pwn 0.5.549 → 0.5.550

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4a49d7954811a03a2ce8a53a780306e1c9ba64274b7adc9431b1ded146f57142
-  data.tar.gz: 4a8586c914e576b038b4dc29cdd903d8d2b5f6529ff9edd28aa3b19e39e6cd14
+  metadata.gz: 2a74ded9ce97c06a9d9351d25abdb3a2a0410d5131f8e63936c6e9432c1ab56d
+  data.tar.gz: 1983a6472a848c7c33f8de30d5c355e28056c5eb847cfab77a6894ee1d98d45f
 SHA512:
-  metadata.gz: 341309e87c6e5a865e29e245b961bb6a59568ef0eaccb9d253a30a5627f7187aef65a00040409cd12a8287d5054b4aaec6e1e17c8f70ba2dcfd52e09c2c06f92
-  data.tar.gz: 5fdeed08de40e3e3fd9dd43c1d8bbc7e56d1c06ad299ab646d370a9f7f89dd478f46e2cfb1e16b4357d7c71e0bbe7a0e10b64e94cc4cbcb51e5d63d1b2c0f41c
+  metadata.gz: 9e858bf97b28a1e9a989d52d0ff92c03ed23c6134381817d56e752cf04c27e935b91ecb8283ac242acf2708fa8b075d1b4e5af33f0becad70a793a59b9e8e4f3
+  data.tar.gz: e9e07591011448b93f47289b709c3df0545808a4aeb2309ef689f9fd59d4503b7e02c99496e22ec4e34f1f86d206749fe5b57c21f9536fa519ddfebd9f28d0f9

data/Gemfile

@@ -25,11 +25,11 @@ gem 'bundler-audit', '>=0.9.3'
 gem 'bunny', '2.24.0'
 gem 'colorize', '1.1.0'
 gem 'credit_card_validations', '8.0.0'
-gem 'curses', '1.5.3'
+gem 'curses', '1.6.0'
 gem 'diffy', '3.4.4'
 gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.7.1'
-gem 'faker', '3.6.0'
+gem 'faker', '3.6.1'
 gem 'faye-websocket', '0.12.0'
 gem 'ffi', '1.17.3'
 # gem 'fftw3', '0.3'
@@ -49,8 +49,8 @@ gem 'jwt', '3.1.2'
 gem 'libusb', '0.7.2'
 gem 'luhn', '3.0.0'
 gem 'mail', '2.9.0'
-gem 'mcp', '0.7.1'
-gem 'meshtastic', '0.0.156'
+gem 'mcp', '0.8.0'
+gem 'meshtastic', '0.0.157'
 gem 'metasm', '1.0.5'
 gem 'mongo', '2.23.0'
 gem 'msfrpc-client', '1.1.2'
@@ -81,7 +81,7 @@ gem 'rmagick', '6.2.0'
 gem 'rqrcode', '3.2.0'
 gem 'rspec', '3.13.2'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.85.0'
+gem 'rubocop', '1.85.1'
 gem 'rubocop-rake', '0.7.1'
 gem 'rubocop-rspec', '3.9.0'
 gem 'ruby-audio', '1.6.1'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.549]:001 >>> PWN.help
+pwn[v0.5.550]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-4.0.1@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.549]:001 >>> PWN.help
+pwn[v0.5.550]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-4.0.1@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.549]:001 >>> PWN.help
+pwn[v0.5.550]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/ai/agent/assembly.rb

@@ -56,6 +56,12 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::Assembly.analyze(
+              request: 'required - the assembly opcodes or instructions to be analyzed',
+              type: 'required - :opcodes_to_asm|:asm_to_opcodes - specify the type of analysis to perform',
+              arch: 'required - name of arch returned from `PWN::Plugins::Assembly.list_supported_archs` (e.g., :i386|:i686|:x86|:x64|:arm|:arm64, etc.)',
+              endian: 'required - the endianness of the assembly code (e.g., :little|:big)'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/btc.rb

@@ -37,6 +37,9 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::BTC.analyze(
+              request: 'required - latest block information retrieved from a bitcoin node via `PWN::Blockchain::BTC.get_latest_block`'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/burp_suite.rb

@@ -71,6 +71,9 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::BurpSuite.analyze(
+              request: 'required HTTP request/response pair or WebSocket message as a string'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/gqrx.rb

@@ -41,6 +41,10 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::GQRX.analyze(
+              request: 'required - A string containing the signal data captured by GQRX that you want to analyze. This data should be in a format that can be interpreted by the AI for analysis, such as raw signal data, frequency information, or any relevant metadata associated with the capture.',
+              location: 'required - A string containing a city, state, country, or GPS coordinates where the signal data was captured. This information will be used to provide context for the analysis and to determine if the frequency is licensed or unlicensed based on FCC records.'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/hacker_one.rb

@@ -51,6 +51,10 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::HackerOne.analyze(
+              request: 'required - dataset to analyze, such as bounty program details, scope details, or hacktivity details'
+              type: 'required - type of analysis to perform, such as :bounty_programs, :scope_details, or :hacktivity'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/sast.rb

@@ -37,6 +37,9 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::SAST.analyze(
+              request: 'required - A string containing the source code snippet to be analyzed for SAST antipatterns and vulnerabilities.'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/transparent_browser.rb

