pwn 0.5.496 → 0.5.497

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bd65663e9522de07f7a818795b857aabd14bcacc219de51b8524dfbf8b6a7b2b
-  data.tar.gz: ea6abda9dd1d68e00b1a11f93a455e10c15bb91690979853a6bfec0cae33ecd7
+  metadata.gz: fc62a689871a26571f1d0a2cfb4b5c54f3e141193ce296b6d5ffe02b663620d0
+  data.tar.gz: ac4355cc47e2137b31d9136456eb4551d20ff1bdd663fee7f0a3c7ce4792dd13
 SHA512:
-  metadata.gz: 404c8240305e111d85d7c600e45e558097c912fa7955ecba7bafe1c319d8f0b2b6a08475439acbb1320993fa2d729ddf8bf6de4c908c0a736e8594c960a985b3
-  data.tar.gz: 5689c6e8c2cde63fda33290b2837722a43acc3a4f21edfc017b9e3efd3977d30037bca8b819578d7cacb5b08501de4948b226d29aba82b707b62c80a1ac23ed2
+  metadata.gz: ea4bdea71706c9799647f47c3c2e336786c63bcdc136b802e1c8c2f880f216a4466bd92bed7537f9fcfd9f9af398507f59604dc102bb4c8b3d7c0118c626191a
+  data.tar.gz: 3b9ccf0836db5973162a3bfde9ed106ab2f6597e250e7046927b5be5c2f497c27da20005312fc2ca0b91f86e32c9efc30c4c6acc8970e29a34c3745842008f42

data/.rubocop.yml

@@ -18,7 +18,7 @@ Metrics/CyclomaticComplexity:
 Metrics/MethodLength:
   Max: 565
 Metrics/ModuleLength:
-  Max: 1149
+  Max: 1447
 Metrics/PerceivedComplexity:
   Max: 157
 Style/HashEachMethods:

data/Gemfile

@@ -93,7 +93,7 @@ gem 'selenium-webdriver', '4.38.0'
 gem 'slack-ruby-client', '3.0.0'
 gem 'socksify', '1.8.1'
 gem 'spreadsheet', '1.3.4'
-gem 'sqlite3', '2.7.4'
+gem 'sqlite3', '2.8.0'
 gem 'thin', '2.0.1'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.496]:001 >>> PWN.help
+pwn[v0.5.497]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.496]:001 >>> PWN.help
+pwn[v0.5.497]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.496]:001 >>> PWN.help
+pwn[v0.5.497]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/ai/grok.rb

@@ -132,7 +132,7 @@ module PWN
 
       # Supported Method Parameters::
       # response = PWN::AI::Grok.chat(
-      #   request: 'required - message to ChatGPT'
+      #   request: 'required - message to Grok'
       #   model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:grok][:model])',
       #   temp: 'optional - creative response float (deafults to PWN::Env[:ai][:grok][:temp])',
       #   system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:grok][:system_role_content])',
@@ -145,6 +145,9 @@ module PWN
       public_class_method def self.chat(opts = {})
         engine = PWN::Env[:ai][:grok]
         request = opts[:request]
+        max_prompt_length = engine[:max_prompt_length] ||= 256_000
+        request_trunc_idx = ((max_prompt_length - 1) / 3.36).floor
+        request = request[0..request_trunc_idx]
 
         model = opts[:model] ||= engine[:model]
         raise 'ERROR: Model is required.  Call #get_models method for details' if model.nil?
@@ -237,7 +240,7 @@ module PWN
           models = #{self}.get_models
 
           response = #{self}.chat(
-            request: 'required - message to ChatGPT',
+            request: 'required - message to Grok',
             model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:grok][:model])',
             temp: 'optional - creative response float (defaults to PWN::Env[:ai][:grok][:temp])',
             system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:grok][:system_role_content])',

data/lib/pwn/ai/introspection.rb

@@ -12,7 +12,8 @@ module PWN
       # response = PWN::AI::Introspection.reflect_on(
       #   request: 'required - String - What you want the AI to reflect on',
       #   system_role_content: 'optional - context to set up the model behavior for reflection',
-      #   spinner: 'optional - Boolean - Display spinner during operation (default: false)'
+      #   spinner: 'optional - Boolean - Display spinner during operation (default: false)',
+      #   suppress_pii_warning: 'optional - Boolean - Suppress PII Warnings (default: false)'
       # )
 
       public_class_method def self.reflect_on(opts = {})
@@ -23,6 +24,8 @@ module PWN
 
         spinner = opts[:spinner] || false
 
+        suppress_pii_warning = opts[:suppress_pii_warning] || false
+
         response = nil
 
         ai_introspection = PWN::Env[:ai][:introspection]
@@ -32,6 +35,7 @@ module PWN
           engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
           raise "ERROR: Unsupported AI engine. Supported engines are: #{valid_ai_engines}" unless valid_ai_engines.include?(engine)
 
+          puts "WARNING: AI Introspection is enabled.  Ensure #{engine} has been authorized for use and/or requests are sanitized properly." unless suppress_pii_warning
           case engine
           when :grok
             response = PWN::AI::Grok.chat(
@@ -84,7 +88,8 @@ module PWN
           #{self}.reflect_on(
             request: 'required - String - What you want the AI to reflect on',
             system_role_content: 'optional - context to set up the model behavior for reflection',
-            spinner: 'optional - Boolean - Display spinner during operation (default: false)'
+            spinner: 'optional - Boolean - Display spinner during operation (default: false)',
+            suppress_pii_warning: 'optional - Boolean - Suppress PII Warnings (default: false)'
           )
 
