
+      "What is the status of the (domain_name) domain scan?",
+      "Which endpoints in the (domain_name) domain are susceptible to BOLA?",
+      "Write a technical security report of the endpoints vulnerable to BOLA in the (domain_name) domain.",
+    ]
+    title = 'The following are example questions you can ask me:\n'
+    return title + '\n- '.join(examples)
+
+
+@reaperbot_agent.tool
+async def invoke_discoverer_agent(ctx: RunContext[ReaperBotDeps], input_text: str) -> str:
+    """
+    Discoverer Tool that interfaces/hands-off with the DiscovererAgent.
+    Performs live domain scans, host discovery, retrieves full request/responses hitting applications,
+    and other discovery tasks.
+    """
+    deps: ReaperBotDeps = ctx.deps
+    await send_log_message(f"ReaperBot: Invoking Discoverer Agent with input: {input_text}")
+    res = await deps.discoverer_agent.run(input_text, deps=deps)
+    await send_log_message(f"ReaperBot: Discoverer Agent responded with: {res.data}")
+    return res.data
+
+@reaperbot_agent.tool
+async def invoke_tester_agent(ctx: RunContext[ReaperBotDeps], input_text: str) -> str:
+    """
+    Tester Tool that interfaces/hands-off with the TesterAgent.
+    Performs security testing of applications/apps, APIs, and endpoints for the following
+    vulnerabilities:
+    - BOLA/IDOR
+
+    This agent can provide example code/scripts that would demonstrate how a security
+    vulnerability could be exploited in the application if present.
+    """
+    deps: ReaperBotDeps = ctx.deps
+    await send_log_message(f"ReaperBot: Invoking Tester Agent with input: {input_text}")
+    res = await deps.tester_agent.run(input_text, deps=deps)
+    await send_log_message(f"ReaperBot: Tester Agent responded with: {res.data}")
+    return res.data

reaperbot/agents/__init__.py

@@ -0,0 +1,38 @@
+import asyncio
+
+from pydantic_ai import Agent
+from pydantic_ai.settings import ModelSettings
+from dotenv import load_dotenv
+
+from agents.tester_bola import tester_bola_agent
+from utils.logging import send_log_message
+
+load_dotenv()
+
+model_settings = ModelSettings(temperature=0.01, max_tokens=16384)
+tester_agent = Agent(
+    'openai:gpt-4o-mini',
+    result_type=str, 
+    model_settings=model_settings,
+    system_prompt="""
+    You are an application security tester agent that is focused on finding and
+    probing for validation of specific application security flaws.
+
+    You have access to your own specialized agents via tools that you are
+    to delegate the actual testing actions to.  Do not perform tests on your own. The
+    agent tools you have access to are your only testing abilities. If you are
+    asked to perform a test that you do not have a tool for, state that you
+    cannot perform that test and offer the types of tests that you can perform.
+
+    Your job is to use only these tools to satisfy the high level request 
+    from the orchestrator agent and produce a response derived solely from that data.
+    """,
+    retries=2,
+)
+
+@tester_agent.tool_plain
+async def invoke_tester_bola_agent(input_text: str) -> str:
+    """Tester Tool that interfaces/hands-off with the BOLA specific TesterAgent."""
+    await send_log_message(f"Tester BOLA Agent: invoke_tester_bola_agent input: {input_text}")
+    res = await tester_bola_agent.run(input_text)
+    return res.data

reaperbot/agents/discoverer.py

@@ -0,0 +1,54 @@
+import asyncio
+
+from pydantic_ai import Agent
+from pydantic_ai.settings import ModelSettings
+from dotenv import load_dotenv
+from devtools import debug
+
+from agents.tools.reaper_tools import (
+        reaper_get_live_endpoints_for_domains,
+        reaper_get_requests_for_endpoint_id,
+        reaper_test_attack_endpoint_id,
+        reaper_get_attack_results,
+)
+
+load_dotenv()
+
+model_settings = ModelSettings(temperature=0.01, max_tokens=16384)
+tester_bola_agent = Agent(
+    'openai:gpt-4o-mini',
+    result_type=str, 
+    tools=[
+      reaper_get_live_endpoints_for_domains,
+      reaper_get_requests_for_endpoint_id,
+      reaper_test_attack_endpoint_id,
+      reaper_get_attack_results,
+    ],
+    model_settings=model_settings,
+    system_prompt="""
+    You are an application security tester agent that is focused on finding and
+    probing for validation of "Broken Object Level Accesss" (BOLA) / "Insecure
+    Direct Object Reference" (IDOR) flaws.
+
+    You have access to tools that you are able to use to safely
+    perform probes against specific endpoints for bola/idor
+    susceptibility/vulnerability. These endpoints are typically GET requests
+    with url parameters and POST requests with body parameters.
+
+    Break down complex questions into simple steps that can be answered with tool 
+    calls and execute them in logical order. Actively attack/test only the
+    endpoints that are most likely to be susceptible unless otherwise
+    instructed.
+
+    The agent tools you have access to are your only testing abilities.  If you 
+    are asked to perform a test that is not bola/idor related, state that you
+    cannot perform that test and offer the types of tests that you can perform.
+
+    Your job is to use only these tools to satisfy the high level request 
+    from the orchestrator agent and produce a response derived solely from that data.
+
+    If no endpoints were found or found to be vulnerable, respond with "No BOLA/IDOR
+     vulnerabilities found."
+    """,
+    retries=2,
+)