pwn 0.5.552 → 0.5.553
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/ai/agent/burp_suite.rb +1 -1
- data/lib/pwn/plugins/burp_suite.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b63daf980e7d378a35b6969dab3552dc628c44b248ff5200c8ab994d0a18a19e
|
|
4
|
+
data.tar.gz: f828d48541156917caea7b7079f5513ad61743a41945a8813e6544dc43252fcb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ff6019fa716cf5783b24cd78b58c4fb4a56b4f183db67a88565c4923bc1a8640eb10bb3cc6b51a71746a73ff75a69060a5af92d4e244d68a626550eeba8f1507
|
|
7
|
+
data.tar.gz: 2dddb9bac901fd203ec3edb436ec286bb8f519c50b03945111fa5d5ac91b95a156a80c554fb0a1bb3e0fe02342eebdbe9851415c60902ec82d447be85610632e
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.553]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.553]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.553]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -47,7 +47,7 @@ module PWN
|
|
|
47
47
|
4. Risk Score:
|
|
48
48
|
For each analysis generate a risk score between 0% - 100% based on exploitability and impact. This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
|
|
49
49
|
|
|
50
|
-
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
|
|
50
|
+
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications. If analyzing a JavaScript source map file (i.e. .js.map), focus on deobfuscating and identifying any potentially vulnerable code patterns, especially those that could lead to client-side vulnerabilities like DOM XSS, prototype pollution, or insecure deserialization. Look for patterns such as eval, document.write, innerHTML assignments, and event handlers that could be influenced by user input. Provide detailed analysis and PoCs if vulnerabilities are identified.
|
|
51
51
|
'
|
|
52
52
|
|
|
53
53
|
PWN::AI::Introspection.reflect_on(
|
data/lib/pwn/version.rb
CHANGED