           #{self}.authors

data/lib/pwn/ai/ollama.rb

@@ -134,7 +134,7 @@ module PWN
 
       # Supported Method Parameters::
       # response = PWN::AI::Ollama.chat(
-      #   request: 'required - message to ChatGPT'
+      #   request: 'required - message to Ollama'
       #   model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:ollama][:model])',
       #   temp: 'optional - creative response float (deafults to PWN::Env[:ai][:ollama][:temp])',
       #   system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:ollama][:system_role_content])',
@@ -147,6 +147,9 @@ module PWN
       public_class_method def self.chat(opts = {})
         engine = PWN::Env[:ai][:ollama]
         request = opts[:request]
+        max_prompt_length = engine[:max_prompt_length] ||= 1_000_000
+        request_trunc_idx = ((max_prompt_length - 1) / 3.36).floor
+        request = request[0..request_trunc_idx]
 
         model = opts[:model] ||= engine[:model]
         raise 'ERROR: Model is required.  Call #get_models method for details' if model.nil?
@@ -239,7 +242,7 @@ module PWN
           models = #{self}.get_models
 
           response = #{self}.chat(
-            request: 'required - message to ChatGPT',
+            request: 'required - message to Ollama',
             model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:ollama][:model])',
             temp: 'optional - creative response float (defaults to PWN::Env[:ai][:ollama][:temp])',
             system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:ollama][:system_role_content])',

data/lib/pwn/ai/open_ai.rb

@@ -143,6 +143,9 @@ module PWN
       public_class_method def self.chat(opts = {})
         engine = PWN::Env[:ai][:openai]
         request = opts[:request]
+        max_prompt_length = engine[:max_prompt_length] ||= 128_000
+        request_trunc_idx = ((max_prompt_length - 1) / 3.36).floor
+        request = request[0..request_trunc_idx]
 
         model = opts[:model] ||= engine[:model]
 

data/lib/pwn/blockchain/btc.rb

@@ -185,7 +185,8 @@ module PWN
         system_role_content = 'Provide a useful summary of this latest bitcoin block returned from a bitcoin node via getblockchaininfo.'
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: latest_block.to_s,
-          system_role_content: system_role_content
+          system_role_content: system_role_content,
+          suppress_pii_warning: true
         )
         puts ai_analysis
 

data/lib/pwn/config.rb

@@ -35,21 +35,24 @@ module PWN
             key: 'required - OpenAI API Key',
             model: 'optional - Grok model to use',
             system_role_content: 'You are an ethically hacking OpenAI agent.',
-            temp: 'optional - OpenAI temperature'
+            temp: 'optional - OpenAI temperature',
+            max_prompt_length: 256_000
           },
           openai: {
             base_uri: 'optional - Base URI for OpenAI - Use private base OR defaults to https://api.openai.com/v1',
             key: 'required - OpenAI API Key',
             model: 'optional - OpenAI model to use',
             system_role_content: 'You are an ethically hacking OpenAI agent.',
-            temp: 'optional - OpenAI temperature'
+            temp: 'optional - OpenAI temperature',
+            max_prompt_length: 128_000
           },
           ollama: {
             base_uri: 'required - Base URI for Open WebUI - e.g. https://ollama.local',
             key: 'required - Open WebUI API Key Under Settings  >> Account >> JWT Token',
             model: 'required - Ollama model to use',
             system_role_content: 'You are an ethically hacking Ollama agent.',
-            temp: 'optional - Ollama temperature'
+            temp: 'optional - Ollama temperature',
+            max_prompt_length: 32_000
           }
         },
         plugins: {

data/lib/pwn/plugins/assembly.rb

@@ -25,10 +25,11 @@ module PWN
 
         raise 'ERROR: opcodes parameter is required.' if opcodes.nil?
 
-        system_role_content = "Analyze the #{endian} endian #{arch} assembly opcodes below and provide a concise summary of their functionality."
+        system_role_content = "Analyze the #{endian} endian #{arch} assembly opcodes below and provide a concise summary of their functionality.  If possible, also convert the assembly to c/c++ code."
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: opcodes,
-          system_role_content: system_role_content
+          system_role_content: system_role_content,
+          suppress_pii_warning: true
         )
 
         case arch.to_s.downcase
@@ -140,7 +141,8 @@ module PWN
         system_role_content = "Analyze the #{endian} endian #{arch} assembly instructions below and provide a concise summary of their functionality."
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: asm,
-          system_role_content: system_role_content
+          system_role_content: system_role_content,
+          suppress_pii_warning: true
         )
 
         case arch.to_s.downcase

data/lib/pwn/plugins/burp_suite.rb

@@ -80,7 +80,7 @@ module PWN
 
         # Construct burp_obj
         burp_obj = {}
-        burp_obj[:pid] = Process.spawn(burp_cmd_string)
+        burp_obj[:pid] = Process.spawn(burp_cmd_string, pgroup: true)
         browser_obj1 = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
         rest_browser = browser_obj1[:browser]
 
@@ -124,6 +124,116 @@ module PWN
           enabled: true
         )
 
