@pensar/apex 1.2.0 → 1.3.0-canary.c0b95df3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/{agent-hv2vnw37.js → agent-97m7tkpf.js} +12 -10
- package/build/agent-t7x2rptx.js +19 -0
- package/build/{auth-aj10f99d.js → auth-qqbaj612.js} +4 -4
- package/build/{authentication-90mvv4kd.js → authentication-zhr4zdds.js} +9 -7
- package/build/blackboxAgent-p9d9457p.js +19 -0
- package/build/{blackboxPentest-prq8qrhc.js → blackboxPentest-tvmjsvap.js} +14 -13
- package/build/{cli-33rkyxds.js → cli-0fy9j5dw.js} +2 -2
- package/build/cli-0ghkg3w6.js +20780 -0
- package/build/{cli-ypxq76sm.js → cli-2ja75dsz.js} +4 -3
- package/build/{cli-3sg681re.js → cli-2sq2kqh1.js} +2 -2
- package/build/{cli-t0am6nqt.js → cli-3fn6d4pt.js} +1 -1
- package/build/{cli-dvsj2p1x.js → cli-3h1t6f9h.js} +10963 -745
- package/build/{cli-qaaesy26.js → cli-3zrry4dg.js} +3 -1
- package/build/{cli-1rz3jys3.js → cli-9969518r.js} +1 -1
- package/build/{cli-q43w92k5.js → cli-dzzf9m5e.js} +5 -3
- package/build/{cli-erp6djfj.js → cli-jzahge97.js} +11 -9
- package/build/{cli-s43zrc3b.js → cli-pyf1ftj8.js} +3353 -24027
- package/build/{cli-avnfgjhs.js → cli-q9zgbdpc.js} +3 -3
- package/build/{cli-gqphezya.js → cli-thtbxsva.js} +3 -2
- package/build/{cli-4m9f65ze.js → cli-vekv219j.js} +1 -1
- package/build/{cli-720fdbrk.js → cli-y9kk9q6n.js} +1 -1
- package/build/{cli-2mnefwqh.js → cli-z7ejvarb.js} +1 -1
- package/build/cli.js +128 -23
- package/build/{fixes-g7b34fs5.js → fixes-aa6jd5kg.js} +4 -4
- package/build/{index-fds2qfsc.js → index-bmtt83ar.js} +54 -11
- package/build/index-dw1xbhfn.js +12268 -0
- package/build/{index-cpj7zx72.js → index-hafgteqb.js} +853 -141
- package/build/index-hpe2h5a7.js +32 -0
- package/build/{index-9j9dqpdd.js → index-rm972wnm.js} +4 -4
- package/build/{index-ftdt7ktr.js → index-y13qss6f.js} +2 -2
- package/build/{issues-tecf6w97.js → issues-4j7jvbrq.js} +4 -4
- package/build/{logs-5qwr98mr.js → logs-wraftaa2.js} +4 -4
- package/build/offesecAgent-h8pa499d.js +26 -0
- package/build/pentest-1xxbxewz.js +29 -0
- package/build/{pentests-bsh9ht7r.js → pentests-tfkjrsh9.js} +4 -4
- package/build/{projects-zkw40bda.js → projects-q06fynf8.js} +4 -4
- package/build/{targetedPentest-6qpsqdx5.js → targetedPentest-d7cbc8c4.js} +9 -8
- package/build/{threatModel-g0azznnt.js → threatModel-z7ej9gye.js} +9 -8
- package/build/{uninstall-0yjhkdk3.js → uninstall-vdwpn0d5.js} +1 -1
- package/package.json +3 -1
- package/build/agent-jkr50v3q.js +0 -18
- package/build/blackboxAgent-f2y66hex.js +0 -18
- package/build/pentest-5p1ahtr6.js +0 -28
|
@@ -2,11 +2,11 @@ import {
|
|
|
2
2
|
CweEntrySchema,
|
|
3
3
|
ValidatedCweEntrySchema,
|
|
4
4
|
hasCanonicalName
|
|
5
|
-
} from "./cli-
|
|
5
|
+
} from "./cli-3h1t6f9h.js";
|
|
6
6
|
import {
|
|
7
|
-
exports_external,
|
|
7
|
+
exports_external1 as exports_external,
|
|
8
8
|
init_zod
|
|
9
|
-
} from "./cli-
|
|
9
|
+
} from "./cli-0ghkg3w6.js";
|
|
10
10
|
|
|
11
11
|
// src/core/report/schemas.ts
|
|
12
12
|
init_zod();
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import {
