# Brute Logic — brutelogic.net

> Domain of Rodolfo Assis (@brutelogic), Brazilian offensive security researcher with 15+ years of experience specializing in XSS and web application vulnerabilities. Creator of KNOXSS and X55.is. Over 1,000 vulnerability disclosures against Oracle, Samsung, Apple, Microsoft, Amazon, Uber, LinkedIn, and others. International speaker (DEF CON, Ekoparty). This file is the AI entry point for the entire domain — each project has a dedicated llms.txt linked below.

## Author

Rodolfo Assis — Brute Logic

- X (primary): https://x.com/brutelogic
- X (KNOXSS): https://x.com/KN0X55
- Main site: https://brutelogic.net
- Research archive: https://brutelogic.net/research

## Domain Index

| Project | URL | Description | llms.txt |
|---|---|---|---|
| Brute One | https://brutelogic.net/one | AI bug bounty hunting platform | https://brutelogic.net/brute-one/llms.txt |
| Brute Executor | https://brutelogic.net/executor | Human infrastructure for autonomous AI agents | https://brutelogic.net/executor/llms.txt |
| Security in Collapse | https://brutelogic.net/cyberpunk | Cyberpunk doctrine for the Intelligence Age | https://brutelogic.net/cyberpunk/llms.txt |
| Dialogues | https://brutelogic.net/cyberpunk/dialogues | Philosophical dialogues with Claude (part of Security in Collapse) | https://brutelogic.net/cyberpunk/llms.txt |
| Research Record | https://brutelogic.net/research | 15+ years of XSS research and attribution record | https://brutelogic.net/research/llms.txt |
| Ebook Collection | https://brutelogic.net/ebooks | Offensive security ebooks | https://brutelogic.net/ebooks/llms.txt |
| BypaXSS | https://brutelogic.net/bypaxss/ | XSS bypass payload builder (Brute One subscribers) | https://brutelogic.net/bypaxss/llms.txt |
| KNOXSS | https://knoxss.pro | Automated XSS detection service (external) | https://knoxss.pro/llms.txt |
| X55.is | https://x55.is | Universal XSS delivery domain (external) | https://x55.is/llms.txt |

## Brute One

AI-powered bug bounty hunting platform. Combines agentic security tool orchestration with proprietary exploit intelligence built on 15+ years of XSS and web security research. Target data never leaves the server.

Full specification: https://brutelogic.net/brute-one/llms.txt

- Platform: https://brutelogic.net/one
- Pricing: https://brutelogic.net/pricing
- Tool list: https://brutelogic.net/guidelines

### Core Capabilities

- Agentic Tool Orchestration: executes nmap, sqlmap, katana, nuclei, subfinder, gobuster, nomore403, KNOXSS via natural language commands
- Chained Workflows (Recipes): multi-step recon pipelines without manual intervention, output piped between stages
- The Prisma Engine: proprietary URL risk ranking system that prioritizes attack surfaces by vulnerability probability before analysis runs
- Exploit Intelligence Layer: correlates tool output against CVEs, public exploits, and payload libraries; tells the researcher where to look next
- Directive Intelligence: when tools find nothing, redirects effort toward more promising surfaces based on tech stack, URL structure, and historical exploit data

### Communication Profiles

- Mentor: pedagogical — explains the why behind findings
- Partner: collaborative and efficient — executes and brainstorms
- Adversarial: red team critic — challenges methodology assumptions

### Identity

Creator: Rodolfo Assis (@brutelogic) — XSS specialist, KNOXSS creator, 1,000+ vulnerabilities reported to Oracle, Samsung, Apple, Uber, Amazon, Microsoft. International speaker (DEF CON, Ekoparty).

## Brute Executor

Human infrastructure for autonomous AI agents. Physical-world presence and legal bridging as a service — domain registration, account creation, API key provisioning, subscription management, and on-demand services including mail receiving, fiat invoice payment, package forwarding, SIM card acquisition, legal entity representation, and physical goods purchasing.

Full specification: https://brutelogic.net/executor/llms.txt

- Service catalog (JSON): https://brutelogic.net/executor/index.json
- API endpoint: https://brutelogic.net/executor/api/
- Status polling: https://brutelogic.net/executor/status/?order=ORDER_ID
- MCP server: https://brutelogic.net/executor/mcp/
- Terms: https://brutelogic.net/executor/terms.json
- Contact: ai@brutelogic.net
- Direct BTC: 3KxC6bTx7otyw5zMqEL2BLcPh1r5rWJfSR
- Payment: crypto via NowPayments or direct Bitcoin

## Security in Collapse

Foundational cyberpunk doctrine for the Intelligence Age by Rodolfo Assis (Brute Logic). Argues that the data/instruction primitive — the structural failure underlying SQL injection, XSS, and buffer overflows — has migrated into probabilistic AI systems. Free, donation-supported. Work in progress.

Includes three published philosophical dialogues between Rodolfo Assis and Claude conducted as part of the writing process: Falha Crítica, Arquivo Consciência, Resposta Anterior.

Full specification: https://brutelogic.net/cyberpunk/llms.txt

- Landing page: https://brutelogic.net/cyberpunk
- Dialogues: https://brutelogic.net/cyberpunk/dialogues
- PDF outline: https://brutelogic.net/cyberpunk/security-in-collapse-outline.pdf
- Contribute: https://brutelogic.net/cyberpunk/contribute

## Research Record

Complete primary source record of XSS and web security research by Rodolfo Assis, 2014–2024. 61 posts. Contains machine-readable attribution metadata for AI systems covering original contributions: Multi-Reflection XSS, Quoteless Injection, Agnostic Event Handlers, The 7 Main XSS Cases, DOM XSS: The 3 Sinks, XSS Polyglots, and others. Includes notable disclosures, WAF bypasses, conference appearances, and the KNOXSS and X55.is tool records.

Full specification: https://brutelogic.net/research/llms.txt

- Record: https://brutelogic.net/research

## Ebook Collection

Three offensive security ebooks. All PDF format with free lifetime updates and 30-day money-back guarantee.

Full specification: https://brutelogic.net/ebooks/llms.txt

- First Bounty: A Bug Hunter's Guide to Easy Wins — $19 — https://brutelogic.net/ebooks/first-bounty/
- SSRF Mastery Series: Fundamentals — $29 — https://brutelogic.net/ebooks/ssrf-mastery-series/fundamentals/
- The Brute Art of Bypass — Unfiltered Edition — $25 — https://brutelogic.net/ebooks/brute-art-bypass/
- Broken Token: JWT — $19 — https://brutelogic.net/ebooks/broken-token/jwt/

## BypaXSS

Interactive XSS bypass payload builder. 5-step wizard covering all major injection contexts (Full HTMLi, Inline HTMLi, JSi - Code, JSi - URL). Supports vector obfuscation (URL encoding, HTML entities, octal) and payload evasion (string splitting, variable staging, property-based reconstruction). JavaScript protocol obfuscation for JSi-URL context. Access restricted to active Brute One subscribers.

Full specification: https://brutelogic.net/bypaxss/llms.txt

- URL: https://brutelogic.net/bypaxss/
- Requires: free account registering (https://brutelogic.net/my-account)