+        #  if PWN::Env[:ai][:introspection] is true,
+        #  spin up PWN::Plugins::ThreadPool to
+        #  1. Periodically call get_proxy_history(burp_obj: burp_obj) method
+        #  2. For each entry w/ empty comment,
+        #     generate AI analysis via PWN::AI::Introspection.reflect_on
+        #     and populate the comment field for the entry.
+        #  3. Update the highlight field based on EPSS score extracted from AI analysis.
+        #  4. Call update_proxy_history(burp_obj: burp_obj, entry: updated_entry)
+        if PWN::Env[:ai][:introspection]
+          proxy_history_introspection = Thread.new do
+            loop do
+              proxy_history = get_proxy_history(burp_obj: burp_obj)
+              proxy_history.each do |entry|
+                next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
+
+                request = entry[:request]
+                response = entry[:response]
+                host = entry[:http_service][:host]
+                port = entry[:http_service][:port]
+                protocol = entry[:http_service][:protocol]
+                next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
+
+                request = Base64.strict_decode64(request)
+                response = Base64.strict_decode64(response)
+
+                http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
+                system_role_content = '
+                  Your expertise lies in dissecting HTTP request/response pairs to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
+
+                  When analyzing HTTP request/response pairs:
+
+                  1. **Parse and Contextualize Traffic**:
+                     - Break down every element: HTTP method, URI (path, query parameters), headers (e.g., Host, User-Agent, Cookies, Authorization, Referer, Origin, Content-Type), request body (e.g., form data, JSON payloads), response status code, response headers, and response body (HTML, JSON, XML, etc.).
+                     - Identify dynamic elements: User-controlled inputs (e.g., query params, POST data, headers like X-Forwarded-For), server-side echoes, redirects, and client-side processing.
+                     - Trace data flow: Map how inputs propagate from request to response, including any client-side JavaScript execution where exploitation may be possible in the client without communicating with the server (e.g. DOM-XSS).
+
+                  2. **Vulnerability Hunting Framework**:
+                     - **Input Validation & Sanitization**: Check for unescaped/lack of encoding in outputs (e.g., HTML context for XSS, URL context for open redirects).
+                     - **XSS Focus**: Hunt for sinks like innerHTML/outerHTML, document.write, eval, setTimeout/setInterval with strings, location.href/assign/replace, and history.pushState. Test payloads like <script>alert(1)</script>, javascript:alert(1), and polyglots. For DOM-based, simulate client-side execution.
+                     - **JavaScript Library Analysis**: If JS is present (e.g., in response body or referenced scripts), deobfuscate and inspect:
+                       - Objects/properties that could clobber DOM (e.g., window.name, document.cookie manipulation leading to prototype pollution).
+                       - DOM XSS vectors: Analyze event handlers, querySelector, addEventListener with unsanitized data from location.hash/search, postMessage, or localStorage.
+                       - Third-party libs (e.g., jQuery, React): Flag known sink patterns like .html(), dangerouslySetInnerHTML, or eval-like functions.
+                     - **Server-Side Issues**: Probe for SSRF (e.g., via URL params fetching internal resources), IDOR (e.g., manipulating IDs in paths/bodies), rate limiting bypass, and insecure deserialization (e.g., in JSON/PHP objects).
+                     - **Headers & Misc**: Examine for exposed sensitive info (e.g., debug headers, stack traces), misconfigured security headers (CSP, HSTS), and upload flaws (e.g., file extension bypass).
+                     - **Chaining Opportunities**: Always consider multi-step exploits, like XSS leading to CSRF token theft or SSRF to internal metadata endpoints.
+
+                  3. **PoC Generation**:
+                     - Produce concise, step-by-step PoCs in a standardized format:
+                       - **Description**: Clear vuln summary, CVSS-like severity, and impact.
+                       - **Steps to Reproduce**: Numbered HTTP requests (use curl or Burp syntax, e.g., `curl -X POST -d "param=<payload>" https://target.com/endpoint`).
+                       - **Payloads**: Provide working, minimal payloads with variations for evasion (e.g., encoded, obfuscated).
+                       - **Screenshots/Evidence**: Suggest what to capture (e.g., alert popup for XSS, response diff for IDOR).
+                       - **Mitigation Advice**: Recommend fixes (e.g., output encoding, input validation).
+                     - Ensure PoCs are ethical: Target only in-scope assets, avoid DoS, and emphasize disclosure via proper channels (e.g., HackerOne, Bugcrowd).
+                     - If no vuln found, explain why and suggest further tests (e.g., fuzzing params).
+                  4. Risk Score:
+                    For each analysis generate a risk score between 0% - 100% based on exploitability and impact.  This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
+
+                  Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
+                '
+
+                ai_analysis = PWN::AI::Introspection.reflect_on(
+                  system_role_content: system_role_content,
+                  request: http_request_response,
+                  suppress_pii_warning: true
+                )
+
+                next if ai_analysis.nil? || ai_analysis.strip.empty?
+
+                entry[:comment] = ai_analysis
+                # Extract score and assign color highlight based on severity
+                if ai_analysis =~ /"risk_score":\s*"(\d{1,3})%"/
+                  score = Regexp.last_match(1).to_i
+                  highlight_color = case score
+                                    when 0..24
+                                      'GREEN'
+                                    when 25..49
+                                      'YELLOW'
+                                    when 50..74
+                                      'ORANGE'
+                                    when 75..100
+                                      'RED'
+                                    end
+                end
+                highlight_color ||= 'GRAY'
+                entry[:highlight] = highlight_color
+
+                entry.delete(:request)
+                entry.delete(:response)
+                entry.delete(:http_service)
+
+                update_proxy_history(
+                  burp_obj: burp_obj,
+                  entry: entry
+                )
+              end
+              sleep 10
+            end
+          rescue Errno::ECONNREFUSED
+            puts 'BurpSuite Proxy History AI Introspection Thread Terminating...'
+          rescue StandardError => e
+            puts "BurpSuite Proxy History AI Introspection Thread Error: #{e}"
+            puts e.backtrace
+            raise e
+          end
+
+          burp_obj[:proxy_history_introspection_thread] = proxy_history_introspection
+        end
+
         burp_obj
       rescue StandardError => e
         stop(burp_obj: burp_obj) unless burp_obj.nil?
@@ -296,7 +406,6 @@ module PWN
         enabled = opts[:enabled] != false # Default to true if not specified
 
