pwn 0.5.561 → 0.5.573

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: da1f346a63c2a3b01cdb7ec600e6ae7a727ae4598d271c314282e8277f09a27d
-  data.tar.gz: 8226717e5181b99a8d2640fc46d97b33d7f9904d01b62f57bb919b42d3b6275b
+  metadata.gz: 33e312831eb63249fad1a0f98b4386085255ee84188e76ddb1259ce9a5083e34
+  data.tar.gz: e61b59c15b896fbc3c5206e5e95a796d5e0f279d0c401b506b3fc075846426bf
 SHA512:
-  metadata.gz: 5b7db3ff61f7a3c57271674712613d8501e10072f0a8442623f1ef9138d36e4444f90c3afd507f0b0946120e4e1c22393a6978c8d0d96c1aaeada080bcea0425
-  data.tar.gz: b0d75d83a38592831c55a21b5f00fd9a362e2ad1c224afe72f27a9065ca060065b3a5425b82a059c669ca3770e8b61b9abf6454829361750412646ec34d6844b
+  metadata.gz: e22d19452e6316c0aca8a4059b734302177eb03fe8bd59765fd0473fec096b3761dcc784fe0976241b21ab3e31349a2e7776a1ccccdb963edff63e24189308d8
+  data.tar.gz: ec98c1cc869f2e91b40cbc0be9ba05ae4c82ef5721e49dd959c3610d06dc1c9985b3580a464a1fc274a55762e27405140de52d096ce34f18fd74f19c87819b67

data/.rubocop.yml

@@ -6,7 +6,7 @@ Layout/LineLength:
 Lint/UselessRescue:
   Enabled: false
 Metrics/AbcSize:
-  Max: 563.8
+  Max: 720
 Metrics/BlockLength:
   Max: 292
 Metrics/BlockNesting:

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2026-02-27 17:49:20 UTC using RuboCop version 1.85.0.
+# on 2026-06-05 17:51:34 UTC using RuboCop version 1.86.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -36,7 +36,7 @@ Lint/ShadowedException:
     - 'lib/pwn/sdr/decoder/flex.rb'
     - 'lib/pwn/sdr/decoder/pocsag.rb'
 
-# Offense count: 301
+# Offense count: 302
 # This cop supports safe autocorrection (--autocorrect).
 Lint/UselessAssignment:
   Enabled: false
@@ -66,9 +66,10 @@ Metrics/MethodLength:
   Exclude:
     - 'lib/pwn/banner/code_cave.rb'
 
-# Offense count: 7
+# Offense count: 8
 Naming/AccessorMethodName:
   Exclude:
+    - 'lib/pwn/ai/anthropic.rb'
     - 'lib/pwn/ai/grok.rb'
     - 'lib/pwn/ai/ollama.rb'
     - 'lib/pwn/ai/open_ai.rb'

