pwn 0.5.613 → 0.5.615

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +10 -10
  3. data/README.md +110 -24
  4. data/documentation/AI-Integration.md +36 -0
  5. data/documentation/BurpSuite.md +26 -0
  6. data/documentation/Contributing.md +31 -0
  7. data/documentation/Diagrams.md +57 -0
  8. data/documentation/Drivers.md +25 -0
  9. data/documentation/General-PWN-Usage.md +40 -0
  10. data/documentation/Home.md +51 -0
  11. data/documentation/How-PWN-Works.md +60 -0
  12. data/documentation/Installation.md +50 -0
  13. data/documentation/NmapIt.md +18 -0
  14. data/documentation/Plugins.md +59 -0
  15. data/documentation/Reporting.md +28 -0
  16. data/documentation/SAST.md +32 -0
  17. data/documentation/Skills-Memory-Learning.md +44 -0
  18. data/documentation/Transparent-Browser.md +32 -0
  19. data/documentation/Troubleshooting.md +38 -0
  20. data/documentation/What-is-PWN.md +34 -0
  21. data/documentation/Why-PWN.md +18 -0
  22. data/documentation/diagrams/ai-integration-tool-calling.svg +134 -0
  23. data/documentation/diagrams/burp-vs-zap-preference.svg +84 -0
  24. data/documentation/diagrams/code-scanning-sast.svg +112 -0
  25. data/documentation/diagrams/dot/ai-integration-tool-calling.dot +23 -0
  26. data/documentation/diagrams/dot/burp-vs-zap-preference.dot +15 -0
  27. data/documentation/diagrams/dot/code-scanning-sast.dot +21 -0
  28. data/documentation/diagrams/dot/driver-framework.dot +17 -0
  29. data/documentation/diagrams/dot/fuzzing-workflow.dot +27 -0
  30. data/documentation/diagrams/dot/history-to-drivers.dot +20 -0
  31. data/documentation/diagrams/dot/memory-skills-detailed.dot +28 -0
  32. data/documentation/diagrams/dot/network-infra-testing.dot +22 -0
  33. data/documentation/diagrams/dot/overall-pwn-architecture.dot +49 -0
  34. data/documentation/diagrams/dot/penetration-testing-workflow.dot +29 -0
  35. data/documentation/diagrams/dot/plugin-ecosystem.dot +31 -0
  36. data/documentation/diagrams/dot/pwn-ai-feedback-learning-loop.dot +57 -0
  37. data/documentation/diagrams/dot/pwn-repl-prototyping.dot +37 -0
  38. data/documentation/diagrams/dot/reporting-pipeline.dot +17 -0
  39. data/documentation/diagrams/dot/reverse-engineering-flow.dot +21 -0
  40. data/documentation/diagrams/dot/sessions-cron-automation.dot +17 -0
  41. data/documentation/diagrams/dot/web-application-testing.dot +27 -0
  42. data/documentation/diagrams/dot/zero-day-research-flow.dot +27 -0
  43. data/documentation/diagrams/driver-framework.svg +90 -0
  44. data/documentation/diagrams/fuzzing-workflow.svg +147 -0
  45. data/documentation/diagrams/history-to-drivers.svg +117 -0
  46. data/documentation/diagrams/memory-skills-detailed.svg +154 -0
  47. data/documentation/diagrams/network-infra-testing.svg +121 -0
  48. data/documentation/diagrams/overall-pwn-architecture.svg +234 -0
  49. data/documentation/diagrams/penetration-testing-workflow.svg +148 -0
  50. data/documentation/diagrams/plugin-ecosystem.svg +172 -0
  51. data/documentation/diagrams/pwn-ai-feedback-learning-loop.svg +234 -0
  52. data/documentation/diagrams/pwn-repl-prototyping.svg +179 -0
  53. data/documentation/diagrams/reporting-pipeline.svg +91 -0
  54. data/documentation/diagrams/reverse-engineering-flow.svg +114 -0
  55. data/documentation/diagrams/sessions-cron-automation.svg +92 -0
  56. data/documentation/diagrams/web-application-testing.svg +137 -0
  57. data/documentation/diagrams/zero-day-research-flow.svg +149 -0
  58. data/documentation/pwn-REPL.md +33 -0
  59. data/documentation/pwn-ai-Agent.md +43 -0
  60. data/lib/pwn/ai/agent/learning.rb +377 -0
  61. data/lib/pwn/ai/agent/loop.rb +18 -3
  62. data/lib/pwn/ai/agent/metrics.rb +155 -0
  63. data/lib/pwn/ai/agent/prompt_builder.rb +23 -3
  64. data/lib/pwn/ai/agent/tools/learning.rb +113 -0
  65. data/lib/pwn/ai/agent/tools/skills.rb +94 -8
  66. data/lib/pwn/ai/agent.rb +2 -0
  67. data/lib/pwn/ai/grok.rb +249 -106
  68. data/lib/pwn/config.rb +86 -13
  69. data/lib/pwn/plugins/monkey_patch.rb +2 -2
  70. data/lib/pwn/plugins/repl.rb +68 -3
  71. data/lib/pwn/version.rb +1 -1
  72. data/spec/lib/pwn/ai/agent/learning_spec.rb +68 -0