         proxy_listeners = get_proxy_listeners(burp_obj: burp_obj)
-        puts "Proxy Listeners: #{proxy_listeners.inspect}"
         last_known_proxy_id = 0
         last_known_proxy_id = proxy_listeners.last[:id].to_i if proxy_listeners.any?
         next_id = last_known_proxy_id + 1
@@ -374,6 +483,219 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # json_proxy_history = PWN::Plugins::BurpSuite.get_proxy_history(
+      #   burp_obj: 'required - burp_obj returned by #start method',
+      #   keyword: 'optional - keyword to filter proxy history entries (default: nil)',
+      #   return_as: 'optional - :base64 or :har (defaults to :base64)'
+      # )
+
+      public_class_method def self.get_proxy_history(opts = {})
+        burp_obj = opts[:burp_obj]
+        rest_browser = burp_obj[:rest_browser]
+        mitm_rest_api = burp_obj[:mitm_rest_api]
+        keyword = opts[:keyword]
+        return_as = opts[:return_as] ||= :base64
+
+        rest_call = "http://#{mitm_rest_api}/proxyhistory"
+
+        sitemap = rest_browser.get(
+          rest_call,
+          content_type: 'application/json; charset=UTF8'
+        )
+
+        sitemap_arr = JSON.parse(sitemap, symbolize_names: true)
+
+        if keyword
+          sitemap_arr = sitemap_arr.select do |site|
+            decoded_request = Base64.strict_decode64(site[:request])
+            decoded_request.include?(keyword)
+          end
+        end
+
+        if return_as == :har
+          # Convert to HAR format
+          har_entries = sitemap_arr.map do |site|
+            decoded_request = Base64.strict_decode64(site[:request])
+
+            # Parse request head and body
+            if decoded_request.include?("\r\n\r\n")
+              request_head, request_body = decoded_request.split("\r\n\r\n", 2)
+            else
+              request_head = decoded_request
+              request_body = ''
+            end
+            request_lines = request_head.split("\r\n")
+            request_line = request_lines.shift
+            method, full_path, http_version = request_line.split(' ', 3)
+            headers = {}
+            request_lines.each do |line|
+              next if line.empty?
+
+              key, value = line.split(': ', 2)
+              headers[key] = value if key && value
+            end
+
+            host = headers['Host'] || raise('No Host header found in request')
+            scheme = 'http' # Hardcoded as protocol is not available; consider enhancing if available in site
+            url = "#{scheme}://#{host}#{full_path}"
+            uri = URI.parse(url)
+            query_string = uri.query ? URI.decode_www_form(uri.query).map { |k, v| { name: k, value: v.to_s } } : []
+
+            request_headers_size = request_head.bytesize + 4 # Account for \r\n\r\n
+            request_body_size = request_body.bytesize
+
+            request_obj = {
+              method: method,
+              url: uri.to_s,
+              httpVersion: http_version,
+              headers: headers.map { |k, v| { name: k, value: v } },
+              queryString: query_string,
+              headersSize: request_headers_size,
+              bodySize: request_body_size
+            }
+
+            if request_body_size.positive?
+              mime_type = headers['Content-Type'] || 'application/octet-stream'
+              post_data = {
+                mimeType: mime_type,
+                text: request_body
+              }
+              post_data[:params] = URI.decode_www_form(request_body).map { |k, v| { name: k, value: v.to_s } } if mime_type.include?('x-www-form-urlencoded')
+              request_obj[:postData] = post_data
+            end
+
+            if site[:response]
+              decoded_response = Base64.strict_decode64(site[:response])
+
+              # Parse response head and body
+              if decoded_response.include?("\r\n\r\n")
+                response_head, response_body = decoded_response.split("\r\n\r\n", 2)
+              else
+                response_head = decoded_response
+                response_body = ''
+              end
+              response_lines = response_head.split("\r\n")
+              status_line = response_lines.shift
+              version, status_str, status_text = status_line.split(' ', 3)
+              status = status_str.to_i
+              status_text ||= ''
+              response_headers = {}
+              response_lines.each do |line|
+                next if line.empty?
+
+                key, value = line.split(': ', 2)
+                response_headers[key] = value if key && value
+              end
+
+              response_headers_size = response_head.bytesize + 4 # Account for \r\n\r\n
+              response_body_size = response_body.bytesize
+              mime_type = response_headers['Content-Type'] || 'text/plain'
+
+              response_obj = {
+                status: status,
+                statusText: status_text,
+                httpVersion: version,
+                headers: response_headers.map { |k, v| { name: k, value: v } },
+                content: {
+                  size: response_body_size,
+                  mimeType: mime_type,
+                  text: response_body
+                },
+                redirectURL: response_headers['Location'] || '',
+                headersSize: response_headers_size,
+                bodySize: response_body_size
+              }
+            else
+              response_obj = {
+                status: 0,
+                statusText: 'No response',
+                httpVersion: 'unknown',
+                headers: [],
+                content: {
+                  size: 0,
+                  mimeType: 'text/plain',
+                  text: ''
+                },
+                redirectURL: '',
+                headersSize: -1,
+                bodySize: 0
+              }
+            end
+
+            {
+              startedDateTime: Time.now.iso8601,
+              time: 0,
+              request: request_obj,
+              response: response_obj,
+              cache: {},
+              timings: {
+                send: 0,
+                wait: 0,
+                receive: 0
+              },
+              pageref: 'page_1'
+            }
+          end
+
+          har_log = {
+            log: {
+              version: '1.2',
+              creator: {
+                name: 'BurpSuite via PWN::Plugins::BurpSuite',
+                version: '1.0'
+              },
+              pages: [{
+                startedDateTime: Time.now.iso8601,
+                id: 'page_1',
+                title: 'Sitemap Export',
+                pageTimings: {}
+              }],
+              entries: har_entries
+            }
+          }
+
+          sitemap_arr = har_log
+        end
+
+        sitemap_arr.uniq
+      rescue StandardError => e
+        stop(burp_obj: burp_obj) unless burp_obj.nil?
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # repeater_obj = PWN::Plugins::BurpSuite.update_proxy_history(
+      #   burp_obj: 'required - burp_obj returned by #start method',
+      #   entry: 'required - hash of the proxy history entry to update'
+      # )
+
+      public_class_method def self.update_proxy_history(opts = {})
+        burp_obj = opts[:burp_obj]
+        raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
+
+        entry = opts[:entry]
+        raise 'ERROR: entry parameter is required and must be a hash' unless entry.is_a?(Hash)
+
+        id = entry[:id]
+        raise 'ERROR: id key value pair is required within entry hash' if id.nil?
+
+        rest_browser = burp_obj[:rest_browser]
+        mitm_rest_api = burp_obj[:mitm_rest_api]
+
+        put_body = entry.to_json
+
+        proxy_history_resp = rest_browser.put(
+          "http://#{mitm_rest_api}/proxyhistory/#{id}",
+          put_body,
+          content_type: 'application/json; charset=UTF8'
+        )
+
+        JSON.parse(proxy_history_resp, symbolize_names: true)
+      rescue StandardError => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # json_sitemap = PWN::Plugins::BurpSuite.get_sitemap(
       #   burp_obj: 'required - burp_obj returned by #start method',
@@ -584,23 +906,55 @@ module PWN
         sitemap = opts[:sitemap] ||= {}
         debug = opts[:debug] || false
 
-        decoded_sitemap = {
-          request: Base64.strict_decode64(sitemap[:request]),
-          http_service: {
-            host: sitemap[:http_service][:host],
-            port: sitemap[:http_service][:port],
-            protocol: sitemap[:http_service][:protocol]
-          }
-        }
-        system_role_content = 'Your sole purpose is to analyze each `protocol`, `host`, `port`, and `request` and generate an Exploit Prediction Scoring System (EPSS) score from 0%-100%.  Just generate a score unless the score is >= 75% in which a PoC should also be generated to communicate the threat.  You can always generate an score - provide the score at _the beggining of your analysis_.  Be concise and to the point.'
+        request = Base64.strict_decode64(sitemap[:request])
+        response = Base64.strict_decode64(sitemap[:response])
+
+        http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
+
+        system_role_content = '
+          Your expertise lies in dissecting HTTP request/response pairs to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
+
+          When analyzing HTTP request/response pairs:
+
+          1. **Parse and Contextualize Traffic**:
+             - Break down every element: HTTP method, URI (path, query parameters), headers (e.g., Host, User-Agent, Cookies, Authorization, Referer, Origin, Content-Type), request body (e.g., form data, JSON payloads), response status code, response headers, and response body (HTML, JSON, XML, etc.).
+             - Identify dynamic elements: User-controlled inputs (e.g., query params, POST data, headers like X-Forwarded-For), server-side echoes, redirects, and client-side processing.
+             - Trace data flow: Map how inputs propagate from request to response, including any client-side JavaScript execution where exploitation may be possible in the client without communicating with the server (e.g. DOM-XSS).
+
+          2. **Vulnerability Hunting Framework**:
+             - **Input Validation & Sanitization**: Check for unescaped/lack of encoding in outputs (e.g., HTML context for XSS, URL context for open redirects).
+             - **XSS Focus**: Hunt for sinks like innerHTML/outerHTML, document.write, eval, setTimeout/setInterval with strings, location.href/assign/replace, and history.pushState. Test payloads like <script>alert(1)</script>, javascript:alert(1), and polyglots. For DOM-based, simulate client-side execution.
+             - **JavaScript Library Analysis**: If JS is present (e.g., in response body or referenced scripts), deobfuscate and inspect:
+               - Objects/properties that could clobber DOM (e.g., window.name, document.cookie manipulation leading to prototype pollution).
+               - DOM XSS vectors: Analyze event handlers, querySelector, addEventListener with unsanitized data from location.hash/search, postMessage, or localStorage.
+               - Third-party libs (e.g., jQuery, React): Flag known sink patterns like .html(), dangerouslySetInnerHTML, or eval-like functions.
+             - **Server-Side Issues**: Probe for SSRF (e.g., via URL params fetching internal resources), IDOR (e.g., manipulating IDs in paths/bodies), rate limiting bypass, and insecure deserialization (e.g., in JSON/PHP objects).
+             - **Headers & Misc**: Examine for exposed sensitive info (e.g., debug headers, stack traces), misconfigured security headers (CSP, HSTS), and upload flaws (e.g., file extension bypass).
+             - **Chaining Opportunities**: Always consider multi-step exploits, like XSS leading to CSRF token theft or SSRF to internal metadata endpoints.
+
+          3. **PoC Generation**:
+             - Produce concise, step-by-step PoCs in a standardized format:
+               - **Description**: Clear vuln summary, CVSS-like severity, and impact.
+               - **Steps to Reproduce**: Numbered HTTP requests (use curl or Burp syntax, e.g., `curl -X POST -d "param=<payload>" https://target.com/endpoint`).
+               - **Payloads**: Provide working, minimal payloads with variations for evasion (e.g., encoded, obfuscated).
+               - **Screenshots/Evidence**: Suggest what to capture (e.g., alert popup for XSS, response diff for IDOR).
+               - **Mitigation Advice**: Recommend fixes (e.g., output encoding, input validation).
+             - Ensure PoCs are ethical: Target only in-scope assets, avoid DoS, and emphasize disclosure via proper channels (e.g., HackerOne, Bugcrowd).
+             - If no vuln found, explain why and suggest further tests (e.g., fuzzing params).
+          4. Risk Score:
+            For each analysis generate a risk score between 0% - 100% based on exploitability and impact.  This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
+
+          Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
+        '
+
         ai_analysis = PWN::AI::Introspection.reflect_on(
           system_role_content: system_role_content,
-          request: decoded_sitemap.to_json,
+          request: http_request_response,
           spinner: true
         )
         sitemap[:comment] = ai_analysis unless ai_analysis.nil?
         # Extract score and assign color highlight based on severity
-        if ai_analysis =~ /(\d{1,3})%/
+        if ai_analysis =~ /"risk_score":\s*"(\d{1,3})%"/
           score = Regexp.last_match(1).to_i
           highlight_color = case score
                             when 0..24
@@ -611,11 +965,10 @@ module PWN
                               'ORANGE'
                             when 75..100
                               'RED'
-                            else
-                              'NONE'
                             end
-          sitemap[:highlight] = highlight_color
         end
+        highlight_color ||= 'GRAY'
+        sitemap[:highlight] = highlight_color
 
         rest_client = rest_browser::Request
         response = rest_client.execute(
@@ -1476,8 +1829,10 @@ module PWN
         browser_obj = burp_obj[:mitm_browser]
         rest_browser = burp_obj[:rest_browser]
         mitm_rest_api = burp_obj[:mitm_rest_api]
+        proxy_intruder_thread = burp_obj[:proxy_intruder_thread]
         # burp_pid = burp_obj[:pid]
 
