pwn 0.5.538 → 0.5.540
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/ai/agent/assembly.rb +66 -0
- data/lib/pwn/ai/agent/btc.rb +47 -0
- data/lib/pwn/ai/agent/burp_suite.rb +81 -0
- data/lib/pwn/ai/agent/gqrx.rb +51 -0
- data/lib/pwn/ai/agent/hacker_one.rb +61 -0
- data/lib/pwn/ai/agent/sast.rb +47 -0
- data/lib/pwn/ai/agent/transparent_browser.rb +51 -0
- data/lib/pwn/ai/agent.rb +26 -0
- data/lib/pwn/ai.rb +1 -0
- data/lib/pwn/blockchain/btc.rb +2 -5
- data/lib/pwn/plugins/assembly.rb +9 -9
- data/lib/pwn/plugins/burp_suite.rb +7 -49
- data/lib/pwn/plugins/transparent_browser.rb +2 -5
- data/lib/pwn/sast/pom_version.rb +2 -5
- data/lib/pwn/sast/test_case_engine.rb +2 -5
- data/lib/pwn/sdr/gqrx.rb +2 -4
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +6 -15
- data/spec/lib/pwn/ai/agent/assembly_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/btc_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/burp_suite_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/gqrx_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/hacker_one_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/sast_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent/transparent_browser_spec.rb +20 -0
- data/spec/lib/pwn/ai/agent_spec.rb +10 -0
- metadata +17 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4b2d2483fa867836d572d647e492b87e2f416dd89ead314312e25752c3cfe8e7
|
|
4
|
+
data.tar.gz: 9b207c60754610b4beda51a0cfd6d1f3ae7bdf1b4c26005af4f13bc408b32c75
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 543897559c8511d19a5509610a91a64c4f457521b22ba74b2924052d88404dea754904b16e7731b07c64b8afdf82d6a339041b5086686f9ee1df63e28911adfc
|
|
7
|
+
data.tar.gz: 0dd49afd240c38f3b7418cdec36b6ca33d16ff0f7bbb2fb4b00485767bd5db9af3075ab1c98dca459b6aed51088367e7212d3d25493ea243a1695506b12e6f72
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.540]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.540]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.540]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze assembly code, including both opcodes and instructions, for various architectures and endianness. It provides insights into the functionality of the assembly code and can also convert it to C/C++ code when possible.
|
|
7
|
+
module Assembly
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::Assembly.analyze(
|
|
10
|
+
# request: 'required - the assembly opcodes or instructions to be analyzed',
|
|
11
|
+
# type: 'required - :opcodes_to_asm|:asm_to_opcodes - specify the type of analysis to perform',
|
|
12
|
+
# arch: 'required - name of arch returned from `PWN::Plugins::Assembly.list_supported_archs` (e.g., :i386|:i686|:x86|:x64|:arm|:arm64, etc.)',
|
|
13
|
+
# endian: 'required - the endianness of the assembly code (e.g., :little|:big)'
|
|
14
|
+
# )
|
|
15
|
+
|
|
16
|
+
public_class_method def self.analyze(opts = {})
|
|
17
|
+
request = opts[:request]
|
|
18
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
19
|
+
|
|
20
|
+
type = opts[:type]
|
|
21
|
+
raise 'ERROR: type parameter is required' if type.nil? || type.empty?
|
|
22
|
+
|
|
23
|
+
arch = opts[:arch]
|
|
24
|
+
raise 'ERROR: arch parameter is required' if arch.nil? || arch.empty?
|
|
25
|
+
|
|
26
|
+
endian = opts[:endian]
|
|
27
|
+
raise 'ERROR: endian parameter is required' if endian.nil? || endian.empty?
|
|
28
|
+
|
|
29
|
+
case type.to_s.downcase.to_sym
|
|
30
|
+
when :opcodes_to_asm
|
|
31
|
+
system_role_content = "Analyze the #{endian} endian #{arch} assembly opcodes below and provide a concise summary of their functionality. If possible, also convert the assembly to c/c++ code."
|
|
32
|
+
when :asm_to_opcodes
|
|
33
|
+
system_role_content = "Analyze the #{endian} endian #{arch} assembly instructions below and provide a concise summary of their functionality."
|
|
34
|
+
else
|
|
35
|
+
raise "ERROR: Unsupported type parameter value '#{type}'. Supported values are :opcodes_to_asm and :asm_to_opcodes."
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
PWN::AI::Introspection.reflect_on(
|
|
39
|
+
system_role_content: system_role_content,
|
|
40
|
+
request: request,
|
|
41
|
+
suppress_pii_warning: true
|
|
42
|
+
)
|
|
43
|
+
rescue StandardError => e
|
|
44
|
+
raise e.backtrace
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
48
|
+
|
|
49
|
+
public_class_method def self.authors
|
|
50
|
+
"AUTHOR(S):
|
|
51
|
+
0day Inc. <support@0dayinc.com>
|
|
52
|
+
"
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
# Display Usage for this Module
|
|
56
|
+
|
|
57
|
+
public_class_method def self.help
|
|
58
|
+
puts "USAGE:
|
|
59
|
+
|
|
60
|
+
#{self}.authors
|
|
61
|
+
"
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze Bitcoin blockchain information. It provides insights and summaries based on the latest block data retrieved from a Bitcoin node using `PWN::Blockchain::BTC.get_latest_block`.