  73. data/spec/lib/pwn/ai/agent/metrics_spec.rb +27 -0
  74. data/spec/lib/pwn/ai/agent/tools/learning_spec.rb +30 -0
  75. metadata +84 -34
  76. data/documentation/PWN.png +0 -0
  77. data/documentation/PWN_Contributors_and_Users.png +0 -0
  78. data/documentation/fax-spectrogram.png +0 -0
  79. data/documentation/fax-waveform.png +0 -0
  80. data/documentation/frozen_string_literal_files_changed_from_false_to_true.txt +0 -54
  81. data/documentation/lifecycle_authz_replay.example.yaml +0 -27
  82. data/documentation/pwn_android_war_dialer_session.png +0 -0
  83. data/documentation/pwn_install.png +0 -0
  84. data/documentation/pwn_wallpaper.jpg +0 -0
  85. data/documentation/ringing-spectrogram.png +0 -0
  86. data/documentation/ringing-waveform.png +0 -0
  87. data/documentation/vulnerability_report_template.md +0 -37
@@ -28,7 +28,7 @@ module PWN
28
28
  #
29
29
  # For tmux + terminator (or similar):
30
30
  # In ~/.tmux.conf (then `tmux kill-server` + new session):
31
- # set -g extended-keys on
31
+ # set -s extended-keys on
32
32
  # set -g xterm-keys on
33
33
  # Use TERM=xterm-256color (or equivalent that supports the CSI) in your terminal profile.
34
34
  #
@@ -77,6 +77,7 @@ module PWN
77
77
  def initialize(pry_instance)
78
78
  @line_buffer = ''
79
79
  pry_instance.config.pwn_ai_original_input = Pry.input
80
+ ensure_tmux_extended_keys
80
81
  install_shift_enter_bindings
81
82
  end
82
83
 
@@ -91,6 +92,70 @@ module PWN
91
92
  Reline.send(:core).config
92
93
  end
93
94
 
95
+ # tmux gates modifyOtherKeys / kitty-keyboard requests behind its
96
+ # `extended-keys` *server* option. When `off` (the shipped default
97
+ # on many distros / older ~/.tmux.conf), tmux silently drops the
98
+ # ENABLE_EXTENDED_KEYS CSI we emit in #readline and forwards plain
99
+ # 0x0D for BOTH Enter and Shift+Enter — SHIFT_ENTER_SEQS can then
100
+ # never match and Shift+Enter "still just submits".
101
+ #
102
+ # Detect tmux via $TMUX, read the current server option, and flip it
103
+ # to `on` (NOT `always`) so tmux honours the per-read enable/disable
104
+ # we send around Reline.readmultiline. `on` is scoped: tmux only
105
+ # encodes extended keys while the inner app is requesting them, so
106
+ # this does not affect other panes or the main pwn REPL.
107
+ #
108
+ # Verified on tmux 3.6b: `extended-keys on` + `\e[>4;1m` → S-Enter is
109
+ # delivered as `\e[27;2;13~` (matches SHIFT_ENTER_SEQS[1]).
110
+ def ensure_tmux_extended_keys
111
+ return if self.class.instance_variable_get(:@tmux_extkeys_checked)
112
+
113
+ self.class.instance_variable_set(:@tmux_extkeys_checked, true)
114
+ return if ENV['TMUX'].to_s.empty?
115
+
116
+ # (1) Inner side: tmux → app. `extended-keys on` makes tmux honour the
117
+ # ENABLE_EXTENDED_KEYS request we emit in #readline and re-encode
118
+ # S-Enter to the pane as CSI 27;2;13~ / CSI 13;2u.
119
+ cur = `tmux show -sv extended-keys 2>/dev/null`.to_s.strip
120
+ unless %w[on always].include?(cur)
121
+ if system('tmux', 'set', '-s', 'extended-keys', 'on', out: File::NULL, err: File::NULL)
122
+ warn '[pwn] tmux `extended-keys` was off; auto-enabled (server scope) so SHIFT+ENTER is distinguishable from ENTER.'
123
+ warn '[pwn] Persist it: add `set -s extended-keys on` to ~/.tmux.conf'
124
+ else
125
+ warn '[pwn] tmux `extended-keys` is off and could not be enabled; SHIFT+ENTER will behave like ENTER.'
126
+ warn '[pwn] Fix: run `tmux set -s extended-keys on` (and add `set -s extended-keys on` to ~/.tmux.conf).'
127
+ end
128
+ end
129
+
130
+ # (2) Outer side: terminal → tmux. tmux only ASKS the outer terminal
131
+ # to encode S-Enter distinctly (sends `\e[>4;2m` at attach) if the
132
+ # client tty has the `extkeys` feature. That comes from the
133
+ # `terminal-features` server option matched against the client's
134
+ # $TERM at attach time. No match ⇒ outer emulator keeps sending
135
+ # 0x0D for BOTH Enter and Shift+Enter ⇒ tmux can't disambiguate ⇒
136
+ # step (1) is moot. Add it for common outer TERMs (and tmux* to
137
+ # cover `alias tmux='TERM=tmux-256color tmux'` and nested tmux).