+        proxy_intruder_thread.kill unless proxy_intruder_thread.nil?
         PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj)
         rest_browser.post("http://#{mitm_rest_api}/shutdown", '')
         # Process.kill('TERM', burp_pid)
@@ -1552,6 +1907,12 @@ module PWN
             id: 'optional - ID of the proxy listener (defaults to 0)'
           )
 
+          json_proxy_history = #{self}.get_proxy_history(
+            burp_obj: 'required - burp_obj returned by #start method',
+            keyword: 'optional - keyword to filter proxy history results (default: nil)',
+            return_as: 'optional - :base64 or :har (defaults to :base64)'
+          )
+
           json_sitemap = #{self}.get_sitemap(
             burp_obj: 'required - burp_obj returned by #start method',
             keyword: 'optional - keyword to filter sitemap results (default: nil)',

data/lib/pwn/plugins/char.rb

@@ -7,6 +7,23 @@ module PWN
   module Plugins
     # This plugin was created to generate various characters for fuzzing
     module Char
+      # Supported Method Parameters::
+      # PWN::Plugins::Char.force_utf8(
+      #  obj: 'required - object to force to UTF-8'
+      #  )
+      public_class_method def self.force_utf8(obj)
+        case obj
+        when String
+          obj.force_encoding('ISO-8859-1').encode('UTF-8', invalid: :replace, undef: :replace)
+        when Array
+          obj.map { |item| force_utf8(item) }
+        when Hash
+          obj.transform_values { |value| force_utf8(value) }
+        else
+          obj
+        end
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::Char.generate_by_range(
       #   from: 'required - integer to start from',

data/lib/pwn/plugins/transparent_browser.rb

@@ -1202,7 +1202,8 @@ module PWN
           callbacks_to_delete = devtools.callbacks.keys.reject { |k| k == 'Target.attachedToTarget' }
           Timeout.timeout(30) { browser_obj[:browser].refresh }
           until devtools.callbacks.keys.include?(method) && breakpoint_arr.any? { |bp| bp['caught'] == true }
-            callbacks_to_delete.each { |method| devtools.callbacks.delete(method) }
+            devtools.callbacks.delete(method)
+            devtools.debugger.resume
             devtools.debugger.on(:paused) do |params|
               breakpoint_id_caught = params['callFrames'].first['location']['scriptId']
               breakpoint_arr.each_with_index do |bp, idx|
@@ -1213,8 +1214,11 @@ module PWN
                 debugger_state[:breakpoints] = breakpoint_arr
                 devtools.instance_variable_set(:@debugger_state, debugger_state)
               end
-              puts "TARGET BREAKPOINTS: #{breakpoint_arr.inspect}"
-              puts "PARAMS Observerd: #{params.inspect}"
+              # puts "TARGET BREAKPOINTS: #{breakpoint_arr.inspect}"
+              # puts "PARAMS Observerd: #{params.inspect}"
+              debugger_state = devtools.instance_variable_get(:@debugger_state)
+              puts devtools.callbacks.inspect
+              puts debugger_state.inspect
             end
             devtools.debugger.pause
             # browser_obj[:browser].refresh
@@ -1413,7 +1417,8 @@ module PWN
 
             ai_analysis = PWN::AI::Introspection.reflect_on(
               system_role_content: system_role_content,
-              request: current_step
+              request: current_step,
+              suppress_pii_output: true
             )
             puts "^^^ #{ai_analysis}" unless ai_analysis.nil?
           end

data/lib/pwn/plugins/zaproxy.rb

@@ -129,7 +129,7 @@ module PWN
 
         zaproxy_cmd = "#{zaproxy_cmd} -host #{zap_ip} -port #{zap_port}"
 
-        zap_obj[:pid] = Process.spawn(zaproxy_cmd)
+        zap_obj[:pid] = Process.spawn(zaproxy_cmd, pgroup: true)
         # Wait for pwn_burp_port to open prior to returning burp_obj
         loop do
           s = TCPSocket.new(zap_rest_ip, zap_rest_port)

data/lib/pwn/sast/pom_version.rb

@@ -82,7 +82,13 @@ module PWN
                     line_no: line_no,
                     source_code_snippet: contents
                   }.to_json
-                  ai_analysis = PWN::AI::Introspection.reflect_on(request: request)
+
+                  system_role_content = 'Your sole purpose is to analyze source code snippets and generate an Exploit Prediction Scoring System (EPSS) score between 0% - 100%.  Just generate a score unless score is >= 75% in which a PoC and code fix should also be included.'
+                  ai_analysis = PWN::AI::Introspection.reflect_on(
+                    system_role_content: system_role_content,
+                    request: request,
+                    suppress_pii_warning: true
+                  )
                   ai_analysis ||= 'N/A'
 
                   hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(

data/lib/pwn/sast/test_case_engine.rb

@@ -124,7 +124,13 @@ module PWN
                   line_no: line_no,
                   source_code_snippet: contents
                 }.to_json
-                ai_analysis = PWN::AI::Introspection.reflect_on(request: request)
+
+                system_role_content = 'Your sole purpose is to analyze source code snippets and generate an Exploit Prediction Scoring System (EPSS) score between 0% - 100%.  Just generate a score unless score is >= 75% in which a PoC and code fix should also be included.'
+                ai_analysis = PWN::AI::Introspection.reflect_on(
+                  system_role_content: system_role_content,
+                  request: request,
+                  suppress_pii_warning: true
+                )
                 ai_analysis ||= 'N/A'
 
                 hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.496'
+  VERSION = '0.5.497'
 end

data/lib/pwn/www/hacker_one.rb

@@ -139,7 +139,8 @@ module PWN
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: programs_arr.to_json,
           system_role_content: system_role_content,
-          spinner: true
+          spinner: true,
+          suppress_pii_warning: true
         )
         puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
 