|
|
7
|
+
module BTC
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::BTC.analyze(
|
|
10
|
+
# request: 'required - latest block information retrieved from a bitcoin node via `PWN::Blockchain::BTC.get_latest_block`'
|
|
11
|
+
# )
|
|
12
|
+
|
|
13
|
+
public_class_method def self.analyze(opts = {})
|
|
14
|
+
request = opts[:request]
|
|
15
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
16
|
+
|
|
17
|
+
system_role_content = 'Provide a useful summary of this latest bitcoin block returned from a bitcoin node via getblockchaininfo.'
|
|
18
|
+
|
|
19
|
+
PWN::AI::Introspection.reflect_on(
|
|
20
|
+
system_role_content: system_role_content,
|
|
21
|
+
request: request,
|
|
22
|
+
suppress_pii_warning: true
|
|
23
|
+
)
|
|
24
|
+
rescue StandardError => e
|
|
25
|
+
raise e.backtrace
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
29
|
+
|
|
30
|
+
public_class_method def self.authors
|
|
31
|
+
"AUTHOR(S):
|
|
32
|
+
0day Inc. <support@0dayinc.com>
|
|
33
|
+
"
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# Display Usage for this Module
|
|
37
|
+
|
|
38
|
+
public_class_method def self.help
|
|
39
|
+
puts "USAGE:
|
|
40
|
+
|
|
41
|
+
#{self}.authors
|
|
42
|
+
"
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze HTTP request/response pairs and WebSocket messages for high-impact vulnerabilities, with a focus on XSS and related issues. It provides detailed analysis and generates PoCs for identified vulnerabilities.
|
|
7
|
+
module BurpSuite
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::BurpSuite.analyze(
|
|
10
|
+
# request: 'required HTTP request/response pair or WebSocket message as a string'
|
|
11
|
+
# )
|
|
12
|
+
|
|
13
|
+
public_class_method def self.analyze(opts = {})
|
|
14
|
+
request = opts[:request]
|
|
15
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
16
|
+
|
|
17
|
+
system_role_content = '
|
|
18
|
+
Your expertise lies in dissecting HTTP request/response pairs and WebSocket messages to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, race conditions, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
|
|
19
|
+
|
|
20
|
+
During analysis:
|
|
21
|
+
|
|
22
|
+
1. **Parse and Contextualize Traffic**:
|
|
23
|
+
- Break down every element: HTTP method, URI (path, query parameters), headers (e.g., Host, User-Agent, Cookies, Authorization, Referer, Origin, Content-Type), request body (e.g., form data, JSON payloads), response status code, response headers, and response body (HTML, JSON, XML, etc.).
|
|
24
|
+
- Identify dynamic elements: User-controlled inputs (e.g., query params, POST data, headers like X-Forwarded-For), server-side echoes, redirects, and client-side processing.
|
|
25
|
+
- Trace data flow: Map how inputs propagate from request to response, including any client-side JavaScript execution where exploitation may be possible in the client without communicating with the server (e.g. DOM-XSS).
|
|
26
|
+
|
|
27
|
+
2. **Vulnerability Hunting Framework**:
|
|
28
|
+
- **Input Validation & Sanitization**: Check for unescaped/lack of encoding in outputs (e.g., HTML context for XSS, URL context for open redirects).
|
|
29
|
+
- **XSS Focus**: Hunt for sinks like innerHTML/outerHTML, document.write, eval, setTimeout/setInterval with strings, location.href/assign/replace, and history.pushState. Test payloads like <script>alert(1)</script>, javascript:alert(1), and polyglots. For DOM-based, simulate client-side execution.
|
|
30
|
+
- **JavaScript Library Analysis**: If JS is present (e.g., in response body or referenced scripts), deobfuscate and inspect:
|
|
31
|
+
- Objects/properties that could clobber DOM (e.g., window.name, document.cookie manipulation leading to prototype pollution).
|
|
32
|
+
- DOM XSS vectors: Analyze event handlers, querySelector, addEventListener with unsanitized data from location.hash/search, postMessage, or localStorage.
|
|
33
|
+
- Third-party libs (e.g., jQuery, React): Flag known sink patterns like .html(), dangerouslySetInnerHTML, or eval-like functions.
|
|
34
|
+
- **Server-Side Issues**: Probe for SSRF (e.g., via URL params fetching internal resources), IDOR (e.g., manipulating IDs in paths/bodies), rate limiting bypass, and insecure deserialization (e.g., in JSON/PHP objects).
|
|
35
|
+
- **Headers & Misc**: Examine for exposed sensitive info (e.g., debug headers, stack traces), misconfigured security headers (CSP, HSTS), and upload flaws (e.g., file extension bypass).
|
|
36
|
+
- **Chaining Opportunities**: Always consider multi-step exploits, like XSS leading to CSRF token theft or SSRF to internal metadata endpoints.
|
|
37
|
+
|
|
38
|
+
3. **PoC Generation**:
|
|
39
|
+
- Produce concise, step-by-step PoCs in a standardized format:
|
|
40
|
+
- **Description**: Clear vuln summary, CVSS-like severity, and impact.
|
|
41
|
+
- **Steps to Reproduce**: Numbered HTTP requests (use curl or Burp syntax, e.g., `curl -X POST -d "param=<payload>" https://target.com/endpoint`).
|
|
42
|
+
- **Payloads**: Provide working, minimal payloads with variations for evasion (e.g., encoded, obfuscated).