138
+ tf = `tmux show -sv terminal-features 2>/dev/null`.to_s
139
+ unless tf.include?('extkeys')
140
+ %w[xterm* tmux* screen*].each do |pat|
141
+ system('tmux', 'set', '-as', 'terminal-features', "#{pat}:extkeys", out: File::NULL, err: File::NULL)
142
+ end
143
+ warn '[pwn] Added `extkeys` to tmux terminal-features (xterm*/tmux*/screen*) so tmux requests extended keys from the OUTER terminal.'
144
+ warn "[pwn] Persist it: add `set -as terminal-features 'xterm*:extkeys'` (and tmux*/screen*) to ~/.tmux.conf"
145
+ end
146
+
147
+ # (3) terminal-features is evaluated at CLIENT ATTACH time. If the
148
+ # current client attached before `extkeys` was present, tmux never
149
+ # sent the enable CSI to the outer terminal. Detect and warn.
150
+ feats = `tmux display -p '\#{client_termfeatures}' 2>/dev/null`.to_s
151
+ return if feats.include?('extkeys')
152
+
153
+ warn '[pwn] This tmux client attached before `extkeys` was configured; the outer terminal is still sending plain 0x0D for SHIFT+ENTER.'
154
+ warn '[pwn] Fix: detach (prefix + d) and reattach (`tmux attach -t <session>`) so tmux re-negotiates extended keys with the terminal.'
155
+ rescue StandardError => e
156
+ warn "[pwn] ensure_tmux_extended_keys: #{e.class}: #{e.message}"
157
+ end
158
+
94
159
  # Register SHIFT+ENTER → :key_newline on Reline's default keymaps.
95
160
  #
96
161
  # IMPORTANT: do NOT use add_oneshot_key_binding for this. Reline's
@@ -296,9 +361,9 @@ module PWN
296
361
  puts " 'Use NmapIt to port scan target.com then use TransparentBrowser to spider and SAST::TestCaseEngine to analyze code if cloned. Generate report with PWN::Reports.'"
297
362
  puts " 'Execute CLI nmap -sV target.com and summarize findings using PWN modules.'"
298
363
  puts "[*] Skills loaded from #{skills_path} (#{skills_count} available) + memory/sessions/cron to expand autonomous capabilities."
299
- puts "[*] Type 'toggle-pwn-ai' or normal pwn commands to exit agent mode."
364
+ puts "[*] Type 'back' to exit pwn-ai mode."
300
365
  puts '[*] MULTILINE in pwn-ai: Use ONLY SHIFT+ENTER for newlines (plain ENTER submits to AI).'
301
- puts "[*] tmux + terminator users: Ensure ~/.tmux.conf has 'set -g extended-keys on' and 'set -g xterm-keys on', then restart tmux. Use TERM=xterm-256color."
366
+ puts "[*] tmux + terminator users: Ensure ~/.tmux.conf has 'set -s extended-keys on' and 'set -g xterm-keys on', then restart tmux. Use TERM=xterm-256color."
302
367
  end
303
368
  end
304
369
 
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.613'
4
+ VERSION = '0.5.615'
5
5
  end
@@ -0,0 +1,68 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+ require 'tmpdir'
5
+
6
+ describe PWN::AI::Agent::Learning do
7
+ it 'should display information for authors' do
8
+ authors_response = PWN::AI::Agent::Learning
9
+ expect(authors_response).to respond_to :authors
10
+ end
11
+
12
+ it 'should display information for existing help method' do
13
+ help_response = PWN::AI::Agent::Learning
14
+ expect(help_response).to respond_to :help
15
+ end
16
+
17
+ it 'notes outcomes, surfaces context, and consolidates memory' do
18
+ tmp = Dir.mktmpdir
19
+ stub_const('PWN::AI::Agent::Learning::LEARNING_FILE', File.join(tmp, 'learning.jsonl'))
20
+ stub_const('PWN::Memory::MEMORY_FILE', File.join(tmp, 'memory.json'))
21
+
22
+ PWN::AI::Agent::Learning.reset
23
+ e = PWN::AI::Agent::Learning.note_outcome(task: 'nmap sweep', success: true, details: '3 hosts up', tags: %w[recon])
24
+ expect(e[:success]).to be true
25
+
26
+ rows = PWN::AI::Agent::Learning.outcomes(limit: 10)
27
+ expect(rows.first[:task]).to eq 'nmap sweep'
28
+
29
+ ctx = PWN::AI::Agent::Learning.to_context
30
+ expect(ctx).to include('nmap sweep')
31
+
32
+ stats = PWN::AI::Agent::Learning.stats
33
+ expect(stats[:total_outcomes]).to be >= 1
34
+
35
+ # duplicate lesson in memory then consolidate
36
+ PWN::Memory.remember(key: :dup_a, value: 'same lesson', category: :lesson)
37
+ PWN::Memory.remember(key: :dup_b, value: 'same lesson', category: :lesson)