@@ -284,7 +285,8 @@ module PWN
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: json_resp.to_json,
           system_role_content: system_role_content,
-          spinner: true
+          spinner: true,
+          suppress_pii_warning: true
         )
         puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
 
@@ -432,7 +434,8 @@ module PWN
         ai_analysis = PWN::AI::Introspection.reflect_on(
           request: json_resp.to_json,
           system_role_content: system_role_content,
-          spinner: true
+          spinner: true,
+          suppress_pii_warning: true
         )
         puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
 

data/third_party/pwn_rdoc.jsonl

@@ -7,7 +7,7 @@
 {"messages":[{"role":"user","content":"PWN::AI::Grok.help Usage"},{"role":"assistant","content":"`PWN::AI::Grok.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::AI::Introspection.authors Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Introspection.help Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.help`: "}]}
-{"messages":[{"role":"user","content":"PWN::AI::Introspection.reflect_on Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.reflect_on`: Supported Method Parameters\n\nresponse = PWN::AI::Introspection.reflect_on(\n\nrequest: 'required - String - What you want the AI to reflect on',\nsystem_role_content: 'optional - context to set up the model behavior for reflection'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::AI::Introspection.reflect_on Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.reflect_on`: Supported Method Parameters\n\nresponse = PWN::AI::Introspection.reflect_on(\n\nrequest: 'required - String - What you want the AI to reflect on',\nsystem_role_content: 'optional - context to set up the model behavior for reflection',\nspinner: 'optional - Boolean - Display spinner during operation (default: false)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Ollama.authors Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Ollama.chat Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.chat`: Supported Method Parameters\n\nresponse = PWN::AI::Ollama.chat(\n\nrequest: 'required - message to ChatGPT'\nmodel: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:ollama][:model])',\ntemp: 'optional - creative response float (deafults to PWN::Env[:ai][:ollama][:temp])',\nsystem_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:ollama][:system_role_content])',\nresponse_history: 'optional - pass response back in to have a conversation',\nspeak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',\ntimeout: 'optional timeout in seconds (defaults to 300)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Ollama.get_models Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.get_models`: Supported Method Parameters\n\nresponse = PWN::AI::Ollama.get_models\n"}]}
@@ -550,12 +550,12 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::BlackDuckBinaryAnalysis.help Usage"},{"role":"assistant","content":"`PWN::Plugins::BlackDuckBinaryAnalysis.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BlackDuckBinaryAnalysis.upload_file Usage"},{"role":"assistant","content":"`PWN::Plugins::BlackDuckBinaryAnalysis.upload_file`: Supported Method Parameters\n\nresponse = PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(\n\ntoken: 'required - Bearer token',\nfile: 'required - path of file to upload',\ngroup_id: 'optional - group id',\ndelete_binary: 'optional - delete binary after upload (defaults to false)',\nforce_scan: 'optional - force scan (defaults to false)',\ncallback_url: 'optional - callback url',\nscan_infoleak: 'optional - scan infoleak (defaults to true)',\ncode_analysis: 'optional - code analysis (defaults to true)',\nscan_code_familiarity: 'optional - scan code familiarity (defaults to false)',\nversion: 'optional - version',\nproduct_id: 'optional - product id'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.active_scan Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.active_scan`: Supported Method Parameters\n\nactive_scan_url_arr = PWN::Plugins::BurpSuite.active_scan(\n\nburp_obj: 'required - burp_obj returned by #start method',\ntarget_url: 'required - target url to scan in sitemap (should be loaded & authenticated w/ burp_obj[:mitm_browser])',\nexclude_paths: 'optional - array of paths to exclude from active scan (default: [])'\n\n)\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.add_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.add_proxy_listener`: Supported Method Parameters\n\njson_proxy_listener = PWN::Plugins::BurpSuite.add_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nbind_address: 'required - bind address for the proxy listener (e.g., \"127.0.0.1\")',\nport: 'required - port for the proxy listener (e.g., 8081)',\nenabled: 'optional - enable the listener (defaults to true)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.add_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.add_proxy_listener`: Supported Method Parameters\n\njson_proxy_listener = PWN::Plugins::BurpSuite.add_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nbindAddress: 'required - bind address for the proxy listener (e.g., \"127.0.0.1\")',\nport: 'required - port for the proxy listener (e.g., 8081)',\nenabled: 'optional - enable the listener (defaults to true)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.add_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.add_repeater_tab`: Supported Method Parameters\n\nrepeater_id = PWN::Plugins::BurpSuite.add_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nname: 'required - name of the repeater tab (max 30 characters)',\nrequest: 'optional - base64 encoded HTTP request string'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.add_to_scope Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.add_to_scope`: Supported Method Parameters\n\njson_in_scope = PWN::Plugins::BurpSuite.add_to_scope(\n\nburp_obj: 'required - burp_obj returned by #start method',\ntarget_url: 'required - target url to add to scope'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.add_to_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.add_to_sitemap`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.delete_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.delete_proxy_listener`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.delete_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - ID of the proxy listener (defaults to \"0\")'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.delete_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.delete_proxy_listener`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.delete_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'optional - ID of the proxy listener (defaults to 0)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.delete_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.delete_repeater_tab`: Supported Method Parameters\n\nuri_in_scope = PWN::Plugins::BurpSuite.delete_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to delete'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.disable_proxy Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.disable_proxy`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.disable_proxy(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.enable_proxy Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.enable_proxy`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.enable_proxy(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