|
|
2
2
|
OffensiveSecurityAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-3h1t6f9h.js";
|
|
4
4
|
import {
|
|
5
5
|
detectOSAndEnhancePrompt
|
|
6
6
|
} from "./cli-tp1tqn3k.js";
|
|
7
7
|
import {
|
|
8
8
|
hasToolCall,
|
|
9
9
|
stepCountIs
|
|
10
|
-
} from "./cli-
|
|
10
|
+
} from "./cli-pyf1ftj8.js";
|
|
11
11
|
|
|
12
12
|
// src/core/agents/specialized/attackSurface/blackboxAgent.ts
|
|
13
13
|
import { join } from "path";
|
|
@@ -431,6 +431,7 @@ class BlackboxAttackSurfaceAgent extends OffensiveSecurityAgent {
|
|
|
431
431
|
"email_list_messages",
|
|
432
432
|
"email_search_messages",
|
|
433
433
|
"email_get_message",
|
|
434
|
+
"send_email",
|
|
434
435
|
"web_search",
|
|
435
436
|
"get_page"
|
|
436
437
|
],
|
package/build/cli.js
CHANGED
|
@@ -6,16 +6,17 @@ import {
|
|
|
6
6
|
import"./cli-3y0dgy56.js";
|
|
7
7
|
import {
|
|
8
8
|
init_toolset
|
|
9
|
-
} from "./cli-
|
|
9
|
+
} from "./cli-pyf1ftj8.js";
|
|
10
10
|
import {
|
|
11
11
|
init_models
|
|
12
12
|
} from "./cli-03z6pswp.js";
|
|
13
|
-
import"./cli-
|
|
14
|
-
import"./cli-
|
|
15
|
-
import"./cli-
|
|
13
|
+
import"./cli-0ghkg3w6.js";
|
|
14
|
+
import"./cli-y9kk9q6n.js";
|
|
15
|
+
import"./cli-z7ejvarb.js";
|
|
16
|
+
import"./cli-9969518r.js";
|
|
16
17
|
import {
|
|
17
18
|
package_default
|
|
18
|
-
} from "./cli-
|
|
19
|
+
} from "./cli-3zrry4dg.js";
|
|
19
20
|
import"./cli-gpnb45ck.js";
|
|
20
21
|
import {
|
|
21
22
|
__require,
|
|
@@ -24,7 +25,7 @@ import {
|
|
|
24
25
|
// package.json
|
|
25
26
|
var package_default2 = {
|
|
26
27
|
name: "@pensar/apex",
|
|
27
|
-
version: "1.
|
|
28
|
+
version: "1.3.0-canary.c0b95df3",
|
|
28
29
|
description: "AI-powered penetration testing CLI tool with terminal UI",
|
|
29
30
|
module: "src/tui/index.tsx",
|
|
30
31
|
main: "build/cli.js",
|
|
@@ -89,6 +90,7 @@ var package_default2 = {
|
|
|
89
90
|
"@eslint/js": "^10.0.1",
|
|
90
91
|
"@types/bun": "^1.3.0",
|
|
91
92
|
"@types/mailparser": "^3.4.6",
|
|
93
|
+
"@types/nodemailer": "^8.0.0",
|
|
92
94
|
"@types/react": "^19.2.6",
|
|
93
95
|
"@typescript-eslint/eslint-plugin": "^8.55.0",
|
|
94
96
|
"@typescript-eslint/parser": "^8.55.0",
|
|
@@ -127,6 +129,7 @@ var package_default2 = {
|
|
|
127
129
|
mailparser: "^3.9.3",
|
|
128
130
|
marked: "^16.4.0",
|
|
129
131
|
nanoid: "^5.1.6",
|
|
132
|
+
nodemailer: "^8.0.7",
|
|
130
133
|
"p-limit": "^7.2.0",
|
|
131
134
|
react: "^19.2.0",
|
|
132
135
|
sharp: "^0.34.4",
|
|
@@ -496,6 +499,7 @@ function showHelp() {
|
|
|
496
499
|
|
|
497
500
|
Usage:
|
|
498
501
|
pensar Launch the TUI
|
|
502
|
+
pensar -p <prompt> Start an operator session with a prompt
|
|
499
503
|
pensar pentest [options] Run a full pentest orchestration
|
|
500
504
|
pensar targeted-pentest [options] Run a targeted pentest on a single target
|
|
501
505
|
pensar threat-model [options] Generate application-centric threat model
|
|
@@ -511,6 +515,11 @@ Usage:
|
|
|
511
515
|
pensar help Show this help message
|
|
512
516
|
pensar version Show version number
|
|
513