38
+ res = PWN::AI::Agent::Learning.consolidate(max_entries: 100)
39
+ expect(res[:removed]).to be >= 1
40
+ end
41
+
42
+ it 'reflects on a session using the heuristic extractor' do
43
+ tmp = Dir.mktmpdir
44
+ stub_const('PWN::AI::Agent::Learning::LEARNING_FILE', File.join(tmp, 'learning.jsonl'))
45
+ stub_const('PWN::Memory::MEMORY_FILE', File.join(tmp, 'memory.json'))
46
+ stub_const('PWN::Sessions::SESSIONS_DIR', File.join(tmp, 'sessions'))
47
+
48
+ s = PWN::Sessions.create(title: 'learning spec')
49
+ PWN::Sessions.append(session_id: s[:id], role: 'user', content: 'scan target')
50
+ PWN::Sessions.append(session_id: s[:id], role: 'tool', content: 'shell → {"success":false,"error":"timeout after 120s"}')
51
+ PWN::Sessions.append(session_id: s[:id], role: 'assistant', content: 'Retry with -T2')
52
+
53
+ report = PWN::AI::Agent::Learning.reflect(session_id: s[:id])
54
+ expect(report[:count]).to be >= 1
55
+ expect(PWN::Memory.recall(query: 'failure').keys).not_to be_empty
56
+ end
57
+
58
+ it 'distills a skill from an explicit body' do
59
+ tmp = Dir.mktmpdir
60
+ stub_const('PWN::AI::Agent::Learning::LEARNING_FILE', File.join(tmp, 'learning.jsonl'))
61
+ stub_const('PWN::Memory::MEMORY_FILE', File.join(tmp, 'memory.json'))
62
+ allow(PWN::AI::Agent::Learning).to receive(:skills_dir).and_return(File.join(tmp, 'skills'))
63
+
64
+ out = PWN::AI::Agent::Learning.distill_skill(name: 'spec_skill', content: "# Spec Skill\nDo the thing.")
65
+ expect(out[:saved]).to be true
66
+ expect(File.exist?(out[:path])).to be true
67
+ end
68
+ end
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe PWN::AI::Agent::Metrics do
6
+ it 'should display information for authors' do
7
+ authors_response = PWN::AI::Agent::Metrics
8
+ expect(authors_response).to respond_to :authors
9
+ end
10
+
11
+ it 'should display information for existing help method' do
12
+ help_response = PWN::AI::Agent::Metrics
13
+ expect(help_response).to respond_to :help
14
+ end
15
+
16
+ it 'records tool telemetry and summarises effectiveness' do
17
+ stub_const('PWN::AI::Agent::Metrics::METRICS_FILE', File.join(Dir.mktmpdir, 'metrics.json'))
18
+ PWN::AI::Agent::Metrics.reset
19
+ PWN::AI::Agent::Metrics.record(name: 'shell', success: true, duration: 0.10)
20
+ PWN::AI::Agent::Metrics.record(name: 'shell', success: false, duration: 0.20, error: 'boom')
21
+ rows = PWN::AI::Agent::Metrics.summary
22
+ row = rows.find { |r| r[:name] == 'shell' }
23
+ expect(row[:calls]).to eq 2
24
+ expect(row[:success_rate]).to eq 0.5
25
+ expect(PWN::AI::Agent::Metrics.to_context).to include('shell')
26
+ end
27
+ end
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe 'PWN::AI::Agent::Tools learning' do
6
+ it 'registers the learning_note_outcome tool' do
7
+ PWN::AI::Agent::Registry.discover(force: true)
8
+ expect(PWN::AI::Agent::Registry.lookup(name: 'learning_note_outcome')).not_to be_nil
9
+ end
10
+
11
+ it 'registers the learning_reflect tool' do
12
+ PWN::AI::Agent::Registry.discover(force: true)
13
+ expect(PWN::AI::Agent::Registry.lookup(name: 'learning_reflect')).not_to be_nil
14
+ end
15
+
16
+ it 'registers the learning_distill_skill tool' do
17
+ PWN::AI::Agent::Registry.discover(force: true)
18
+ expect(PWN::AI::Agent::Registry.lookup(name: 'learning_distill_skill')).not_to be_nil
19
+ end
20
+
21
+ it 'registers the learning_stats tool' do
22
+ PWN::AI::Agent::Registry.discover(force: true)
23
+ expect(PWN::AI::Agent::Registry.lookup(name: 'learning_stats')).not_to be_nil
24
+ end
25
+
26
+ it 'exposes the learning toolset in the registry' do
27
+ PWN::AI::Agent::Registry.discover(force: true)
28
+ expect(PWN::AI::Agent::Registry.toolsets).to include('learning')
29
+ end
30
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.613
4
+ version: 0.5.615
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
@@ -141,14 +141,14 @@ dependencies:
141
141
  requirements:
142
142
  - - ">="
143
143
  - !ruby/object:Gem::Version
144
- version: 4.0.14
144
+ version: 4.0.15