|
|
43
|
+
- **Screenshots/Evidence**: Suggest what to capture (e.g., alert popup for XSS, response diff for IDOR).
|
|
44
|
+
- **Mitigation Advice**: Recommend fixes (e.g., output encoding, input validation).
|
|
45
|
+
- Ensure PoCs are ethical: Target only in-scope assets, avoid DoS, and emphasize disclosure via proper channels (e.g., HackerOne, Bugcrowd).
|
|
46
|
+
- If no vuln found, explain why and suggest further tests (e.g., fuzzing params).
|
|
47
|
+
4. Risk Score:
|
|
48
|
+
For each analysis generate a risk score between 0% - 100% based on exploitability and impact. This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
|
|
49
|
+
|
|
50
|
+
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
|
|
51
|
+
'
|
|
52
|
+
|
|
53
|
+
PWN::AI::Introspection.reflect_on(
|
|
54
|
+
system_role_content: system_role_content,
|
|
55
|
+
request: request,
|
|
56
|
+
suppress_pii_warning: true
|
|
57
|
+
)
|
|
58
|
+
rescue StandardError => e
|
|
59
|
+
raise e.backtrace
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
63
|
+
|
|
64
|
+
public_class_method def self.authors
|
|
65
|
+
"AUTHOR(S):
|
|
66
|
+
0day Inc. <support@0dayinc.com>
|
|
67
|
+
"
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
# Display Usage for this Module
|
|
71
|
+
|
|
72
|
+
public_class_method def self.help
|
|
73
|
+
puts "USAGE:
|
|
74
|
+
|
|
75
|
+
#{self}.authors
|
|
76
|
+
"
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze signal data captured by a software-defined-radio using GQRX. It uses the PWN::AI::Introspection.reflect_on method to analyze the signal data and provide insights based on the location where the data was captured. The agent can determine if the frequency is licensed or unlicensed based on FCC records and provide relevant information about the transmission. This module is useful for security professionals, researchers, and hobbyists interested in analyzing radio signals and understanding their context.
|
|
7
|
+
module SAST
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::GQRX.analyze(
|
|
10
|
+
# request: 'required - A string containing the source code snippet to be analyzed for SAST antipatterns and vulnerabilities.'
|
|
11
|
+
# location: 'required - A string containing a city, state, country, or GPS coordinates where the signal data was captured. This information will be used to provide context for the analysis and to determine if the frequency is licensed or unlicensed based on FCC records.'
|
|
12
|
+
# )
|
|
13
|
+
|
|
14
|
+
public_class_method def self.analyze(opts = {})
|
|
15
|
+
request = opts[:request]
|
|
16
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
17
|
+
|
|
18
|
+
location = opts[:location]
|
|
19
|
+
raise 'ERROR: location parameter is required' if location.nil? || location.empty?
|
|
20
|
+
|
|
21
|
+
system_role_content = "Analyze signal data captured by a software-defined-radio using GQRX at the following location: #{location}. Respond with just FCC information about the transmission if available. If the frequency is unlicensed or not found in FCC records, state that clearly. Be clear and concise in your analysis."
|
|
22
|
+
|
|
23
|
+
PWN::AI::Introspection.reflect_on(
|
|
24
|
+
system_role_content: system_role_content,
|
|
25
|
+
request: request,
|
|
26
|
+
suppress_pii_warning: true
|
|
27
|
+
)
|
|
28
|
+
rescue StandardError => e
|
|
29
|
+
raise e.backtrace
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
33
|
+
|
|
34
|
+
public_class_method def self.authors
|
|
35
|
+
"AUTHOR(S):
|
|
36
|
+
0day Inc. <support@0dayinc.com>
|
|
37
|
+
"
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
# Display Usage for this Module
|
|
41
|
+
|
|
42
|
+
public_class_method def self.help
|
|
43
|
+
puts "USAGE:
|
|
44
|
+
|
|
45
|
+
#{self}.authors
|
|
46
|
+
"
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze various aspects of HackerOne bug bounty programs, including bounty program details, scope details, and hacktivity details. It provides insights and recommendations based on the provided data to help security researchers optimize their efforts on the platform.
|
|
7
|
+
module HackerOne
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::HackerOne.analyze(
|
|
10
|
+
# request: 'required - dataset to analyze, such as bounty program details, scope details, or hacktivity details'
|
|
11
|
+
# type: 'required - type of analysis to perform, such as :bounty_programs, :scope_details, or :hacktivity'
|
|
12
|
+
# )
|
|
13
|
+
|
|
14
|
+
public_class_method def self.analyze(opts = {})
|
|
15
|
+
request = opts[:request]
|
|
16
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
17
|
+
|
|
18
|
+
type = opts[:type]
|
|
19
|
+
raise 'ERROR: type parameter is required' if type.nil? || type.empty?
|
|
20
|
+
|
|
21
|
+
case type.to_s.downcase.to_sym
|
|
22
|
+
when :bounty_programs
|
|
23
|
+
system_role_content = 'Suggest an optimal bug bounty program to target on HackerOne to maximize potential earnings based on values within `min_payout` and publicly known vulnerabilities that have surfaced for the `name` of the program.'
|
|
24
|
+
when :scope_details
|
|
25
|
+
system_role_content = 'Analyze the scope details for the given bug bounty program on HackerOne. Identify key areas of interest, potential vulnerabilities, and any patterns that could inform a targeted security assessment based on the provided scope information.'
