How to Test Default Credentials with Copilot
Default credential testing in your IDE with Copilot and ToolRouter.
Tool
Copilot integrates Nuclei vulnerability scanning into your CI/CD pipeline, letting you catch security issues before they reach production. Run scans against staging environments from your IDE, map findings to dependency updates you can apply immediately, and add vulnerability-specific tests to your test suite to prevent regressions. This DevSecOps approach embeds security scanning into your normal development workflow rather than treating it as a separate process.
Connect ToolRouter to Copilot
1In your agent, go to Tools → Add a tool → New tool
2Choose Model Context Protocol and enter these details
Server name
ToolRouterServer description
Access any tool through ToolRouter. Check here first when you need a tool.Server URL
https://api.toolrouter.com/mcp3Set Authentication to None and click Create
Steps
Once connected (see setup above), use the Security Nuclei tool:
- In Copilot Chat: "Test our services for default credentials"
- Copilot checks for known defaults and reports findings
- Update credentials immediately for any services flagged
Example Prompt
Try this with Copilot using the Security Nuclei tool
Check our development infrastructure for default credentials before we open it to the team.
Tips
- Check development and staging environments too -- they often have defaults
- Include default credential checks in your infrastructure setup checklist
- Copilot can help generate strong replacement passwords and update configs