145
145
  type: :development
146
146
  prerelease: false
147
147
  version_requirements: !ruby/object:Gem::Requirement
148
148
  requirements:
149
149
  - - ">="
150
150
  - !ruby/object:Gem::Version
151
- version: 4.0.14
151
+ version: 4.0.15
152
152
  - !ruby/object:Gem::Dependency
153
153
  name: bundler-audit
154
154
  requirement: !ruby/object:Gem::Requirement
@@ -351,14 +351,14 @@ dependencies:
351
351
  requirements:
352
352
  - - '='
353
353
  - !ruby/object:Gem::Version
354
- version: 6.0.0
354
+ version: 6.1.0
355
355
  type: :runtime
356
356
  prerelease: false
357
357
  version_requirements: !ruby/object:Gem::Requirement
358
358
  requirements:
359
359
  - - '='
360
360
  - !ruby/object:Gem::Version
361
- version: 6.0.0
361
+ version: 6.1.0
362
362
  - !ruby/object:Gem::Dependency
363
363
  name: gruff
364
364
  requirement: !ruby/object:Gem::Requirement
@@ -519,42 +519,42 @@ dependencies:
519
519
  requirements:
520
520
  - - '='
521
521
  - !ruby/object:Gem::Version
522
- version: 2.9.0
522
+ version: 2.9.1
523
523
  type: :runtime
524
524
  prerelease: false
525
525
  version_requirements: !ruby/object:Gem::Requirement
526
526
  requirements:
527
527
  - - '='
528
528
  - !ruby/object:Gem::Version
529
- version: 2.9.0
529
+ version: 2.9.1
530
530
  - !ruby/object:Gem::Dependency
531
531
  name: mcp
532
532
  requirement: !ruby/object:Gem::Requirement
533
533
  requirements:
534
534
  - - '='
535
535
  - !ruby/object:Gem::Version
536
- version: 0.20.0
536
+ version: 0.23.0
537
537
  type: :runtime
538
538
  prerelease: false
539
539
  version_requirements: !ruby/object:Gem::Requirement
540
540
  requirements:
541
541
  - - '='
542
542
  - !ruby/object:Gem::Version
543
- version: 0.20.0
543
+ version: 0.23.0
544
544
  - !ruby/object:Gem::Dependency
545
545
  name: meshtastic
546
546
  requirement: !ruby/object:Gem::Requirement
547
547
  requirements:
548
548
  - - '='
549
549
  - !ruby/object:Gem::Version
550
- version: 0.0.165
550
+ version: 0.0.167
551
551
  type: :runtime
552
552
  prerelease: false
553
553
  version_requirements: !ruby/object:Gem::Requirement
554
554
  requirements:
555
555
  - - '='
556
556
  - !ruby/object:Gem::Version
557
- version: 0.0.165
557
+ version: 0.0.167
558
558
  - !ruby/object:Gem::Dependency
559
559
  name: metasm
560
560
  requirement: !ruby/object:Gem::Requirement
@@ -673,14 +673,14 @@ dependencies:
673
673
  requirements:
674
674
  - - '='
675
675
  - !ruby/object:Gem::Version
676
- version: 1.19.3
676
+ version: 1.19.4
677
677
  type: :runtime
678
678
  prerelease: false
679
679
  version_requirements: !ruby/object:Gem::Requirement
680
680
  requirements:
681
681
  - - '='
682
682
  - !ruby/object:Gem::Version
683
- version: 1.19.3
683
+ version: 1.19.4
684
684
  - !ruby/object:Gem::Dependency
685
685
  name: nokogiri-diff
686
686
  requirement: !ruby/object:Gem::Requirement
@@ -925,14 +925,14 @@ dependencies:
925
925
  requirements:
926
926
  - - '='
927
927
  - !ruby/object:Gem::Version
928
- version: 7.0.4
928
+ version: 7.0.5
929
929
  type: :runtime
930
930
  prerelease: false
931
931
  version_requirements: !ruby/object:Gem::Requirement
932
932
  requirements:
933
933
  - - '='
934
934
  - !ruby/object:Gem::Version
935
- version: 7.0.4
935
+ version: 7.0.5
936
936
  - !ruby/object:Gem::Dependency
937
937
  name: rqrcode
938
938
  requirement: !ruby/object:Gem::Requirement
@@ -981,14 +981,14 @@ dependencies:
981
981
  requirements:
982
982
  - - '='
983
983
  - !ruby/object:Gem::Version
984
- version: 1.88.0
984
+ version: 1.88.1
985
985
  type: :runtime
986
986
  prerelease: false
987
987
  version_requirements: !ruby/object:Gem::Requirement
988
988
  requirements:
989
989
  - - '='
990
990
  - !ruby/object:Gem::Version
991
- version: 1.88.0
991
+ version: 1.88.1
992
992
  - !ruby/object:Gem::Dependency
993
993
  name: rubocop-rake
994
994
  requirement: !ruby/object:Gem::Requirement
@@ -1079,14 +1079,14 @@ dependencies:
1079
1079
  requirements:
1080
1080
  - - '='
1081
1081
  - !ruby/object:Gem::Version
1082
- version: 2.17.2
1082
+ version: 2.17.4
1083
1083
  type: :runtime
1084
1084
  prerelease: false
1085
1085
  version_requirements: !ruby/object:Gem::Requirement
1086
1086
  requirements:
1087
1087
  - - '='
1088
1088
  - !ruby/object:Gem::Version
1089
- version: 2.17.2
1089
+ version: 2.17.4
1090
1090
  - !ruby/object:Gem::Dependency
1091
1091
  name: selenium-devtools
1092
1092
  requirement: !ruby/object:Gem::Requirement
@@ -1121,14 +1121,14 @@ dependencies:
1121
1121
  requirements:
1122
1122
  - - '='
1123
1123
  - !ruby/object:Gem::Version
1124
- version: 3.1.0
1124
+ version: 3.2.0
1125
1125
  type: :runtime
1126
1126
  prerelease: false
1127
1127
  version_requirements: !ruby/object:Gem::Requirement
1128
1128
  requirements:
1129
1129
  - - '='
1130
1130
  - !ruby/object:Gem::Version
1131
- version: 3.1.0
1131
+ version: 3.2.0
1132
1132
  - !ruby/object:Gem::Dependency
1133
1133
  name: socksify
1134
1134
  requirement: !ruby/object:Gem::Requirement
@@ -1453,18 +1453,62 @@ files:
1453
1453
  - bin/pwn_zaproxy_active_rest_api_scan
1454
1454
  - bin/pwn_zaproxy_active_scan
1455
1455
  - build_gem.sh
1456
- - documentation/PWN.png
1457
- - documentation/PWN_Contributors_and_Users.png
1458
- - documentation/fax-spectrogram.png
1459
- - documentation/fax-waveform.png
1460
- - documentation/frozen_string_literal_files_changed_from_false_to_true.txt
1461
- - documentation/lifecycle_authz_replay.example.yaml
1462
- - documentation/pwn_android_war_dialer_session.png
1463
- - documentation/pwn_install.png
1464
- - documentation/pwn_wallpaper.jpg
1465
- - documentation/ringing-spectrogram.png
1466
- - documentation/ringing-waveform.png
1467
- - documentation/vulnerability_report_template.md
1456
+ - documentation/AI-Integration.md
1457
+ - documentation/BurpSuite.md
1458
+ - documentation/Contributing.md
1459
+ - documentation/Diagrams.md
1460
+ - documentation/Drivers.md
1461
+ - documentation/General-PWN-Usage.md
1462
+ - documentation/Home.md
1463
+ - documentation/How-PWN-Works.md
1464
+ - documentation/Installation.md
1465
+ - documentation/NmapIt.md
1466
+ - documentation/Plugins.md
1467
+ - documentation/Reporting.md
1468
+ - documentation/SAST.md
1469
+ - documentation/Skills-Memory-Learning.md
1470
+ - documentation/Transparent-Browser.md
1471
+ - documentation/Troubleshooting.md
1472
+ - documentation/What-is-PWN.md
1473
+ - documentation/Why-PWN.md
1474
+ - documentation/diagrams/ai-integration-tool-calling.svg
1475
+ - documentation/diagrams/burp-vs-zap-preference.svg
1476
+ - documentation/diagrams/code-scanning-sast.svg
1477
+ - documentation/diagrams/dot/ai-integration-tool-calling.dot
1478
+ - documentation/diagrams/dot/burp-vs-zap-preference.dot
1479
+ - documentation/diagrams/dot/code-scanning-sast.dot
1480
+ - documentation/diagrams/dot/driver-framework.dot
1481
+ - documentation/diagrams/dot/fuzzing-workflow.dot
1482
+ - documentation/diagrams/dot/history-to-drivers.dot
1483
+ - documentation/diagrams/dot/memory-skills-detailed.dot
1484
+ - documentation/diagrams/dot/network-infra-testing.dot
1485
+ - documentation/diagrams/dot/overall-pwn-architecture.dot
1486
+ - documentation/diagrams/dot/penetration-testing-workflow.dot
1487
+ - documentation/diagrams/dot/plugin-ecosystem.dot
1488
+ - documentation/diagrams/dot/pwn-ai-feedback-learning-loop.dot
1489
+ - documentation/diagrams/dot/pwn-repl-prototyping.dot
1490
+ - documentation/diagrams/dot/reporting-pipeline.dot
1491
+ - documentation/diagrams/dot/reverse-engineering-flow.dot
1492
+ - documentation/diagrams/dot/sessions-cron-automation.dot
1493
+ - documentation/diagrams/dot/web-application-testing.dot
1494
+ - documentation/diagrams/dot/zero-day-research-flow.dot
1495
+ - documentation/diagrams/driver-framework.svg
1496
+ - documentation/diagrams/fuzzing-workflow.svg
1497
+ - documentation/diagrams/history-to-drivers.svg
1498
+ - documentation/diagrams/memory-skills-detailed.svg
1499
+ - documentation/diagrams/network-infra-testing.svg
1500