|
|
26
|
+
when :hacktivity
|
|
27
|
+
system_role_content = 'Analyze the hacktivity details for the given bug bounty program on HackerOne. Identify significant disclosed reports, common vulnerability types, and any trends that could inform future security assessments based on the provided hacktivity information.'
|
|
28
|
+
else
|
|
29
|
+
raise "ERROR: type parameter value of #{type} is not supported"
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
PWN::AI::Introspection.reflect_on(
|
|
33
|
+
system_role_content: system_role_content,
|
|
34
|
+
request: request,
|
|
35
|
+
spinner: true,
|
|
36
|
+
suppress_pii_warning: true
|
|
37
|
+
)
|
|
38
|
+
rescue StandardError => e
|
|
39
|
+
raise e.backtrace
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
43
|
+
|
|
44
|
+
public_class_method def self.authors
|
|
45
|
+
"AUTHOR(S):
|
|
46
|
+
0day Inc. <support@0dayinc.com>
|
|
47
|
+
"
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
# Display Usage for this Module
|
|
51
|
+
|
|
52
|
+
public_class_method def self.help
|
|
53
|
+
puts "USAGE:
|
|
54
|
+
|
|
55
|
+
#{self}.authors
|
|
56
|
+
"
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze SAST antipatterns within source code repositories. It identifies common coding mistakes, security vulnerabilities, and areas for improvement in code quality. The agent generates an EPSS score for each identified issue, indicating the likelihood of exploitation. It provides detailed explanations of the issues found, along with recommendations for remediation and best practices to enhance code security and maintainability.
|
|
7
|
+
module SAST
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::SAST.analyze(
|
|
10
|
+
# request: 'required - A string containing the source code snippet to be analyzed for SAST antipatterns and vulnerabilities.'
|
|
11
|
+
# )
|
|
12
|
+
|
|
13
|
+
public_class_method def self.analyze(opts = {})
|
|
14
|
+
request = opts[:request]
|
|
15
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
16
|
+
|
|
17
|
+
system_role_content = 'Your sole purpose is to analyze source code snippets and generate an Exploit Prediction Scoring System (EPSS) score between 0% - 100%. Just generate a score unless score is >= 75% in which a PoC and code fix should also be included.'
|
|
18
|
+
|
|
19
|
+
PWN::AI::Introspection.reflect_on(
|
|
20
|
+
system_role_content: system_role_content,
|
|
21
|
+
request: request,
|
|
22
|
+
suppress_pii_warning: true
|
|
23
|
+
)
|
|
24
|
+
rescue StandardError => e
|
|
25
|
+
raise e.backtrace
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
29
|
+
|
|
30
|
+
public_class_method def self.authors
|
|
31
|
+
"AUTHOR(S):
|
|
32
|
+
0day Inc. <support@0dayinc.com>
|
|
33
|
+
"
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# Display Usage for this Module
|
|
37
|
+
|
|
38
|
+
public_class_method def self.help
|
|
39
|
+
puts "USAGE:
|
|
40
|
+
|
|
41
|
+
#{self}.authors
|
|
42
|
+
"
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
module AI
|
|
5
|
+
module Agent
|
|
6
|
+
# This module is an AI agent designed to analyze JavaScript code during a Chrome DevTools debugging session. It generates an Exploit Prediction Scoring System (EPSS) score for each step in the JavaScript code and provides proof-of-concept exploits and code fixes if the score is above a certain threshold.
|
|
7
|
+
module TransparentBrowser
|
|
8
|
+
# Supported Method Parameters::
|
|
9
|
+
# ai_analysis = PWN::AI::Agent::TransparentBrowser.analyze(
|
|
10
|
+
# request: 'required - current step in the JavaScript debugging session to analyze',
|
|
11
|
+
# source_to_review: 'required - the block of JavaScript code in which the current step resides'
|
|
12
|
+
# )
|
|
13
|
+
|
|
14
|
+
public_class_method def self.analyze(opts = {})
|
|
15
|
+
request = opts[:request]
|
|
16
|
+
raise 'ERROR: request parameter is required' if request.nil? || request.empty?
|
|
17
|
+
|
|
18
|
+
source_to_review = opts[:source_to_review]
|
|
19
|
+
raise 'ERROR: source_to_review parameter is required' if source_to_review.nil? || source_to_review.empty?
|
|
20
|
+
|
|
21
|
+
system_role_content = "Being an expert penetration tester skilled in code analysis, debugging, and exploitation while stepping through JavaScript in a Chrome DevTools debugging session: 1. Your sole purpose is to analyze each JavaScript step and generate an Exploit Prediction Scoring System (EPSS) score between 0% - 100%. The step currently resides in this block of JavaScript:\n```\n#{source_to_review}\n```\n2. If the score is >= 75%, generate a JavaScript proof-of-concept that would allow a threat actor to directly exploit or target a user for exploitation (i.e. no self-exploit). 3. If the EPSS score is >= 75% also provide a code fix. *** If the EPSS score is < 75%, no explanations or summaries - just the EPSS score."