data/.ruby-version

@@ -1 +1 @@
-4.0.1
+4.0.5

data/Gemfile

@@ -20,11 +20,11 @@ gem 'base32', '0.3.4'
 gem 'bitcoin-ruby', '0.0.20'
 gem 'brakeman', '8.0.4'
 gem 'bson', '5.2.0'
-gem 'bundler', '>=4.0.10'
+gem 'bundler', '>=4.0.13'
 gem 'bundler-audit', '>=0.9.3'
 gem 'bunny', '3.1.0'
 gem 'colorize', '1.1.0'
-gem 'credit_card_validations', '8.0.0'
+gem 'credit_card_validations', '9.0.0'
 gem 'curses', '1.6.0'
 gem 'diffy', '3.4.4'
 gem 'eventmachine', '1.2.7'
@@ -37,7 +37,7 @@ gem 'gdb', '1.0.0'
 gem 'gem-wrappers', '1.4.0'
 gem 'geocoder', '1.8.6'
 gem 'gist', '6.0.0'
-gem 'gruff', '0.30.0'
+gem 'gruff', '0.32.0'
 gem 'htmlentities', '4.4.2'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
@@ -45,21 +45,21 @@ gem 'js-beautify', '0.1.8'
 gem 'json', '>=2.13.2'
 gem 'jsonpath', '1.1.5'
 gem 'json_schemer', '2.5.0'
-gem 'jwt', '3.1.2'
+gem 'jwt', '3.2.0'
 gem 'libusb', '0.7.2'
 gem 'luhn', '3.0.0'
 gem 'mail', '2.9.0'
-gem 'mcp', '0.13.0'
-gem 'meshtastic', '0.0.160'
-gem 'metasm', '1.0.5'
-gem 'mongo', '2.23.0'
+gem 'mcp', '0.18.0'
+gem 'meshtastic', '0.0.163'
+gem 'metasm', '1.0.6'
+gem 'mongo', '2.24.1'
 gem 'msfrpc-client', '1.1.2'
 gem 'netaddr', '2.0.6'
 gem 'net-ldap', '0.20.0'
 gem 'net-openvpn', '0.8.7'
 gem 'net-smtp', '0.5.1'
 gem 'nexpose', '7.3.0'
-gem 'nokogiri', '1.19.2'
+gem 'nokogiri', '1.19.3'
 gem 'nokogiri-diff', '0.3.0'
 gem 'oily_png', '1.2.1'
 gem 'open3', '0.2.1'
@@ -73,28 +73,28 @@ gem 'pry', '0.16.0'
 gem 'pry-doc', '1.7.0'
 gem 'rake', '13.4.2'
 gem 'rb-readline', '0.5.5'
-gem 'rbvmomi2', '3.9.0'
-gem 'rdoc', '7.0.3'
+gem 'rbvmomi2', '3.10.0'
+gem 'rdoc', '7.0.4'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '6.3.0'
+gem 'rmagick', '7.0.3'
 gem 'rqrcode', '3.2.0'
 gem 'rspec', '3.13.2'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.86.1'
+gem 'rubocop', '1.87.0'
 gem 'rubocop-rake', '0.7.1'
-gem 'rubocop-rspec', '3.9.0'
+gem 'rubocop-rspec', '3.10.2'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.18.1'
 gem 'rvm', '1.11.3.9'
-gem 'savon', '2.15.1'
-gem 'selenium-devtools', '0.147.0'
-gem 'selenium-webdriver', '4.43.0'
+gem 'savon', '2.17.1'
+gem 'selenium-devtools', '0.148.0'
+gem 'selenium-webdriver', '4.44.0'
 gem 'slack-ruby-client', '3.1.0'
 gem 'socksify', '1.8.1'
-gem 'spreadsheet', '1.3.4'
-gem 'sqlite3', '2.9.3'
+gem 'spreadsheet', '1.3.5'
+gem 'sqlite3', '2.9.5'
 gem 'thin', '2.0.1'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'
@@ -105,4 +105,4 @@ gem 'webrick', '1.9.2'
 gem 'whois', '6.0.3'
 gem 'whois-parser', '2.0.0'
 gem 'wicked_pdf', '2.8.2'
-gem 'yard', '0.9.43'
+gem 'yard', '0.9.44'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.561]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -48,21 +48,21 @@ pwn[v0.5.561]:001 >>> PWN.help
 It's wise to update pwn often as numerous versions are released/week:
 ```
 $ rvm list gemsets
-$ rvm use ruby-4.0.1@pwn
+$ rvm use ruby-4.0.5@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.561]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
 ```
 $ rvm list gemsets
-$ rvm use ruby-4.0.1@pwn
+$ rvm use ruby-4.0.5@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.561]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/build_gem.sh

@@ -1,17 +1,22 @@
 #!/bin/bash --login
+set -eo pipefail
+shopt -s nullglob
+export rvmsudo_secure_path=1
+
 if [[ -d '/opt/pwn' ]]; then
   pwn_root='/opt/pwn' 
 else
   pwn_root="${PWN_ROOT}"
 fi
 
-ls pkg/*.gem | while read previous_gems; do 
-  rvmsudo rm $previous_gems
+for previous_gem in pkg/*.gem; do
+  rvmsudo rm "$previous_gem"
 done
 old_ruby_version=`cat ${pwn_root}/.ruby-version`
 # Default Strategy is to merge codebase
-rvmsudo git config pull.rebase false 
-rvmsudo git pull
+sudo chown -R $USER:$USER $pwn_root
+git config pull.rebase false 
+git pull
 new_ruby_version=`cat ${pwn_root}/.ruby-version`
 
 rvmsudo gem update --system
@@ -19,13 +24,12 @@ rvmsudo gem update --system
 if [[ $old_ruby_version == $new_ruby_version ]]; then
   export rvmsudo_secure_path=1
   rvmsudo /bin/bash --login -c "cd ${pwn_root} && ./reinstall_gemset.sh"
-  cd /tmp && cd $pwn_root
-  rvmsudo rake
-  rvmsudo rake install
-  rvmsudo rake rerdoc
-  rvmsudo gem rdoc --backtrace --rdoc --ri --overwrite -V pwn
+  cd /tmp && cd "$pwn_root"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake install"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake rerdoc"
   echo "Invoking bundle-audit Gemfile Scanner..."
-  rvmsudo bundle-audit
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec bundle-audit"
 else
   cd $pwn_root && ./upgrade_ruby.sh $new_ruby_version $old_ruby_version
 fi

data/documentation/lifecycle_authz_replay.example.yaml

@@ -0,0 +1,27 @@
+campaign:
+  id: github-collaborator-revoke
+  label: GitHub collaborator removal replay
+  target: https://github.com/acme/private-repo
+  change_event: remove_collaborator
+  notes: Capture access before and after collaborator removal.
+
+actors:
+  - id: owner
+    label: Repository owner account
+  - id: revoked_user
+    label: User removed from repository
+
+surfaces:
+  - id: repo_settings_page
+    label: Repository settings HTML page
+  - id: repo_metadata_api
+    label: Repository metadata API endpoint
+
+checkpoints:
+  - pre_change
+  - post_change_t0
+  - post_change_tn
+
+expected_denied_after:
+  - post_change_t0
+  - post_change_tn

data/documentation/vulnerability_report_template.md

@@ -0,0 +1,37 @@
+# Vulnerability Report Template
+
+**Program:** [HackerOne Program Name]
+**Report Date:** [YYYY-MM-DD]
+**Severity:** [Critical/High/Medium/Low]
+
+## 1. Detailed finding description with technical depth and PoC when possible
+
+[Insert deep technical analysis, affected endpoints, steps to reproduce, PoC code/requests here.]
+
+## 2. Business impact
+
+[Business/reputational/financial consequences.]
+
+## 3. Remediation recommendations, including compensating controls / stop gaps
+
+[Fix recommendations, WAF rules, logging, etc.]
+
+## 4. CVSS score, vector string, and first.org calculator URI
+
+**CVSS v3.1 Score:** X.X (High)
+**Vector:** AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+**Calculator:** https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+
+## 5. CWE category, brief description, and CWE URI
+
+**CWE-XXX:** [Name] - [Brief desc]
+https://cwe.mitre.org/data/definitions/XXX.html
+
+## 6. Relevant NIST 800-53 control
+
+**Control:** [e.g. SI-10, AC-6]
+[Description and how it maps.]
+
+---
+
+*Generated with PWN::AI::Agent::VulnGen*

data/lib/pwn/ai/agent/vuln_gen.rb

@@ -1,18 +1,29 @@
 # frozen_string_literal: true
 
+require 'fileutils'
+
 module PWN
   module AI
     module Agent
-      # This module is an AI agent designed to analyze generic vulnerability descriptions and generate detailed security findings, including business impact, remediation recommendations, CVSS scoring, CWE categorization, and relevant NIST 800-53 controls. It leverages the PWN::AI::Introspection.reflect_on method to process the input request and produce comprehensive markdown-formatted findings.
+      # This module is an AI agent designed to analyze generic vulnerability descriptions and generate detailed security findings following the exact bug bounty writeup structure:
+      # 1. Detailed finding description with technical depth and PoC when possible
+      # 2. Business impact
+      # 3. Remediation recommendations, including compensating controls / stop gaps
+      # 4. CVSS score, vector string, and first.org calculator URI
+      # 5. CWE category, brief description, and CWE URI
+      # 6. Relevant NIST 800-53 control
+      # It leverages the PWN::AI::Introspection.reflect_on method. Defaults to Jira for existing workflow compatibility.
       module VulnGen
         # Supported Method Parameters::
         # ai_analysis = PWN::AI::Agent::VulnGen.analyze(
         #   request: 'required - high level description of vulnerability discovered (e.g. "Discovered a SQLi vulnerability in /login"',
-        #   markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)'
+        #   markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)',
+        #   output_path: 'optional - path to save the generated markdown report'
         # )
 
         public_class_method def self.analyze(opts = {})
           request = opts[:request]
+          output_path = opts[:output_path]
           raise 'ERROR: request parameter is required' if request.nil? || request.empty?
 
           markup_type = opts[:markup_type] ||= :jira
@@ -34,28 +45,36 @@ module PWN
           end
 
           system_role_content = "
-          _ALWAYS_ Generate #{markup} security findings for the message provided with the following content:
+          _ALWAYS_ Generate #{markup} security findings for the message provided using **EXACTLY** this structure and section headers:
 
-          1. Detailed Finding Description: This should be a deep, detailed technical description that should include exploit proof-of-concepts when possible.
+          1. Detailed Finding Description: This should be a deep, detailed technical description that should include exploit proof-of-concepts when possible.  The description should be technical in nature and provide enough information for a security engineer to understand the vulnerability and how it can be exploited.  Code snippets should be included where applicable to demonstrate the vulnerability and potential exploit paths.
 
           2. Business Impact: This should describe, in business terms, the importance of fixing the issue.  Reputational and/or financial impact should be considered for this section.
 
           3. Remediation Recommendations:  Targeted towards technical engineers that can ascertain a reasonable approach to fix the vulnerability based upon common security remediation patterns.  Be sure to consider compensating controls / stop gaps that can be implemented (e.g. WAF, additional logging, etc.) until such time the vulnerability can be fixed.  Provide examples in cases where code fixes may be required.
 
-          4. CVSS Score (Severity), Base CVSS Vector string as /AV:`N|L|A|P`/AC:`L|H`/PR:`N|L|H`/UI:`N|R`/S:`U|C`/C:`N|L|H`/I:`N|L|H`/A:`N|L|H`, and first.org CVSS calculator URI as https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:`N|L|A|P`/AC:`L|H`/PR:`N|L|H`/UI:`N|R`/S:`U|C`/C:`N|L|H`/I:`N|L|H`/A:`N|L|H`.  The Vector string must be formatted like: `/AV:%s/AC:%s/PR:%s/UI:%s/S:%s/C:%s/I:%s/A:%s`.  Ensure the score and severity aligns with the vector string calculation.
+          4. CVSS Score (Severity), Base CVSS Vector string as /AV:`N|L|A|P`/AC:`L|H`/PR:`N|L|H`/UI:`N|R`/S:`U|C`/C:`N|L|H`/I:`N|L|H`/A:`N|L|H`, and first.org CVSS calculator URI as https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:`N|L|A|P`/AC:`L|H`/PR:`N|L|H`/UI:`N|R`/S:`U|C`/C:`N|L|H`/I:`N|L|H`/A:`N|L|H`.  The Vector string must be formatted like: `/AV:%s/AC:%s/PR:%s/UI:%s/S:%s/C:%s/I:%s/A:%s`.  _Ensure the CVSS score and severity aligns with the vector string calculation._
 
           5. CWE Category, Brief CWE description, and CWE URI
 
           6. NIST 800-53 Security Control that is impacted by this vulnerability.
           "
 
-          PWN::AI::Introspection.reflect_on(
+          analysis = PWN::AI::Introspection.reflect_on(
             system_role_content: system_role_content,
             request: request,
             suppress_pii_warning: true
           )
+
+          if output_path
+            FileUtils.mkdir_p(File.dirname(output_path))
+            File.write(output_path, analysis.to_s)
+            puts "\nVulnerability report written to: #{output_path}"
+          end
+
+          analysis
         rescue StandardError => e
-          raise e.backtrace
+          raise e
         end
 
         # Author(s):: 0day Inc. <support@0dayinc.com>
@@ -72,7 +91,8 @@ module PWN
           puts "USAGE:
             ai_analysis = #{self}.analyze(
               request: 'required - high level description of vulnerability discovered (e.g. \"Discovered a SQLi vulnerability in /login\"',
-              markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)'
+              markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)',
+              output_path: 'optional - full path to save the generated report as .md (e.g. /home/claw/reports/sqli-finding.md)'
             )
 
             #{self}.authors

data/lib/pwn/ai/anthropic.rb

@@ -0,0 +1,281 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'rest-client'
+require 'tty-spinner'
+require 'securerandom'
+
+module PWN
+  module AI
+    # This plugin interacts with Anthropic's Claude API.
+    # It provides methods to list models, generate completions, and chat.
+    # API documentation: https://docs.anthropic.com/en/api
+    # Obtain an API key from https://console.anthropic.com/
+    module Anthropic
+      # Supported Method Parameters::
+      # anthropic_rest_call(
+      #   token: 'required - anthropic api key',
+      #   http_method: 'optional HTTP method (defaults to GET)',
+      #   base_uri: 'optional base anthropic api URI (defaults to https://api.anthropic.com/v1)',
+      #   rest_call: 'required rest call to make per the schema',
+      #   params: 'optional params passed in the URI or HTTP Headers',
+      #   http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',
+      #   timeout: 'optional timeout in seconds (defaults to 300)',
+      #   spinner: 'optional - display spinner (defaults to false)'
+      # )
+
+      private_class_method def self.anthropic_rest_call(opts = {})
+        engine = PWN::Env[:ai][:anthropic]
+        raise 'ERROR: Anthropic Hash not found in PWN::Env.  Run `pwn -Y default.yaml`, then `PWN::Env` for usage.' if engine.nil?
+
+        token = engine[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Anthropic API Key')
+
+        http_method = if opts[:http_method].nil?
+                        :get
+                      else
+                        opts[:http_method].to_s.scrub.to_sym
+                      end
+
+        base_uri = engine[:base_uri] ||= 'https://api.anthropic.com/v1'
+        rest_call = opts[:rest_call].to_s.scrub
+        params = opts[:params]
+        headers = {
+          content_type: 'application/json; charset=UTF-8',
+          'x-api-key': token,
+          'anthropic-version': '2023-06-01'
+        }
+
+        http_body = opts[:http_body]
+        http_body ||= {}
+
+        timeout = opts[:timeout]
+        timeout ||= 300
+
+        spinner = opts[:spinner] || false
+
+        browser_obj = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
+        rest_client = browser_obj[:browser]::Request
+
+        if spinner
+          spin = TTY::Spinner.new(format: :dots)
+          spin.auto_spin
+        end
+
+        retry_count = 0
+        begin
+          case http_method
+          when :delete, :get
+            headers[:params] = params
+            response = rest_client.execute(
+              method: http_method,
+              url: "#{base_uri}/#{rest_call}",
+              headers: headers,
+              verify_ssl: false,
+              timeout: timeout
+            )
+
+          when :post
+            if http_body.key?(:multipart)
+              headers[:content_type] = 'multipart/form-data'
+
+              response = rest_client.execute(
+                method: http_method,
+                url: "#{base_uri}/#{rest_call}",
+                headers: headers,
+                payload: http_body,
+                verify_ssl: false,
+                timeout: timeout
+              )
+            else
+              response = rest_client.execute(
+                method: http_method,
+                url: "#{base_uri}/#{rest_call}",
+                headers: headers,
+                payload: http_body.to_json,
+                verify_ssl: false,
+                timeout: timeout
+              )
+            end
+          else
+            raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
+          end
+
+          response
+        rescue RestClient::TooManyRequests => e
+          retry_after = e.response.headers[:retry_after]&.to_i ||= (0.5 * (retry_count + 1))
+          sleep(retry_after + rand(0.3..5.0))
+          retry_count += 1
+
+          retry
+        end
+      rescue RestClient::ExceptionWithResponse => e
+        puts "ERROR: #{e.message}: #{e.response}"
+      rescue StandardError => e
+        case e.message
+        when '400 Bad Request', '404 Resource Not Found'
+          "#{e.message}: #{e.response}"
+        else
+          raise e
+        end
+      ensure
+        spin.stop if spinner
+      end
+
+      # Supported Method Parameters::
+      # models = PWN::AI::Anthropic.get_models
+
+      public_class_method def self.get_models
+        models = anthropic_rest_call(rest_call: 'models')
+
+        JSON.parse(models, symbolize_names: true)[:data]
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # response = PWN::AI::Anthropic.chat(
+      #   request: 'required - message to Anthropic',
+      #   model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:anthropic][:model])',
+      #   temp: 'optional - creative response float (defaults to PWN::Env[:ai][:anthropic][:temp])',
+      #   system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:anthropic][:system_role_content])',
+      #   response_history: 'optional - pass response back in to have a conversation',
+      #   speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',
+      #   timeout: 'optional timeout in seconds (defaults to 300)',
+      #   spinner: 'optional - display spinner (defaults to false)'
+      # )
+
+      public_class_method def self.chat(opts = {})
+        engine = PWN::Env[:ai][:anthropic]
+        request = opts[:request]
+        max_prompt_length = engine[:max_prompt_length] ||= 200_000
+        request_trunc_idx = ((max_prompt_length - 1) / 3.36).floor
+        request = request[0..request_trunc_idx]
+
+        model = opts[:model] ||= engine[:model]
+        raise 'ERROR: Model is required.  Call #get_models method for details' if model.nil?
+
+        temp = opts[:temp].to_f ||= engine[:temp].to_f
+        temp = 1 if temp.zero?
+
+        rest_call = 'messages'
+
+        response_history = opts[:response_history]
+
+        system_role_content = opts[:system_role_content] ||= engine[:system_role_content]
+        system_role_content = response_history[:choices].first[:content] if response_history && response_history[:choices]
+
+        system_role = {
+          role: 'system',
+          content: system_role_content
+        }
+
+        user_role = {
+          role: 'user',
+          content: request
+        }
+
+        response_history ||= { choices: [system_role] }
+
+        http_body = {
+          model: model,
+          max_tokens: 4096,
+          temperature: temp,
+          system: system_role_content,
+          messages: []
+        }
+
+        if response_history[:choices].length > 1
+          response_history[:choices][1..].each do |message|
+            next if message[:role] == 'system'
+
+            http_body[:messages].push(role: message[:role].to_s, content: message[:content].to_s)
+          end
+        end
+
+        http_body[:messages].push(role: 'user', content: request)
+
+        timeout = opts[:timeout]
+        spinner = opts[:spinner]
+
+        response = anthropic_rest_call(
+          http_method: :post,
+          rest_call: rest_call,
+          http_body: http_body,
+          timeout: timeout,
+          spinner: spinner
+        )
+
+        json_resp = JSON.parse(response, symbolize_names: true)
+        assistant_content = if json_resp[:content] && json_resp[:content].is_a?(Array) && json_resp[:content].first
+                              json_resp[:content].first[:text]
+                            else
+                              ''
+                            end
+        assistant_resp = {
+          role: 'assistant',
+          content: assistant_content
+        }
+
+        # Build choices for PWN compatibility: [system, ...history..., user, assistant]
+        json_resp[:choices] = [system_role] + http_body[:messages]
+        json_resp[:choices].push(assistant_resp)
+
+        # Ensure compatibility fields
+        json_resp[:id] ||= "msg_#{SecureRandom.hex(8)}"
+        json_resp[:object] ||= 'message'
+        json_resp[:model] ||= model
+
+        if json_resp[:usage].is_a?(Hash)
+          inp_tokens = json_resp[:usage][:input_tokens] || 0
+          out_tokens = json_resp[:usage][:output_tokens] || 0
+          json_resp[:usage][:total_tokens] = inp_tokens + out_tokens
+        else
+          json_resp[:usage] = { input_tokens: 0, output_tokens: 0, total_tokens: 0 }
+        end
+
+        speak_answer = true if opts[:speak_answer]
+
+        if speak_answer
+          answer = assistant_resp[:content]
+          text_path = "/tmp/#{SecureRandom.hex}.pwn_voice"
+          File.write(text_path, answer)
+          PWN::Plugins::Voice.text_to_speech(text_path: text_path)
+          File.unlink(text_path)
+        end
+
+        json_resp
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <support@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <support@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          models = #{self}.get_models
+
+          response = #{self}.chat(
+            request: 'required - message to Anthropic',
+            model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:anthropic][:model])',
+            temp: 'optional - creative response float (defaults to PWN::Env[:ai][:anthropic][:temp])',
+            system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:anthropic][:system_role_content])',
+            response_history: 'optional - pass response back in to have a conversation',
+            speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',
+            timeout: 'optional - timeout in seconds (defaults to 300)',
+            spinner: 'optional - display spinner (defaults to false)'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end