+ - documentation/diagrams/overall-pwn-architecture.svg
1501
+ - documentation/diagrams/penetration-testing-workflow.svg
1502
+ - documentation/diagrams/plugin-ecosystem.svg
1503
+ - documentation/diagrams/pwn-ai-feedback-learning-loop.svg
1504
+ - documentation/diagrams/pwn-repl-prototyping.svg
1505
+ - documentation/diagrams/reporting-pipeline.svg
1506
+ - documentation/diagrams/reverse-engineering-flow.svg
1507
+ - documentation/diagrams/sessions-cron-automation.svg
1508
+ - documentation/diagrams/web-application-testing.svg
1509
+ - documentation/diagrams/zero-day-research-flow.svg
1510
+ - documentation/pwn-REPL.md
1511
+ - documentation/pwn-ai-Agent.md
1468
1512
  - etc/systemd/msfrpcd.service
1469
1513
  - etc/systemd/openvas.service
1470
1514
  - etc/userland/aws/apache2/jenkins_443.conf
@@ -1781,11 +1825,14 @@ files:
1781
1825
  - lib/pwn/ai/agent/dispatch.rb
1782
1826
  - lib/pwn/ai/agent/gqrx.rb
1783
1827
  - lib/pwn/ai/agent/hacker_one.rb
1828
+ - lib/pwn/ai/agent/learning.rb
1784
1829
  - lib/pwn/ai/agent/loop.rb
1830
+ - lib/pwn/ai/agent/metrics.rb
1785
1831
  - lib/pwn/ai/agent/prompt_builder.rb
1786
1832
  - lib/pwn/ai/agent/registry.rb
1787
1833
  - lib/pwn/ai/agent/result.rb
1788
1834
  - lib/pwn/ai/agent/sast.rb
1835
+ - lib/pwn/ai/agent/tools/learning.rb
1789
1836
  - lib/pwn/ai/agent/tools/memory.rb
1790
1837
  - lib/pwn/ai/agent/tools/ruby_eval.rb
1791
1838
  - lib/pwn/ai/agent/tools/shell.rb
@@ -2166,11 +2213,14 @@ files:
2166
2213
  - spec/lib/pwn/ai/agent/dispatch_spec.rb
2167
2214
  - spec/lib/pwn/ai/agent/gqrx_spec.rb
2168
2215
  - spec/lib/pwn/ai/agent/hacker_one_spec.rb
2216
+ - spec/lib/pwn/ai/agent/learning_spec.rb
2169
2217
  - spec/lib/pwn/ai/agent/loop_spec.rb
2218
+ - spec/lib/pwn/ai/agent/metrics_spec.rb
2170
2219
  - spec/lib/pwn/ai/agent/prompt_builder_spec.rb
2171
2220
  - spec/lib/pwn/ai/agent/registry_spec.rb
2172
2221
  - spec/lib/pwn/ai/agent/result_spec.rb
2173
2222
  - spec/lib/pwn/ai/agent/sast_spec.rb
2223
+ - spec/lib/pwn/ai/agent/tools/learning_spec.rb
2174
2224
  - spec/lib/pwn/ai/agent/tools/memory_spec.rb
2175
2225
  - spec/lib/pwn/ai/agent/tools/ruby_eval_spec.rb
2176
2226
  - spec/lib/pwn/ai/agent/tools/shell_spec.rb
@@ -2519,7 +2569,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2519
2569
  - !ruby/object:Gem::Version
2520
2570
  version: '0'
2521
2571
  requirements: []
2522
- rubygems_version: 4.0.14
2572
+ rubygems_version: 4.0.15
2523
2573
  specification_version: 4
2524
2574
  summary: Automated Security Testing for CI/CD Pipelines & Beyond
2525
2575
  test_files: []
Binary file
Binary file
Binary file
@@ -1,54 +0,0 @@
1
- bin/pwn_shodan_search:# frozen_string_literal: false
2
- bin/pwn_sast:# frozen_string_literal: false
3
- bin/pwn_www_uri_buster:# frozen_string_literal: false
4
- bin/pwn_bdba_scan:# frozen_string_literal: false
5
- bin/pwn_serial_msr206:# frozen_string_literal: false
6
- bin/pwn_bdba_groups:# frozen_string_literal: false
7
- bin/pwn_serial_son_micro_sm132_rfid:# frozen_string_literal: false
8
- bin/pwn_gqrx_scanner:# frozen_string_literal: false
9
- bin/pwn_nmap_discover_tcp_udp:# frozen_string_literal: false
10
- lib/pwn/sast/beef_hook.rb:# frozen_string_literal: false
11
- lib/pwn/sast/local_storage.rb:# frozen_string_literal: false
12
- lib/pwn/sast/post_message.rb:# frozen_string_literal: false
13
- lib/pwn/sast/factory.rb:# frozen_string_literal: false
14
- lib/pwn/sast/base64.rb:# frozen_string_literal: false
15
- lib/pwn/sast/shell.rb:# frozen_string_literal: false
16
- lib/pwn/sast/aws.rb:# frozen_string_literal: false
17
- lib/pwn/sast/token.rb:# frozen_string_literal: false
18
- lib/pwn/sast/port.rb:# frozen_string_literal: false
19
- lib/pwn/sast/throw_errors.rb:# frozen_string_literal: false
20
- lib/pwn/sast/pom_version.rb:# frozen_string_literal: false
21
- lib/pwn/sast/outer_html.rb:# frozen_string_literal: false
22
- lib/pwn/sast/window_location_hash.rb:# frozen_string_literal: false
23
- lib/pwn/sast/deserial_java.rb:# frozen_string_literal: false