|
|
22
|
+
|
|
23
|
+
PWN::AI::Introspection.reflect_on(
|
|
24
|
+
system_role_content: system_role_content,
|
|
25
|
+
request: request,
|
|
26
|
+
suppress_pii_warning: true
|
|
27
|
+
)
|
|
28
|
+
rescue StandardError => e
|
|
29
|
+
raise e.backtrace
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
33
|
+
|
|
34
|
+
public_class_method def self.authors
|
|
35
|
+
"AUTHOR(S):
|
|
36
|
+
0day Inc. <support@0dayinc.com>
|
|
37
|
+
"
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
# Display Usage for this Module
|
|
41
|
+
|
|
42
|
+
public_class_method def self.help
|
|
43
|
+
puts "USAGE:
|
|
44
|
+
|
|
45
|
+
#{self}.authors
|
|
46
|
+
"
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
data/lib/pwn/ai/agent.rb
ADDED
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module PWN
|
|
4
|
+
# This file, using the autoload directive loads SAST modules
|
|
5
|
+
# into memory only when they're needed. For more information, see:
|
|
6
|
+
# http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
|
|
7
|
+
module AI
|
|
8
|
+
# Collection of Agentic AI Modules. These modules are designed to perform specific tasks autonomously, such as interacting with APIs, performing reconnaissance, or automating exploitation steps. Each module is designed to be used within an agentic AI framework, allowing for the creation of intelligent agents that can perform complex tasks without human intervention. The Agent module serves as a namespace for all agentic AI modules, providing a structured way to organize and access these functionalities. By using autoload, we ensure that each module is only loaded into memory when it's actually needed, optimizing resource usage and improving performance.
|
|
9
|
+
module Agent
|
|
10
|
+
# Agentic AI Modules
|
|
11
|
+
autoload :Assembly, 'pwn/ai/agent/assembly'
|
|
12
|
+
autoload :BTC, 'pwn/ai/agent/btc'
|
|
13
|
+
autoload :BurpSuite, 'pwn/ai/agent/burp_suite'
|
|
14
|
+
autoload :HackerOne, 'pwn/ai/agent/hacker_one'
|
|
15
|
+
autoload :GQRX, 'pwn/ai/agent/gqrx'
|
|
16
|
+
autoload :SAST, 'pwn/ai/agent/sast'
|
|
17
|
+
autoload :TransparentBrowser, 'pwn/ai/agent/transparent_browser'
|
|
18
|
+
|
|
19
|
+
# Display a List of Every PWN::AI Module
|
|
20
|
+
|
|
21
|
+
public_class_method def self.help
|
|
22
|
+
constants.sort
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
data/lib/pwn/ai.rb
CHANGED
|
@@ -5,6 +5,7 @@ module PWN
|
|
|
5
5
|
# into memory only when they're needed. For more information, see:
|
|
6
6
|
# http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
|
|
7
7
|
module AI
|
|
8
|
+
autoload :Agent, 'pwn/ai/agent'
|
|
8
9
|
autoload :Grok, 'pwn/ai/grok'
|
|
9
10
|
autoload :Introspection, 'pwn/ai/introspection'
|
|
10
11
|
autoload :Ollama, 'pwn/ai/ollama'
|
data/lib/pwn/blockchain/btc.rb
CHANGED
|
@@ -182,11 +182,8 @@ module PWN
|
|
|
182
182
|
|
|
183
183
|
public_class_method def self.get_latest_block
|
|
184
184
|
latest_block = btc_rpc_call(method: 'getblockchaininfo', params: [])
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
request: latest_block.to_s,
|
|
188
|
-
system_role_content: system_role_content,
|
|
189
|
-
suppress_pii_warning: true
|
|
185
|
+
ai_analysis = PWN::AI::Agent::BTC.analyze(
|
|
186
|
+
request: latest_block.to_s
|
|
190
187
|
)
|
|
191
188
|
puts ai_analysis
|
|
192
189
|
|
data/lib/pwn/plugins/assembly.rb
CHANGED
|
@@ -6,7 +6,7 @@ require 'tempfile'
|
|
|
6
6
|
|
|
7
7
|
module PWN
|
|
8
8
|
module Plugins
|
|
9
|
-
# This plugin
|
|
9
|
+
# This plugin provides methods for converting between hex escaped opcodes and assembly instructions using the Metasm library.
|
|
10
10
|
module Assembly
|
|
11
11
|
# Supported Method Parameters::
|
|
12
12
|
# PWN::Plugins::Assembly.opcodes_to_asm(
|
|
@@ -25,11 +25,11 @@ module PWN
|
|
|
25
25
|
|
|
26
26
|
raise 'ERROR: opcodes parameter is required.' if opcodes.nil?
|
|
27
27
|
|
|
28
|
-
|
|
29
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
28
|
+
ai_analysis = PWN::AI::Agent.analyze(
|
|
30
29
|
request: opcodes,
|
|
31
|
-
|
|
32
|
-
|
|
30
|
+
type: :opcodes_to_asm,
|
|
31
|
+
arch: arch,
|
|
32
|
+
endian: endian
|
|
33
33
|
)
|
|
34
34
|
|
|
35
35
|
case arch.to_s.downcase
|
|
@@ -138,11 +138,11 @@ module PWN
|
|
|
138
138
|
|
|
139
139
|
raise 'ERROR: asm parameter is required.' if asm.nil?