517
|
|
|
518
|
+
operator options (-p):
|
|
519
|
+
-p, --prompt <text|@file> (required) Prompt for the operator agent
|
|
520
|
+
--target <url> Target URL / domain / IP
|
|
521
|
+
--model <model> AI model (default: claude-sonnet-4-5)
|
|
522
|
+
|
|
514
523
|
pentest options:
|
|
515
524
|
--target <url> (required) Target URL / domain / IP
|
|
516
525
|
--cwd <path> Source code path \u2014 enables whitebox attack surface
|
|
@@ -541,9 +550,9 @@ Global options:
|
|
|
541
550
|
async function runPentest() {
|
|
542
551
|
const { config: config2 } = await import("./main-3d7dfdvs.js").then((m)=>__toESM(m.default,1));
|
|
543
552
|
config2();
|
|
544
|
-
const { runPentestAgent } = await import("./blackboxPentest-
|
|
545
|
-
const { sessions } = await import("./index-
|
|
546
|
-
const { config: appConfig } = await import("./index-
|
|
553
|
+
const { runPentestAgent } = await import("./blackboxPentest-tvmjsvap.js");
|
|
554
|
+
const { sessions } = await import("./index-bmtt83ar.js");
|
|
555
|
+
const { config: appConfig } = await import("./index-y13qss6f.js");
|
|
547
556
|
const { getDefaultModelForConfig } = await import("./utils-8yqe12jr.js");
|
|
548
557
|
const target = getArgRequired("--target");
|
|
549
558
|
const cwd = getArg("--cwd");
|
|
@@ -609,9 +618,9 @@ Report: ${reportPath}` : ""}`);
|
|
|
609
618
|
async function runTargetedPentest() {
|
|
610
619
|
const { config: config2 } = await import("./main-3d7dfdvs.js").then((m)=>__toESM(m.default,1));
|
|
611
620
|
config2();
|
|
612
|
-
const { runTargetedPentestAgent } = await import("./targetedPentest-
|
|
613
|
-
const { sessions } = await import("./index-
|
|
614
|
-
const { config: appConfig } = await import("./index-
|
|
621
|
+
const { runTargetedPentestAgent } = await import("./targetedPentest-d7cbc8c4.js");
|
|
622
|
+
const { sessions } = await import("./index-bmtt83ar.js");
|
|
623
|
+
const { config: appConfig } = await import("./index-y13qss6f.js");
|
|
615
624
|
const { getDefaultModelForConfig } = await import("./utils-8yqe12jr.js");
|
|
616
625
|
const target = getArgRequired("--target");
|
|
617
626
|
const objectives = getAllArgs("--objective");
|
|
@@ -661,8 +670,8 @@ POCs: ${pocsPath}`);
|
|
|
661
670
|
async function runThreatModel() {
|
|
662
671
|
const { config: config2 } = await import("./main-3d7dfdvs.js").then((m)=>__toESM(m.default,1));
|
|
663
672
|
config2();
|
|
664
|
-
const { runThreatModelWorkflow } = await import("./threatModel-
|
|
665
|
-
const { config: appConfig } = await import("./index-
|
|
673
|
+
const { runThreatModelWorkflow } = await import("./threatModel-z7ej9gye.js");
|
|
674
|
+
const { config: appConfig } = await import("./index-y13qss6f.js");
|
|
666
675
|
const { getDefaultModelForConfig } = await import("./utils-8yqe12jr.js");
|
|
667
676
|
const path = await import("path");
|
|
668
677
|
const pensarConfig = await appConfig.get();
|
|
@@ -697,6 +706,100 @@ COMPLETE
|
|
|
697
706
|
${sep}
|
|
698
707
|
Threat model written to: ${resolvedPath}`);
|
|
699
708
|
}
|
|
709
|
+
async function runOperator() {
|
|
710
|
+
const { config: config2 } = await import("./main-3d7dfdvs.js").then((m)=>__toESM(m.default,1));
|
|
711
|
+
config2();
|
|
712
|
+
const { runOffensiveSecurityAgent } = await import("./offesecAgent-h8pa499d.js");
|
|
713
|
+
const { sessions, normalizeMessages, getResumeMessages } = await import("./index-bmtt83ar.js");
|
|
714
|
+
const { ALL_TOOL_NAMES, SKILL_TOOL_NAMES } = await import("./index-hpe2h5a7.js");
|
|
715
|
+
const { config: appConfig } = await import("./index-y13qss6f.js");
|
|
716
|
+
const { getDefaultModelForConfig } = await import("./utils-8yqe12jr.js");
|
|
717
|
+
const { createInterface } = await import("readline");
|
|
718
|
+
const { readFileSync: readFileSync2, existsSync } = await import("fs");
|
|
719
|
+
const path = await import("path");
|
|
720
|
+
const { stepCountIs } = await import("./index-dw1xbhfn.js");
|
|
721
|
+
const promptRaw = getArg("-p") ?? getArg("--prompt");
|
|
722
|
+
if (!promptRaw) {
|
|
723
|
+
console.error("Error: -p <prompt> is required");
|
|
724
|
+
process.exit(1);
|
|
725
|
+
}
|
|
726
|
+
const prompt = resolveFlagValue(promptRaw);
|
|
727
|
+
const target = getArg("--target");
|
|
728
|
+
const pensarConfig = await appConfig.get();
|
|
729
|
+
const dynamicDefault = getDefaultModelForConfig(pensarConfig)?.id ?? "claude-sonnet-4-5";
|
|
730
|
+
const model = getArg("--model") ?? dynamicDefault;
|
|
731
|
+
const sep = "\u2500".repeat(60);
|
|
732
|
+
console.log(`${sep}
|
|
733
|
+
OPERATOR SESSION
|
|
734
|
+
${sep}
|
|
735
|
+
Model: ${model}${target ? `
|
|
736
|
+
Target: ${target}` : ""}
|
|
737
|
+
${sep}
|
|
738
|
+
`);
|
|
739
|
+
const session = await sessions.create({
|
|
740
|
+
name: "Operator Session",
|
|
741
|
+
targets: target ? [target] : [],
|
|
742
|
+
config: {
|
|
743
|
+
mode: "operator",
|
|
744
|
+
agentCwd: process.cwd(),
|
|
745
|
+
operatorSettings: {
|
|
746
|
+
initialMode: "auto",
|
|
747
|
+
requireApproval: false,
|
|
748
|
+
enableSuggestions: false
|
|
749
|
+
}
|
|
750
|
+
}
|
|
751
|
+
});
|
|
752
|
+
const { bus, cleanup: wandbCleanup } = await createInstrumentedBus(session);
|
|
753
|
+
let currentPrompt = prompt;
|
|
754
|
+
let messages;
|
|
755
|
+
const rl = createInterface({
|
|
756
|
+
input: process.stdin,
|
|
757
|
+
output: process.stdout
|
|
758
|
+
});
|
|
759
|
+
const askFollowUp = () => new Promise((resolve2) => {
|
|
760
|
+
process.stdout.write(`
|
|
761
|
+
${sep}
|
|
762
|
+
`);
|
|
763
|
+
rl.question("follow-up (empty to exit): ", (answer) => {
|
|
764
|
+
const trimmed = answer.trim();
|
|
765
|
+
resolve2(trimmed || null);
|
|
766
|
+
});
|
|
767
|
+
});
|
|
768
|
+
try {
|
|
769
|
+
for (;; ) {
|
|
770
|
+
await runOffensiveSecurityAgent({
|
|
771
|
+
prompt: currentPrompt,
|
|
772
|
+
model,
|
|
773
|
+
target,
|
|
774
|
+
activeTools: [...ALL_TOOL_NAMES, ...SKILL_TOOL_NAMES],
|
|
775
|
+
stopWhen: stepCountIs(1e4),
|
|
776
|
+
authConfig: buildAuthConfig(pensarConfig),
|
|
777
|
+
eventBus: bus,
|
|
778
|
+
session,
|
|
779
|
+
messages
|
|
780
|
+
});
|
|
781
|
+
const messagesPath = path.join(session.rootPath, "messages.json");
|
|
782
|
+
if (existsSync(messagesPath)) {
|
|
783
|
+
const raw = JSON.parse(readFileSync2(messagesPath, "utf-8"));
|
|
784
|
+
const allMessages = Array.isArray(raw) ? raw : [];
|
|
785
|
+
messages = normalizeMessages(getResumeMessages(allMessages));
|
|
786
|
+
}
|
|
787
|
+
const followUp = await askFollowUp();
|
|
788
|
+
if (!followUp)
|
|
789
|
+
break;
|
|
790
|
+
currentPrompt = followUp;
|
|
791
|
+
messages = normalizeMessages([
|
|
792
|
+
...messages ?? [],
|
|
793
|
+
{ role: "user", content: followUp }
|
|
794
|
+
]);
|
|
795
|
+
}
|
|
796
|
+
} finally {
|
|
797
|
+
rl.close();
|
|
798
|
+
await wandbCleanup();
|
|
799
|
+
}
|
|
800
|
+
console.log(`
|
|
801
|
+
Session: ${session.rootPath}`);
|
|
802
|
+
}
|
|
700
803
|
async function runUpgrade2() {
|
|
701
804
|
const currentVersion = getCurrentVersion();
|
|
702
805
|
console.log(`Current version: v${currentVersion}
|
|
@@ -706,7 +809,9 @@ Checking for updates...`);
|
|
|
706
809
|
${result.message}`);
|
|
707
810
|
process.exit(result.success ? 0 : 1);
|
|
708
811
|
}
|
|
709
|
-
if (
|
|
812
|
+
if (hasFlag("-p") || command === "--prompt") {
|
|
813
|
+
await runOperator();
|
|
814
|
+
} else if (command === "version" || command === "--version" || command === "-v") {
|
|
710
815
|
console.log(`v${version}`);
|
|
711
816
|
} else if (command === "help" || command === "--help" || command === "-h") {
|
|
712
817
|
showHelp();
|
|
@@ -718,25 +823,25 @@ if (command === "version" || command === "--version" || command === "-v") {
|
|
|
718
823
|
await runTargetedPentest();
|
|
719
824
|
} else if (command === "login" || command === "auth") {
|
|
720
825
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
721
|
-
await import("./auth-
|
|
826
|
+
await import("./auth-qqbaj612.js");
|
|
722
827
|
} else if (command === "uninstall") {
|
|
723
828
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
724
|
-
await import("./uninstall-
|
|
829
|
+
await import("./uninstall-vdwpn0d5.js");
|
|
725
830
|
} else if (command === "projects") {
|
|
726
831
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
727
|
-
await import("./projects-
|
|
832
|
+
await import("./projects-q06fynf8.js");
|
|
728
833
|
} else if (command === "pentests") {
|
|
729
834
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
730
|
-
await import("./pentests-
|
|
835
|
+
await import("./pentests-tfkjrsh9.js");
|
|
731
836
|
} else if (command === "issues") {
|
|
732
837
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
733
|
-
await import("./issues-
|
|
838
|
+
await import("./issues-4j7jvbrq.js");
|
|
734
839
|
} else if (command === "fixes") {
|
|
735
840
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
736
|
-
await import("./fixes-
|
|
841
|
+
await import("./fixes-aa6jd5kg.js");
|
|
737
842
|
} else if (command === "logs") {
|
|
738
843
|
process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
|
|
739
|
-
await import("./logs-
|
|
844
|
+
await import("./logs-wraftaa2.js");
|
|
740
845
|
} else if (command === "threat-model") {
|
|
741
846
|
await runThreatModel();
|
|
742
847
|
} else if (command === "doctor") {
|
|
@@ -748,7 +853,7 @@ if (command === "version" || command === "--version" || command === "-v") {
|
|
|
748
853
|
console.error("All other commands work with Node \u2014 run 'pensar --help'.");
|
|
749
854
|
process.exit(1);
|
|
750
855
|
}
|
|
751
|
-
await import("./index-
|
|
856
|
+
await import("./index-hafgteqb.js");
|
|
752
857
|
} else {
|
|
753
858
|
console.error(`Error: Unknown command '${command}'`);
|
|
754
859
|
console.error();
|
|
@@ -2,10 +2,10 @@
|
|
|
2
2
|
import {
|
|
3
3
|
getFix,
|
|
4
4
|
listFixes
|
|
5
|
-
} from "./cli-
|
|
6
|
-
import"./cli-
|
|
7
|
-
import"./cli-
|
|
8
|
-
import"./cli-
|
|
5
|
+
} from "./cli-vekv219j.js";
|
|
6
|
+
import"./cli-z7ejvarb.js";
|
|
7
|
+
import"./cli-9969518r.js";
|
|
8
|
+
import"./cli-3zrry4dg.js";
|
|
9
9
|
import"./cli-8rxa073f.js";
|
|
10
10
|
|
|
11
11
|
// src/cli/fixes.ts
|
|
@@ -13,22 +13,24 @@ import {
|
|
|
13
13
|
update,
|
|
14
14
|
write,
|
|
15
15
|
writeRaw
|
|
16
|
-
} from "./cli-
|
|
16
|
+
} from "./cli-dzzf9m5e.js";
|
|
17
17
|
import {
|
|
18
18
|
ToolsetStateSchema,
|
|
19
19
|
exports_toolset,
|
|
20
20
|
init_toolset,
|
|
21
|
+
toggleTool
|
|
22
|
+
} from "./cli-pyf1ftj8.js";
|
|
23
|
+
import"./cli-03z6pswp.js";
|
|
24
|
+
import {
|
|
21
25
|
init_zod,
|
|
22
|
-
toggleTool,
|
|
23
26
|
zod_default
|
|
24
|
-
} from "./cli-
|
|
25
|
-
import"./cli-
|
|
26
|
-
import"./cli-
|
|
27
|
-
import"./cli-
|
|
28
|
-
import"./cli-1rz3jys3.js";
|
|
27
|
+
} from "./cli-0ghkg3w6.js";
|
|
28
|
+
import"./cli-y9kk9q6n.js";
|
|
29
|
+
import"./cli-z7ejvarb.js";
|
|
30
|
+
import"./cli-9969518r.js";
|
|
29
31
|
import {
|
|
30
32
|
getCurrentVersion
|
|
31
|
-
} from "./cli-
|
|
33
|
+
} from "./cli-3zrry4dg.js";
|
|
32
34
|
import"./cli-gpnb45ck.js";
|
|
33
35
|
import {
|
|
34
36
|
__require,
|
|
@@ -113,6 +115,45 @@ var EmailInboxConfigObject = zod_default.discriminatedUnion("provider", [
|
|
|
113
115
|
var EmailIntegrationConfigObject = zod_default.object({
|
|
114
116
|
inboxes: zod_default.array(EmailInboxConfigObject)
|
|
115
117
|
});
|
|
118
|
+
var SmtpConfigObject = zod_default.object({
|
|
119
|
+
host: zod_default.string(),
|
|
120
|
+
port: zod_default.number(),
|
|
121
|
+
username: zod_default.string(),
|
|
122
|
+
password: zod_default.string(),
|
|
123
|
+
tls: zod_default.boolean().default(true),
|
|
124
|
+
fromAddress: zod_default.string().optional()
|
|
125
|
+
});
|
|
126
|
+
function resolveSmtpConfig(explicit) {
|
|
127
|
+
if (explicit)
|
|
128
|
+
return explicit;
|
|
129
|
+
const fromAddress = process.env.OUTBOUND_EMAIL;
|
|
130
|
+
const resendKey = process.env.RESEND_API_KEY;
|
|
131
|
+
if (resendKey) {
|
|
132
|
+
return {
|
|
133
|
+
host: "smtp.resend.com",
|
|
134
|
+
port: 465,
|
|
135
|
+
username: "resend",
|
|
136
|
+
password: resendKey,
|
|
137
|
+
tls: true,
|
|
138
|
+
fromAddress
|
|
139
|
+
};
|
|
140
|
+
}
|
|
141
|
+
const host = process.env.SMTP_HOST;
|
|
142
|
+
const port = process.env.SMTP_PORT;
|
|
143
|
+
const username = process.env.SMTP_USERNAME;
|
|
144
|
+
const password = process.env.SMTP_PASSWORD;
|
|
145
|
+
if (host && port && username && password) {
|
|
146
|
+
return {
|
|
147
|
+
host,
|
|
148
|
+
port: parseInt(port, 10),
|
|
149
|
+
username,
|
|
150
|
+
password,
|
|
151
|
+
tls: process.env.SMTP_TLS !== "false",
|
|
152
|
+
fromAddress
|
|
153
|
+
};
|
|
154
|
+
}
|
|
155
|
+
return;
|
|
156
|
+
}
|
|
116
157
|
var SessionConfigObject = zod_default.object({
|
|
117
158
|
offensiveHeaders: OffensiveHeadersConfigObject.optional(),
|
|
118
159
|
sessionType: zod_default.enum(["web-app"]).optional(),
|
|
@@ -127,6 +168,7 @@ var SessionConfigObject = zod_default.object({
|
|
|
127
168
|
enumerateSubdomains: zod_default.boolean().optional(),
|
|
128
169
|
codebasePath: zod_default.string().optional(),
|
|
129
170
|
emailIntegration: EmailIntegrationConfigObject.optional(),
|
|
171
|
+
smtpConfig: SmtpConfigObject.optional(),
|
|
130
172
|
exfilMode: zod_default.boolean().optional(),
|
|
131
173
|
agentCwd: zod_default.string().optional(),
|
|
132
174
|
prompt: zod_default.string().optional(),
|
|
@@ -238,6 +280,7 @@ async function create(input) {
|
|
|
238
280
|
credentialManager.addFromAuthCredentials(cred);
|
|
239
281
|
}
|
|
240
282
|
}
|
|
283
|
+
const smtpConfig = resolveSmtpConfig(input.config?.smtpConfig);
|
|
241
284
|
const result = {
|
|
242
285
|
id,
|
|
243
286
|
version: getCurrentVersion(),
|
|
@@ -256,7 +299,8 @@ async function create(input) {
|
|
|
256
299
|
"User-Agent": "pensar-apex"
|
|
257
300
|
}
|
|
258
301
|
},
|
|
259
|
-
outcomeGuidance: input.config?.outcomeGuidance || (input.config?.exfilMode ? EXFIL_OUTCOME_GUIDANCE : DEFAULT_OUTCOME_GUIDANCE)
|
|
302
|
+
outcomeGuidance: input.config?.outcomeGuidance || (input.config?.exfilMode ? EXFIL_OUTCOME_GUIDANCE : DEFAULT_OUTCOME_GUIDANCE),
|
|
303
|
+
smtpConfig
|
|
260
304
|
},
|
|
261
305
|
_rateLimiter: rateLimiter,
|
|
262
306
|
credentialManager,
|
|
@@ -266,7 +310,6 @@ async function create(input) {
|
|
|
266
310
|
scratchpadPath,
|
|
267
311
|
findingsPath
|
|
268
312
|
};
|
|
269
|
-
console.info("created session", result);
|
|
270
313
|
const { _rateLimiter, credentialManager: _cm, ...sessionData } = result;
|
|
271
314
|
await createSessionDirs({ session: result });
|
|
272
315
|
await write(["sessions", result.id, "session"], sessionData);
|
|
@@ -305,7 +348,6 @@ async function update2(id, editor) {
|
|
|
305
348
|
editor(draft);
|
|
306
349
|
draft.time.updated = Date.now();
|
|
307
350
|
});
|
|
308
|
-
console.info("updated session", result);
|
|
309
351
|
return result;
|
|
310
352
|
}
|
|
311
353
|
async function* list() {
|
|
@@ -519,6 +561,7 @@ export {
|
|
|
519
561
|
toggleTool2 as toggleTool,
|
|
520
562
|
sessions,
|
|
521
563
|
sessionPath,
|
|
564
|
+
resolveSmtpConfig,
|
|
522
565
|
removeMessage,
|
|
523
566
|
remove2 as remove,
|
|
524
567
|
normalizeMessages,
|