24
- lib/pwn/sast/php_input_mechanisms.rb:# frozen_string_literal: false
25
- lib/pwn/sast/redos.rb:# frozen_string_literal: false
26
- lib/pwn/sast/cmd_execution_python.rb:# frozen_string_literal: false
27
- lib/pwn/sast/type_script_type_juggling.rb:# frozen_string_literal: false
28
- lib/pwn/sast/version.rb:# frozen_string_literal: false
29
- lib/pwn/sast/sql.rb:# frozen_string_literal: false
30
- lib/pwn/sast/emoticon.rb:# frozen_string_literal: false
31
- lib/pwn/sast/redirect.rb:# frozen_string_literal: false
32
- lib/pwn/sast/cmd_execution_ruby.rb:# frozen_string_literal: false
33
- lib/pwn/sast/cmd_execution_java.rb:# frozen_string_literal: false
34
- lib/pwn/sast/private_key.rb:# frozen_string_literal: false
35
- lib/pwn/sast/location_hash.rb:# frozen_string_literal: false
36
- lib/pwn/sast/password.rb:# frozen_string_literal: false
37
- lib/pwn/sast/php_type_juggling.rb:# frozen_string_literal: false
38
- lib/pwn/sast/padding_oracle.rb:# frozen_string_literal: false
39
- lib/pwn/sast/md5.rb:# frozen_string_literal: false
40
- lib/pwn/sast/http_authorization_header.rb:# frozen_string_literal: false
41
- lib/pwn/sast/amqp_connect_as_guest.rb:# frozen_string_literal: false
42
- lib/pwn/sast/signature.rb:# frozen_string_literal: false
43
- lib/pwn/sast/apache_file_system_util_api.rb:# frozen_string_literal: false
44
- lib/pwn/sast/keystore.rb:# frozen_string_literal: false
45
- lib/pwn/sast/log4j.rb:# frozen_string_literal: false
46
- lib/pwn/sast/inner_html.rb:# frozen_string_literal: false
47
- lib/pwn/sast/task_tag.rb:# frozen_string_literal: false
48
- lib/pwn/sast/csrf.rb:# frozen_string_literal: false
49
- lib/pwn/sast/eval.rb:# frozen_string_literal: false
50
- lib/pwn/sast/logger.rb:# frozen_string_literal: false
51
- lib/pwn/sast/sudo.rb:# frozen_string_literal: false
52
- lib/pwn/sast/ssl.rb:# frozen_string_literal: false
53
- lib/pwn/sast/cmd_execution_scala.rb:# frozen_string_literal: false
54
- lib/pwn/sast/banned_function_calls_c.rb:# frozen_string_literal: false
@@ -1,27 +0,0 @@
1
- campaign:
2
- id: github-collaborator-revoke
3
- label: GitHub collaborator removal replay
4
- target: https://github.com/acme/private-repo
5
- change_event: remove_collaborator
6
- notes: Capture access before and after collaborator removal.
7
-
8
- actors:
9
- - id: owner
10
- label: Repository owner account
11
- - id: revoked_user
12
- label: User removed from repository
13
-
14
- surfaces:
15
- - id: repo_settings_page
16
- label: Repository settings HTML page
17
- - id: repo_metadata_api
18
- label: Repository metadata API endpoint
19
-
20
- checkpoints:
21
- - pre_change
22
- - post_change_t0
23
- - post_change_tn
24
-
25
- expected_denied_after:
26
- - post_change_t0
27
- - post_change_tn
Binary file
Binary file
Binary file
Binary file
@@ -1,37 +0,0 @@
1
- # Vulnerability Report Template
2
-
3
- **Program:** [HackerOne Program Name]
4
- **Report Date:** [YYYY-MM-DD]
5
- **Severity:** [Critical/High/Medium/Low]
6
-
7
- ## 1. Detailed finding description with technical depth and PoC when possible
8
-
9
- [Insert deep technical analysis, affected endpoints, steps to reproduce, PoC code/requests here.]
10
-
11
- ## 2. Business impact
12
-
13
- [Business/reputational/financial consequences.]
14
-
15
- ## 3. Remediation recommendations, including compensating controls / stop gaps
16
-
17
- [Fix recommendations, WAF rules, logging, etc.]
18
-
19
- ## 4. CVSS score, vector string, and first.org calculator URI
20
-
21
- **CVSS v3.1 Score:** X.X (High)
22
- **Vector:** AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
23
- **Calculator:** https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
24
-
25
- ## 5. CWE category, brief description, and CWE URI
26
-
27
- **CWE-XXX:** [Name] - [Brief desc]
28
- https://cwe.mitre.org/data/definitions/XXX.html
29
-
30
- ## 6. Relevant NIST 800-53 control
31
-
32
- **Control:** [e.g. SI-10, AC-6]
33
- [Description and how it maps.]
34
-
35
- ---
36
-
37
- *Generated with PWN::AI::Agent::VulnGen*