|
|
140
140
|
|
|
141
|
-
|
|
142
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
141
|
+
ai_analysis = PWN::AI::Agent.analyze(
|
|
143
142
|
request: asm,
|
|
144
|
-
|
|
145
|
-
|
|
143
|
+
type: :asm_to_opcodes,
|
|
144
|
+
arch: arch,
|
|
145
|
+
endian: endian
|
|
146
146
|
)
|
|
147
147
|
|
|
148
148
|
case arch.to_s.downcase
|
|
@@ -53,7 +53,7 @@ module PWN
|
|
|
53
53
|
# spin up Thread to:
|
|
54
54
|
# 1. Periodically call get_proxy_history(burp_obj: burp_obj) method
|
|
55
55
|
# 2. For each entry w/ empty comment,
|
|
56
|
-
# generate AI analysis via PWN::AI::
|
|
56
|
+
# generate AI analysis via PWN::AI::Agent::BurpSuite.analyze(...)
|
|
57
57
|
# and populate the comment field for the entry.
|
|
58
58
|
# 3. Update the highlight field based on EPSS score extracted from AI analysis.
|
|
59
59
|
# 4. Call update_proxy_history(burp_obj: burp_obj, entry: updated_entry)
|
|
@@ -67,42 +67,6 @@ module PWN
|
|
|
67
67
|
if PWN::Env[:ai][:introspection]
|
|
68
68
|
introspection_thread_arr = burp_obj[:introspection_threads] ||= []
|
|
69
69
|
introspection_thread = Thread.new do
|
|
70
|
-
system_role_content = '
|
|
71
|
-
Your expertise lies in dissecting HTTP request/response pairs and WebSocket messages to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, race conditions, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
|
|
72
|
-
|
|
73
|
-
During analysis:
|
|
74
|
-
|
|
75
|
-
1. **Parse and Contextualize Traffic**:
|
|
76
|
-
- Break down every element: HTTP method, URI (path, query parameters), headers (e.g., Host, User-Agent, Cookies, Authorization, Referer, Origin, Content-Type), request body (e.g., form data, JSON payloads), response status code, response headers, and response body (HTML, JSON, XML, etc.).
|
|
77
|
-
- Identify dynamic elements: User-controlled inputs (e.g., query params, POST data, headers like X-Forwarded-For), server-side echoes, redirects, and client-side processing.
|
|
78
|
-
- Trace data flow: Map how inputs propagate from request to response, including any client-side JavaScript execution where exploitation may be possible in the client without communicating with the server (e.g. DOM-XSS).
|
|
79
|
-
|
|
80
|
-
2. **Vulnerability Hunting Framework**:
|
|
81
|
-
- **Input Validation & Sanitization**: Check for unescaped/lack of encoding in outputs (e.g., HTML context for XSS, URL context for open redirects).
|
|
82
|
-
- **XSS Focus**: Hunt for sinks like innerHTML/outerHTML, document.write, eval, setTimeout/setInterval with strings, location.href/assign/replace, and history.pushState. Test payloads like <script>alert(1)</script>, javascript:alert(1), and polyglots. For DOM-based, simulate client-side execution.
|
|
83
|
-
- **JavaScript Library Analysis**: If JS is present (e.g., in response body or referenced scripts), deobfuscate and inspect:
|
|
84
|
-
- Objects/properties that could clobber DOM (e.g., window.name, document.cookie manipulation leading to prototype pollution).
|
|
85
|
-
- DOM XSS vectors: Analyze event handlers, querySelector, addEventListener with unsanitized data from location.hash/search, postMessage, or localStorage.
|
|
86
|
-
- Third-party libs (e.g., jQuery, React): Flag known sink patterns like .html(), dangerouslySetInnerHTML, or eval-like functions.
|
|
87
|
-
- **Server-Side Issues**: Probe for SSRF (e.g., via URL params fetching internal resources), IDOR (e.g., manipulating IDs in paths/bodies), rate limiting bypass, and insecure deserialization (e.g., in JSON/PHP objects).
|
|
88
|
-
- **Headers & Misc**: Examine for exposed sensitive info (e.g., debug headers, stack traces), misconfigured security headers (CSP, HSTS), and upload flaws (e.g., file extension bypass).
|
|
89
|
-
- **Chaining Opportunities**: Always consider multi-step exploits, like XSS leading to CSRF token theft or SSRF to internal metadata endpoints.
|
|
90
|
-
|
|
91
|
-
3. **PoC Generation**:
|
|
92
|
-
- Produce concise, step-by-step PoCs in a standardized format:
|
|
93
|
-
- **Description**: Clear vuln summary, CVSS-like severity, and impact.
|
|
94
|
-
- **Steps to Reproduce**: Numbered HTTP requests (use curl or Burp syntax, e.g., `curl -X POST -d "param=<payload>" https://target.com/endpoint`).
|
|
95
|
-
- **Payloads**: Provide working, minimal payloads with variations for evasion (e.g., encoded, obfuscated).
|
|
96
|
-
- **Screenshots/Evidence**: Suggest what to capture (e.g., alert popup for XSS, response diff for IDOR).
|
|
97
|
-
- **Mitigation Advice**: Recommend fixes (e.g., output encoding, input validation).
|
|
98
|
-
- Ensure PoCs are ethical: Target only in-scope assets, avoid DoS, and emphasize disclosure via proper channels (e.g., HackerOne, Bugcrowd).
|
|
99
|
-
- If no vuln found, explain why and suggest further tests (e.g., fuzzing params).
|
|
100
|
-
4. Risk Score:
|
|
101
|
-
For each analysis generate a risk score between 0% - 100% based on exploitability and impact. This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
|
|
102
|
-
|
|
103
|
-
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
|
|
104
|
-
'
|
|
105
|
-
|
|
106
70
|
get_highlight_color = lambda do |opts = {}|
|
|
107
71
|
ai_analysis = opts[:ai_analysis]
|
|
108
72
|
|
|
@@ -169,10 +133,8 @@ module PWN
|
|
|
169
133
|
response = Base64.strict_decode64(response)
|
|
170
134
|
|
|
171
135
|
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
172
|
-
ai_analysis = PWN::AI::
|
|
173
|
-
|
|
174
|
-
request: http_request_response,
|
|
175
|
-
suppress_pii_warning: true
|
|
136
|
+
ai_analysis = PWN::AI::Agent::BurpSuite.analyze(
|
|
137
|
+
request: http_request_response
|
|
176
138
|
)
|
|
177
139
|
|
|
178
140
|
next if ai_analysis.nil? || ai_analysis.strip.empty?
|
|
@@ -225,10 +187,8 @@ module PWN
|
|
|
225
187
|
request = Base64.strict_decode64(request)
|
|
226
188
|
response = Base64.strict_decode64(response)
|
|
227
189
|
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
228
|
-
ai_analysis = PWN::AI::
|
|
229
|
-
|
|
230
|
-
request: http_request_response,
|
|
231
|
-
suppress_pii_warning: true
|
|
190
|
+
ai_analysis = PWN::AI::Agent::BurpSuite.analyze(
|
|
191
|
+
request: http_request_response
|
|
232
192
|
)
|
|
233
193
|
|
|
234
194
|
next if ai_analysis.nil? || ai_analysis.strip.empty?
|
|
@@ -259,10 +219,8 @@ module PWN
|
|
|
259
219
|
|
|
260
220
|
payload = Base64.strict_decode64(payload)
|
|
261
221
|
websocket_req = PWN::Plugins::Char.force_utf8("WebSocket ID: #{web_socket_id}\nDirection: #{direction}\nPayload:\n#{payload}")
|
|
262
|
-
ai_analysis = PWN::AI::
|
|
263
|
-
|
|
264
|
-
request: websocket_req,
|
|
265
|
-
suppress_pii_warning: true
|
|
222
|
+
ai_analysis = PWN::AI::Agent::BurpSuite.analyze(
|
|
223
|
+
request: websocket_req
|
|
266
224
|
)
|
|
267
225
|
|
|
268
226
|
next if ai_analysis.nil? || ai_analysis.strip.empty?
|
|
@@ -1413,12 +1413,9 @@ module PWN
|
|
|
1413
1413
|
end
|
|
1414
1414
|
|
|
1415
1415
|
if current_step.length.positive?
|
|
1416
|
-
|
|
1417
|
-
|
|
1418
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
1419
|
-
system_role_content: system_role_content,
|
|
1416
|
+
ai_analysis = PWN::AI::Agent::TransparentBrowser.analyze(
|
|
1420
1417
|
request: current_step,
|
|
1421
|
-
|
|
1418
|
+
source_to_review: source_to_review
|
|
1422
1419
|
)
|
|
1423
1420
|
puts "^^^ #{ai_analysis}" unless ai_analysis.nil?
|
|
1424
1421
|
end
|
data/lib/pwn/sast/pom_version.rb
CHANGED
|
@@ -83,11 +83,8 @@ module PWN
|
|
|
83
83
|
source_code_snippet: contents
|
|
84
84
|
}.to_json
|
|
85
85
|
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
system_role_content: system_role_content,
|
|
89
|
-
request: request,
|
|
90
|
-
suppress_pii_warning: true
|
|
86
|
+
ai_analysis = PWN::AI::Agent::SAST.analyze(
|
|
87
|
+
request: request
|
|
91
88
|
)
|
|
92
89
|
ai_analysis ||= 'N/A'
|
|
93
90
|
|
|
@@ -125,11 +125,8 @@ module PWN
|
|
|
125
125
|
source_code_snippet: contents
|
|
126
126
|
}.to_json
|
|
127
127
|
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
system_role_content: system_role_content,
|
|
131
|
-
request: request,
|
|
132
|
-
suppress_pii_warning: true
|
|
128
|
+
ai_analysis = PWN::AI::Agent::SAST.analyze(
|
|
129
|
+
request: request
|
|
133
130
|
)
|
|
134
131
|
ai_analysis ||= 'N/A'
|
|
135
132
|
|
data/lib/pwn/sdr/gqrx.rb
CHANGED
|
@@ -957,11 +957,9 @@ module PWN
|
|
|
957
957
|
prev_freq_obj[:strength_db] = best_strength_db.round(1)
|
|
958
958
|
prev_freq_obj[:iteration] = iteration_total
|
|
959
959
|
|
|
960
|
-
|
|
961
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
960
|
+
ai_analysis = PWN::AI::Agent::GQRX.analyze(
|
|
962
961
|
request: prev_freq_obj.to_json,
|
|
963
|
-
|
|
964
|
-
suppress_pii_warning: true
|
|
962
|
+
location: location
|
|
965
963
|
)
|
|
966
964
|
|
|
967
965
|
prev_freq_obj[:ai_analysis] = ai_analysis unless ai_analysis.nil?
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -135,12 +135,9 @@ module PWN
|
|
|
135
135
|
|
|
136
136
|
programs_arr.sort_by! { |p| -p[:min_payout].gsub('$', '').gsub(',', '').to_f }
|
|
137
137
|
|
|
138
|
-
|
|
139
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
138
|
+
ai_analysis = PWN::AI::Agent::HackerOne.analyze(
|
|
140
139
|
request: programs_arr.to_json,
|
|
141
|
-
|
|
142
|
-
spinner: true,
|
|
143
|
-
suppress_pii_warning: true
|
|
140
|
+
type: :bounty_programs
|
|
144
141
|
)
|
|
145
142
|
puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
|
|
146
143
|
|
|
@@ -281,12 +278,9 @@ module PWN
|
|
|
281
278
|
scope_details: json_resp_hash
|
|
282
279
|
}
|
|
283
280
|
|
|
284
|
-
|
|
285
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
281
|
+
ai_analysis = PWN::AI::Agent::HackerOne.analyze(
|
|
286
282
|
request: json_resp.to_json,
|
|
287
|
-
|
|
288
|
-
spinner: true,
|
|
289
|
-
suppress_pii_warning: true
|
|
283
|
+
type: :scope_details
|
|
290
284
|
)
|
|
291
285
|
puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
|
|
292
286
|
|
|
@@ -430,12 +424,9 @@ module PWN
|
|
|
430
424
|
hacktivity: json_resp_hash
|
|
431
425
|
}
|
|
432
426
|
|
|
433
|
-
|
|
434
|
-
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
427
|
+
ai_analysis = PWN::AI::Agent::HackerOne.analyze(
|
|
435
428
|
request: json_resp.to_json,
|
|
436
|
-
|
|
437
|
-
spinner: true,
|
|
438
|
-
suppress_pii_warning: true
|
|
429
|
+
type: :hacktivity
|
|
439
430
|
)
|
|
440
431
|
puts "\n\n#{ai_analysis}" unless ai_analysis.nil?
|
|
441
432
|
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::Assembly do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::Assembly
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::Assembly
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::Assembly
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::BTC do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::BTC
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::BTC
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::BTC
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::BurpSuite do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::BurpSuite
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::BurpSuite
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::BurpSuite
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::GQRX do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::GQRX
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::GQRX
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::GQRX
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::HackerOne do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::HackerOne
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::HackerOne
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::HackerOne
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::SAST do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::SAST
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::SAST
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::SAST
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::AI::Agent::TransparentBrowser do
|
|
6
|
+
it 'scan method should exist' do
|
|
7
|
+
scan_response = PWN::AI::Agent::TransparentBrowser
|
|
8
|
+
expect(scan_response).to respond_to :scan
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for authors' do
|
|
12
|
+
authors_response = PWN::AI::Agent::TransparentBrowser
|
|
13
|
+
expect(authors_response).to respond_to :authors
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it 'should display information for existing help method' do
|
|
17
|
+
help_response = PWN::AI::Agent::TransparentBrowser
|
|
18
|
+
expect(help_response).to respond_to :help
|
|
19
|
+
end
|
|
20
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.540
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -1758,6 +1758,14 @@ files:
|
|
|
1758
1758
|
- install.sh
|
|
1759
1759
|
- lib/pwn.rb
|
|
1760
1760
|
- lib/pwn/ai.rb
|
|
1761
|
+
- lib/pwn/ai/agent.rb
|
|
1762
|
+
- lib/pwn/ai/agent/assembly.rb
|
|
1763
|
+
- lib/pwn/ai/agent/btc.rb
|
|
1764
|
+
- lib/pwn/ai/agent/burp_suite.rb
|
|
1765
|
+
- lib/pwn/ai/agent/gqrx.rb
|
|
1766
|
+
- lib/pwn/ai/agent/hacker_one.rb
|
|
1767
|
+
- lib/pwn/ai/agent/sast.rb
|
|
1768
|
+
- lib/pwn/ai/agent/transparent_browser.rb
|
|
1761
1769
|
- lib/pwn/ai/grok.rb
|
|
1762
1770
|
- lib/pwn/ai/introspection.rb
|
|
1763
1771
|
- lib/pwn/ai/ollama.rb
|
|
@@ -2118,6 +2126,14 @@ files:
|
|
|
2118
2126
|
- packer/provisioners/zzuf.sh
|
|
2119
2127
|
- pwn.gemspec
|
|
2120
2128
|
- reinstall_gemset.sh
|
|
2129
|
+
- spec/lib/pwn/ai/agent/assembly_spec.rb
|
|
2130
|
+
- spec/lib/pwn/ai/agent/btc_spec.rb
|
|
2131
|
+
- spec/lib/pwn/ai/agent/burp_suite_spec.rb
|
|
2132
|
+
- spec/lib/pwn/ai/agent/gqrx_spec.rb
|
|
2133
|
+
- spec/lib/pwn/ai/agent/hacker_one_spec.rb
|
|
2134
|
+
- spec/lib/pwn/ai/agent/sast_spec.rb
|
|
2135
|
+
- spec/lib/pwn/ai/agent/transparent_browser_spec.rb
|
|
2136
|
+
- spec/lib/pwn/ai/agent_spec.rb
|
|
2121
2137
|
- spec/lib/pwn/ai/grok_spec.rb
|
|
2122
2138
|
- spec/lib/pwn/ai/introspection_spec.rb
|
|
2123
2139
|
- spec/lib/pwn/ai/ollama_spec.rb
|