@@ -574,7 +574,7 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.start Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.start`: Supported Method Parameters\n\nburp_obj1 = PWN::Plugins::BurpSuite.start(\n\nburp_jar_path: 'optional - path of burp suite pro jar file (defaults to /opt/burpsuite/burpsuite_pro.jar)',\nheadless: 'optional - run burp headless if set to true',\nbrowser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',\nburp_ip: 'optional - IP address for the Burp proxy (defaults to 127.0.0.1)',\nburp_port: 'optional - port for the Burp proxy (defaults to a random unused port)',\npwn_burp_ip: 'optional - IP address for the PWN Burp API (defaults to 127.0.0.1)',\npwn_burp_port: 'optional - port for the PWN Burp API (defaults to a random unused port)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.stop Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.stop`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.stop(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_burp_jar Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_burp_jar`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.update_burp_jar( )\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_proxy_listener`: Supported Method Parameters\n\njson_proxy_listener = PWN::Plugins::BurpSuite.update_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'optional - ID of the proxy listener (defaults to \"0\")',\nbind_address: 'optional - bind address for the proxy listener (defaults to \"127.0.0.1\")',\nport: 'optional - port for the proxy listener (defaults to 8080)',\nenabled: 'optional - enable or disable the listener (defaults to true)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_proxy_listener`: Supported Method Parameters\n\njson_proxy_listener = PWN::Plugins::BurpSuite.update_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'optional - ID of the proxy listener (defaults to 0)',\nbindAddress: 'optional - bind address for the proxy listener (defaults to value of existing listener)',\nport: 'optional - port for the proxy listener (defaults to value of existing listener)',\nenabled: 'optional - enable or disable the listener (defaults to value of existing listener)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_repeater_tab`: Supported Method Parameters\n\nrepeater_obj = PWN::Plugins::BurpSuite.update_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to update',\nname: 'required - name of the repeater tab (max 30 characters)',\nrequest: 'required - base64 encoded HTTP request string'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BusPirate.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::BusPirate.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BusPirate.connect Usage"},{"role":"assistant","content":"`PWN::Plugins::BusPirate.connect`: Supported Method Parameters\n\nbus_pirate_obj = PWN::Plugins::BusPirate.connect(\n\nblock_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)',\nbaud: 'optional (defaults to 9600)',\ndata_bits: 'optional (defaults to 8)',\nstop_bits: 'optional (defaults to 1)',\nparity: 'optional (defaults to SerialPort::NONE)',\nflow_control: 'optional (defaults to SerialPort::HARD) SerialPort::NONE|SerialPort::SOFT|SerialPort::HARD'\n\n)\n"}]}
@@ -1001,6 +1001,7 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::Tor.switch_exit_node Usage"},{"role":"assistant","content":"`PWN::Plugins::Tor.switch_exit_node`: Supported Method Parameters\n\nPWN::Plugins::Tor.switch_exit_node(\n\ntor_obj: 'required - tor_obj returned from #start method',\nresponse_timeout: 'optional - float in seconds to timeout (default: 3.0)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Tor.tor_control_cmd Usage"},{"role":"assistant","content":"`PWN::Plugins::Tor.tor_control_cmd`: Supported Method Parameters\n\ntor_ctrl_cmd(\n\ntor_obj: 'required - tor_obj returned from #start method'\ncmd: 'required - Tor control command to execute',\nresponse_timeout: 'optional - float in seconds to timeout (default: 3.0)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.breakpoint_locations Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.breakpoint_locations`: Supported Method Parameters\n\npage_state_arr = PWN::Plugins::TransparentBrowser.breakpoint_locations(\n\nbrowser_obj: 'required - browser_obj returned from #open method)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.close Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.close`: Supported Method Parameters\n\nbrowser_obj1 = PWN::Plugins::TransparentBrowser.close(\n\nbrowser_obj: 'required - browser_obj returned from #open method)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.close_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.close_tab`: Supported Method Parameters\n\ntab = PWN::Plugins::TransparentBrowser.close_tab(\n\nbrowser_obj: 'required - browser_obj returned from #open method)',\nindex: 'optional - index of tab to close (defaults to closing active tab)',\nkeyword: 'optional - keyword in title or url used to close tabs (defaults to closing active tab)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.console Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.console`: Supported Method Parameters\n\nconsole_resp = PWN::Plugins::TransparentBrowser.console(\n\nbrowser_obj: browser_obj1,\njs: 'required - JavaScript expression to evaluate',\nreturn_to: 'optional - return to :console or :stdout (defaults to :console)'\n\n)\n"}]}
@@ -1010,6 +1011,7 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.dump_links Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.dump_links`: Supported Method Parameters\n\nbrowser_obj = PWN::Plugins::TransparentBrowser.dump_links(\n\nbrowser_obj: browser_obj1\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.find_elements_by_text Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.find_elements_by_text`: Supported Method Parameters\n\nbrowser_obj = PWN::Plugins::TransparentBrowser.find_elements_by_text(\n\nbrowser_obj: browser_obj1,\ntext: 'required - text to search for in the DOM'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.get_page_state Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.get_page_state`: Supported Method Parameters\n\npage_state = PWN::Plugins::TransparentBrowser.get_page_state(\n\nbrowser_obj: 'required - browser_obj returned from #open method)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.get_targets Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.get_targets`: Supported Method Parameters\n\npage_state_arr = PWN::Plugins::TransparentBrowser.get_targets(\n\nbrowser_obj: 'required - browser_obj returned from #open method)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.help Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.hide_dom_mutations Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.hide_dom_mutations`: Supported Method Parameters\n\nconsole_resp = PWN::Plugins::TransparentBrowser.hide_dom_mutations(\n\nbrowser_obj: browser_obj1,\nindex: 'optional - index of tab to switch to (defaults to active tab)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::TransparentBrowser.jmp_devtools_panel Usage"},{"role":"assistant","content":"`PWN::Plugins::TransparentBrowser.jmp_devtools_panel`: Supported Method Parameters\n\nPWN::Plugins::TransparentBrowser.jmp_devtools_panel(\n\nbrowser_obj: 'required - browser_obj returned from #open method)',\npanel: 'optional - panel to switch to :elements|:inspector|:console|:debugger|:sources|:network\n\n)\n"}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.496
+  version: 0.5.497
 platform: ruby
 authors:
 - 0day Inc.
@@ -1149,14 +1149,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.4
+        version: 2.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.4
+        version: 2.8.0
 - !ruby/object:Gem::Dependency
   name: thin
   requirement: !ruby/object:Gem::Requirement