@@ -41,6 +41,10 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = PWN::AI::Agent::TransparentBrowser.analyze(
+              request: 'required - current step in the JavaScript debugging session to analyze',
+              source_to_review: 'required - the block of JavaScript code in which the current step resides'
+            )
 
             #{self}.authors
           "

data/lib/pwn/ai/agent/vuln_gen.rb

@@ -7,15 +7,34 @@ module PWN
       module VulnGen
         # Supported Method Parameters::
         # ai_analysis = PWN::AI::Agent::VulnGen.analyze(
-        #   request: 'required - high level description of vulnerability discovered (e.g. "Discovered a SQLi vulnerability in /login"'
+        #   request: 'required - high level description of vulnerability discovered (e.g. "Discovered a SQLi vulnerability in /login"',
+        #   markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)'
         # )
 
         public_class_method def self.analyze(opts = {})
           request = opts[:request]
           raise 'ERROR: request parameter is required' if request.nil? || request.empty?
 
-          system_role_content = '
-          _ALWAYS_ Generate markdown security findings for the message provided with the following content:
+          markup_type = opts[:markup_type] ||= :jira
+
+          markup = ''
+          case markup_type
+          when :jira
+            markup = 'Jira Wiki Markup'
+          when :markdown
+            markup = 'Markdown'
+          when :html
+            markup = 'HTML'
+          when :confluence
+            markup = 'Confluence Wiki Markup'
+          when :xml
+            markup = 'XML'
+          else
+            raise "ERROR: Unsupported markup_type '#{markup_type}'. Supported types are :jira, :markdown, :html, :confluence, :xml."
+          end
+
+          system_role_content = "
+          _ALWAYS_ Generate #{markup} security findings for the message provided with the following content:
 
           1. Detailed Finding Description: This should be a deep, detailed technical description that should include exploit proof-of-concepts when possible.
 
@@ -28,7 +47,7 @@ module PWN
           5. CWE Category, Brief CWE description, and CWE URI
 
           6. NIST 800-53 Security Control that is impacted by this vulnerability.
-          '
+          "
 
           PWN::AI::Introspection.reflect_on(
             system_role_content: system_role_content,
@@ -51,6 +70,10 @@ module PWN
 
         public_class_method def self.help
           puts "USAGE:
+            ai_analysis = #{self}.analyze(
+              request: 'required - high level description of vulnerability discovered (e.g. \"Discovered a SQLi vulnerability in /login\"',
+              markup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)'
+            )
 
             #{self}.authors
           "

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.549'
+  VERSION = '0.5.550'
 end

data/third_party/pwn_rdoc.jsonl

@@ -22,7 +22,7 @@
 {"messages":[{"role":"user","content":"PWN::AI::Agent::TransparentBrowser.analyze Usage"},{"role":"assistant","content":"`PWN::AI::Agent::TransparentBrowser.analyze`: Supported Method Parameters\n\nai_analysis = PWN::AI::Agent::TransparentBrowser.analyze(\n\nrequest: 'required - current step in the JavaScript debugging session to analyze',\nsource_to_review: 'required - the block of JavaScript code in which the current step resides'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Agent::TransparentBrowser.authors Usage"},{"role":"assistant","content":"`PWN::AI::Agent::TransparentBrowser.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Agent::TransparentBrowser.help Usage"},{"role":"assistant","content":"`PWN::AI::Agent::TransparentBrowser.help`: "}]}
-{"messages":[{"role":"user","content":"PWN::AI::Agent::VulnGen.analyze Usage"},{"role":"assistant","content":"`PWN::AI::Agent::VulnGen.analyze`: Supported Method Parameters\n\nai_analysis = PWN::AI::Agent::VulnGen.analyze(\n\nrequest: 'required - high level description of vulnerability discovered (e.g. \"Discovered a SQLi vulnerability in /login\"'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::AI::Agent::VulnGen.analyze Usage"},{"role":"assistant","content":"`PWN::AI::Agent::VulnGen.analyze`: Supported Method Parameters\n\nai_analysis = PWN::AI::Agent::VulnGen.analyze(\n\nrequest: 'required - high level description of vulnerability discovered (e.g. \"Discovered a SQLi vulnerability in /login\"',\nmarkup_type: 'optional - specify the type of markup to generate :jira|:markdown|:html|:confluence|:xml (default: :jira)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Agent::VulnGen.authors Usage"},{"role":"assistant","content":"`PWN::AI::Agent::VulnGen.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::AI::Agent::VulnGen.help Usage"},{"role":"assistant","content":"`PWN::AI::Agent::VulnGen.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::AI::Grok.authors Usage"},{"role":"assistant","content":"`PWN::AI::Grok.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.549
+  version: 0.5.550
 platform: ruby
 authors:
 - 0day Inc.
@@ -211,14 +211,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.6.0
 - !ruby/object:Gem::Dependency
   name: diffy
   requirement: !ruby/object:Gem::Requirement
@@ -267,14 +267,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.6.0
+        version: 3.6.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.6.0
+        version: 3.6.1
 - !ruby/object:Gem::Dependency
   name: faye-websocket
   requirement: !ruby/object:Gem::Requirement
@@ -533,28 +533,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: meshtastic
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.156
+        version: 0.0.157
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.156
+        version: 0.0.157
 - !ruby/object:Gem::Dependency
   name: metasm
   requirement: !ruby/object:Gem::Requirement
@@ -981,14 +981,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.85.0
+        version: 1.85.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.85.0
+        version: 1.85.1
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement