@pensar/apex 1.8.0-canary.f7c8ff3e → 1.8.0-canary.f810a2c3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/agent-fkv66gpy.js +22 -0
- package/build/agent-zrjc8m6s.js +20 -0
- package/build/apps-7bde5d34.js +454 -0
- package/build/{auth-rj8q2w74.js → auth-2eyk738q.js} +28 -8
- package/build/authentication-hqneefhs.js +20 -0
- package/build/blackboxAgent-gmcc6320.js +20 -0
- package/build/{blackboxPentest-dx3d79th.js → blackboxPentest-ztjj3q4y.js} +16 -16
- package/build/{cli-yp2tv6ff.js → cli-1vqseayr.js} +589 -33
- package/build/{cli-0ghkg3w6.js → cli-2sdqzmg5.js} +19345 -19056
- package/build/cli-319h88b8.js +20 -0
- package/build/cli-4v2c92ha.js +19 -0
- package/build/{cli-z9dwszwd.js → cli-70g8wmtx.js} +100521 -105523
- package/build/{cli-eagjcp7v.js → cli-75gknttk.js} +956 -282
- package/build/cli-9fsre5pt.js +0 -0
- package/build/{cli-rs7t70an.js → cli-hzbhb0dn.js} +125 -3
- package/build/{cli-tp1tqn3k.js → cli-mswm4k81.js} +1 -1
- package/build/{cli-jv0h5hac.js → cli-nx4crew0.js} +15 -7
- package/build/{cli-fqfe5wbr.js → cli-p0a8qssm.js} +35274 -33648
- package/build/{cli-822v98q8.js → cli-snrgdygv.js} +6 -2
- package/build/cli-tggr2sf7.js +196 -0
- package/build/{cli-ka8qv8tp.js → cli-vjg9pdxh.js} +206 -65
- package/build/{cli-e1zjtcc7.js → cli-w4dn16dw.js} +6 -4
- package/build/{cli-snwgf8q3.js → cli-w9b9bxnr.js} +241 -248
- package/build/{authentication-yhmwkjhp.js → cli-wb34w94p.js} +8 -17
- package/build/{cli-yp2w007x.js → cli-wdwbvry5.js} +105 -34
- package/build/cli.js +276 -273
- package/build/{doctor-8tva8j99.js → doctor-2bkpddws.js} +1 -1
- package/build/{fixes-6bfstahp.js → fixes-fpe4vvdd.js} +21 -4
- package/build/{index-51cngprf.js → index-6f2m013x.js} +8 -11
- package/build/index-dsp47qvj.js +44 -0
- package/build/{index-rkvbgyt0.js → index-k5q0z1nv.js} +18762 -18993
- package/build/index-p4rqyd1j.js +181 -0
- package/build/{index-9xtwf650.js → index-p5knbtqm.js} +17 -105
- package/build/{index-dw1xbhfn.js → index-yvafffn2.js} +161 -26
- package/build/{index-y32s5k54.js → index-zk8d5e8m.js} +4 -2
- package/build/{issues-zgd7bs06.js → issues-mayqdnn9.js} +21 -4
- package/build/{logs-35qk67v4.js → logs-z9z6mtxd.js} +21 -4
- package/build/{main-3d7dfdvs.js → main-3zneyg7p.js} +93 -17
- package/build/{offesecAgent-nc52q0j7.js → offesecAgent-9rfs295w.js} +11 -10
- package/build/pentest-8fpxcpc1.js +29 -0
- package/build/{pentests-3tjvtpmp.js → pentests-fs2vhkw4.js} +21 -4
- package/build/{projects-7p8hcf2c.js → projects-jt5kks4b.js} +21 -4
- package/build/{targetedPentest-z724z75y.js → targetedPentest-acez37zy.js} +12 -11
- package/build/threatModel-k9288v97.js +27 -0
- package/build/{uninstall-zc820sd7.js → uninstall-957g54rc.js} +6 -4
- package/build/{utils-418twev8.js → utils-knrkdnk8.js} +11 -9
- package/package.json +80 -84
- package/build/agent-4r0sgscr.js +0 -138
- package/build/agent-rah3sk0j.js +0 -19
- package/build/blackboxAgent-7tfb1dae.js +0 -19
- package/build/cli-65nv7gcz.js +0 -645
- package/build/cli-6yx91h46.js +0 -103
- package/build/cli-6zj1m6s6.js +0 -191
- package/build/cli-bhh5fm4h.js +0 -110
- package/build/cli-hjc1pbs8.js +0 -1486
- package/build/index-qm9g7cdg.js +0 -32
- package/build/pentest-vbf4hp1t.js +0 -29
- package/build/threatModel-1hmzze5z.js +0 -67
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import {
|
|
2
|
+
TargetedPentestAgent,
|
|
3
|
+
buildPentestSystemPrompt
|
|
4
|
+
} from "./cli-wdwbvry5.js";
|
|
5
|
+
import"./cli-9fsre5pt.js";
|
|
6
|
+
import"./cli-70g8wmtx.js";
|
|
7
|
+
import"./cli-mswm4k81.js";
|
|
8
|
+
import"./cli-w9b9bxnr.js";
|
|
9
|
+
import"./cli-3y0dgy56.js";
|
|
10
|
+
import"./cli-319h88b8.js";
|
|
11
|
+
import"./cli-4v2c92ha.js";
|
|
12
|
+
import"./cli-p0a8qssm.js";
|
|
13
|
+
import"./cli-vjg9pdxh.js";
|
|
14
|
+
import"./cli-2sdqzmg5.js";
|
|
15
|
+
import"./cli-gpnb45ck.js";
|
|
16
|
+
import"./cli-nx4crew0.js";
|
|
17
|
+
import"./cli-tggr2sf7.js";
|
|
18
|
+
import"./cli-8rxa073f.js";
|
|
19
|
+
export {
|
|
20
|
+
buildPentestSystemPrompt,
|
|
21
|
+
TargetedPentestAgent
|
|
22
|
+
};
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import {
|
|
2
|
+
CodeAgent
|
|
3
|
+
} from "./cli-snrgdygv.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-70g8wmtx.js";
|
|
6
|
+
import"./cli-mswm4k81.js";
|
|
7
|
+
import"./cli-w9b9bxnr.js";
|
|
8
|
+
import"./cli-3y0dgy56.js";
|
|
9
|
+
import"./cli-319h88b8.js";
|
|
10
|
+
import"./cli-4v2c92ha.js";
|
|
11
|
+
import"./cli-p0a8qssm.js";
|
|
12
|
+
import"./cli-vjg9pdxh.js";
|
|
13
|
+
import"./cli-2sdqzmg5.js";
|
|
14
|
+
import"./cli-gpnb45ck.js";
|
|
15
|
+
import"./cli-nx4crew0.js";
|
|
16
|
+
import"./cli-tggr2sf7.js";
|
|
17
|
+
import"./cli-8rxa073f.js";
|
|
18
|
+
export {
|
|
19
|
+
CodeAgent
|
|
20
|
+
};
|
|
@@ -0,0 +1,454 @@
|
|
|
1
|
+
#!/usr/bin/env bun
|
|
2
|
+
import {
|
|
3
|
+
createApp,
|
|
4
|
+
createEndpoint,
|
|
5
|
+
deleteApp,
|
|
6
|
+
deleteEndpoint,
|
|
7
|
+
getApp,
|
|
8
|
+
getEndpoint,
|
|
9
|
+
listApps,
|
|
10
|
+
listEndpoints,
|
|
11
|
+
searchApps,
|
|
12
|
+
searchEndpoints,
|
|
13
|
+
updateApp,
|
|
14
|
+
updateEndpoint
|
|
15
|
+
} from "./cli-1vqseayr.js";
|
|
16
|
+
import"./cli-75gknttk.js";
|
|
17
|
+
import"./cli-snrgdygv.js";
|
|
18
|
+
import"./cli-hzbhb0dn.js";
|
|
19
|
+
import"./cli-w4dn16dw.js";
|
|
20
|
+
import"./cli-wdwbvry5.js";
|
|
21
|
+
import"./cli-fw5r7pfj.js";
|
|
22
|
+
import"./cli-wb34w94p.js";
|
|
23
|
+
import"./cli-9fsre5pt.js";
|
|
24
|
+
import"./cli-70g8wmtx.js";
|
|
25
|
+
import"./cli-mswm4k81.js";
|
|
26
|
+
import"./cli-w9b9bxnr.js";
|
|
27
|
+
import"./cli-3y0dgy56.js";
|
|
28
|
+
import"./cli-319h88b8.js";
|
|
29
|
+
import"./cli-4v2c92ha.js";
|
|
30
|
+
import"./cli-p0a8qssm.js";
|
|
31
|
+
import"./cli-vjg9pdxh.js";
|
|
32
|
+
import"./cli-2sdqzmg5.js";
|
|
33
|
+
import"./cli-gpnb45ck.js";
|
|
34
|
+
import"./cli-nx4crew0.js";
|
|
35
|
+
import"./cli-tggr2sf7.js";
|
|
36
|
+
import"./cli-8rxa073f.js";
|
|
37
|
+
|
|
38
|
+
// src/cli/apps.ts
|
|
39
|
+
var APPLICATION_TYPES = [
|
|
40
|
+
"ui",
|
|
41
|
+
"api-service",
|
|
42
|
+
"web-application",
|
|
43
|
+
"full-stack",
|
|
44
|
+
"domain",
|
|
45
|
+
"subdomain",
|
|
46
|
+
"database",
|
|
47
|
+
"cloud-resource",
|
|
48
|
+
"storage"
|
|
49
|
+
];
|
|
50
|
+
var ENDPOINT_TYPES = [
|
|
51
|
+
"api-endpoint",
|
|
52
|
+
"web-endpoint",
|
|
53
|
+
"auth-endpoint",
|
|
54
|
+
"database",
|
|
55
|
+
"file-storage",
|
|
56
|
+
"asset"
|
|
57
|
+
];
|
|
58
|
+
function getFlag(flag, argv) {
|
|
59
|
+
const idx = argv.indexOf(flag);
|
|
60
|
+
return idx !== -1 && idx + 1 < argv.length ? argv[idx + 1] : undefined;
|
|
61
|
+
}
|
|
62
|
+
function getAllFlags(flag, argv) {
|
|
63
|
+
const values = [];
|
|
64
|
+
for (let i = 0;i < argv.length; i++) {
|
|
65
|
+
const next = argv[i + 1];
|
|
66
|
+
if (argv[i] === flag && next !== undefined) {
|
|
67
|
+
values.push(next);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
return values;
|
|
71
|
+
}
|
|
72
|
+
function hasFlag(flag, argv) {
|
|
73
|
+
return argv.includes(flag);
|
|
74
|
+
}
|
|
75
|
+
function parseAppType(value) {
|
|
76
|
+
if (value === undefined)
|
|
77
|
+
return;
|
|
78
|
+
if (!APPLICATION_TYPES.includes(value)) {
|
|
79
|
+
throw new Error(`Invalid --type "${value}". Must be one of: ${APPLICATION_TYPES.join(", ")}`);
|
|
80
|
+
}
|
|
81
|
+
return value;
|
|
82
|
+
}
|
|
83
|
+
function parseEndpointType(value) {
|
|
84
|
+
if (value === undefined)
|
|
85
|
+
return;
|
|
86
|
+
if (!ENDPOINT_TYPES.includes(value)) {
|
|
87
|
+
throw new Error(`Invalid --type "${value}". Must be one of: ${ENDPOINT_TYPES.join(", ")}`);
|
|
88
|
+
}
|
|
89
|
+
return value;
|
|
90
|
+
}
|
|
91
|
+
function parseInteger(flag, value) {
|
|
92
|
+
if (value === undefined)
|
|
93
|
+
return;
|
|
94
|
+
const n = Number(value);
|
|
95
|
+
if (!Number.isFinite(n) || !Number.isInteger(n)) {
|
|
96
|
+
throw new Error(`${flag} must be an integer (got "${value}")`);
|
|
97
|
+
}
|
|
98
|
+
return n;
|
|
99
|
+
}
|
|
100
|
+
function parseNumber(flag, value) {
|
|
101
|
+
if (value === undefined)
|
|
102
|
+
return;
|
|
103
|
+
const n = Number(value);
|
|
104
|
+
if (!Number.isFinite(n)) {
|
|
105
|
+
throw new Error(`${flag} must be a number (got "${value}")`);
|
|
106
|
+
}
|
|
107
|
+
return n;
|
|
108
|
+
}
|
|
109
|
+
function showHelp() {
|
|
110
|
+
console.log(`pensar apps — Manage the project attack surface (apps & endpoints)
|
|
111
|
+
|
|
112
|
+
Usage:
|
|
113
|
+
pensar apps <projectId> List apps for a project
|
|
114
|
+
pensar apps get <appId> Show app details
|
|
115
|
+
pensar apps create <projectId> [options] Create an app
|
|
116
|
+
pensar apps update <appId> [options] Update an app
|
|
117
|
+
pensar apps delete <appId> Delete an app
|
|
118
|
+
pensar apps endpoints <appId> [filters] List endpoints
|
|
119
|
+
pensar apps endpoint <endpointId> Show endpoint details
|
|
120
|
+
pensar apps endpoint-create <appId> [options] Create an endpoint
|
|
121
|
+
pensar apps endpoint-update <endpointId> [options] Update an endpoint
|
|
122
|
+
pensar apps endpoint-delete <endpointId> Delete an endpoint
|
|
123
|
+
pensar apps search <query> [options] Substring-search apps
|
|
124
|
+
pensar apps search-endpoints <query> [options] Substring-search endpoints
|
|
125
|
+
|
|
126
|
+
App fields (create requires --name and --description):
|
|
127
|
+
--name <text> Application name
|
|
128
|
+
--description <text> Application description
|
|
129
|
+
--type <type> One of: ${APPLICATION_TYPES.join(", ")}
|
|
130
|
+
--framework <text> Framework / runtime hint
|
|
131
|
+
--domain <id> Linked domain UUID
|
|
132
|
+
--disallowed-actions <text> Free-form disallowed actions notes
|
|
133
|
+
|
|
134
|
+
List pagination (for "<projectId>" and "endpoints <appId>"):
|
|
135
|
+
--limit <n> Page size (default 100, max 200)
|
|
136
|
+
--offset <n> Page offset (default 0)
|
|
137
|
+
Responses include { ..., hasMore, limit, offset }; iterate by
|
|
138
|
+
incrementing --offset by --limit until hasMore is false.
|
|
139
|
+
|
|
140
|
+
Endpoint filters (for "endpoints"):
|
|
141
|
+
--type <type> One of: ${ENDPOINT_TYPES.join(", ")}
|
|
142
|
+
--min-risk <score> Minimum risk score (0–10)
|
|
143
|
+
|
|
144
|
+
Search options:
|
|
145
|
+
--project <id> Scope search to a project (search-endpoints also
|
|
146
|
+
supports --app <id> to scope to a single app)
|
|
147
|
+
--type <type> Filter by application or endpoint type
|
|
148
|
+
--min-risk <score> Endpoint search only: minimum risk score
|
|
149
|
+
--auth-required Endpoint search only: only auth-required endpoints
|
|
150
|
+
--no-auth-required Endpoint search only: only public endpoints
|
|
151
|
+
--limit <n> Page size (default 50, max 200)
|
|
152
|
+
--offset <n> Page offset
|
|
153
|
+
|
|
154
|
+
Endpoint fields (create requires --endpoint and --description):
|
|
155
|
+
--endpoint <text> Endpoint path / URL / route
|
|
156
|
+
--description <text> Endpoint description
|
|
157
|
+
--type <type> One of: ${ENDPOINT_TYPES.join(", ")}
|
|
158
|
+
--location <text> Source file (whitebox)
|
|
159
|
+
--start-line <n> Start line number
|
|
160
|
+
--end-line <n> End line number
|
|
161
|
+
--objective <text> Repeatable: testing objective for the endpoint
|
|
162
|
+
--auth-required Mark endpoint as authentication-required
|
|
163
|
+
--no-auth-required Mark endpoint as not requiring auth
|
|
164
|
+
--auth-details <text> Free-form auth details
|
|
165
|
+
--business-logic <text> Business-logic notes
|
|
166
|
+
--threat-model <text> Per-endpoint threat model notes
|
|
167
|
+
|
|
168
|
+
Options:
|
|
169
|
+
-h, --help Show this help message`);
|
|
170
|
+
}
|
|
171
|
+
function parseAppCreateOptions(argv) {
|
|
172
|
+
const name = getFlag("--name", argv);
|
|
173
|
+
const description = getFlag("--description", argv);
|
|
174
|
+
if (!name)
|
|
175
|
+
throw new Error("--name is required");
|
|
176
|
+
if (description === undefined)
|
|
177
|
+
throw new Error("--description is required");
|
|
178
|
+
const type = parseAppType(getFlag("--type", argv));
|
|
179
|
+
const framework = getFlag("--framework", argv);
|
|
180
|
+
const domainId = getFlag("--domain", argv);
|
|
181
|
+
const disallowedActions = getFlag("--disallowed-actions", argv);
|
|
182
|
+
return {
|
|
183
|
+
name,
|
|
184
|
+
description,
|
|
185
|
+
...type !== undefined ? { type } : {},
|
|
186
|
+
...framework !== undefined ? { framework } : {},
|
|
187
|
+
...domainId !== undefined ? { domainId } : {},
|
|
188
|
+
...disallowedActions !== undefined ? { disallowedActions } : {}
|
|
189
|
+
};
|
|
190
|
+
}
|
|
191
|
+
function parseAppUpdateOptions(argv) {
|
|
192
|
+
const update = {};
|
|
193
|
+
const name = getFlag("--name", argv);
|
|
194
|
+
if (name !== undefined)
|
|
195
|
+
update.name = name;
|
|
196
|
+
const description = getFlag("--description", argv);
|
|
197
|
+
if (description !== undefined)
|
|
198
|
+
update.description = description;
|
|
199
|
+
const type = parseAppType(getFlag("--type", argv));
|
|
200
|
+
if (type !== undefined)
|
|
201
|
+
update.type = type;
|
|
202
|
+
const framework = getFlag("--framework", argv);
|
|
203
|
+
if (framework !== undefined)
|
|
204
|
+
update.framework = framework;
|
|
205
|
+
const domain = getFlag("--domain", argv);
|
|
206
|
+
if (domain !== undefined)
|
|
207
|
+
update.domainId = domain;
|
|
208
|
+
const disallowed = getFlag("--disallowed-actions", argv);
|
|
209
|
+
if (disallowed !== undefined)
|
|
210
|
+
update.disallowedActions = disallowed;
|
|
211
|
+
return update;
|
|
212
|
+
}
|
|
213
|
+
function parseAuthenticationRequiredFlag(argv) {
|
|
214
|
+
const yes = hasFlag("--auth-required", argv);
|
|
215
|
+
const no = hasFlag("--no-auth-required", argv);
|
|
216
|
+
const details = getFlag("--auth-details", argv);
|
|
217
|
+
if (!yes && !no && details === undefined)
|
|
218
|
+
return;
|
|
219
|
+
if (yes && no) {
|
|
220
|
+
throw new Error("--auth-required and --no-auth-required are mutually exclusive");
|
|
221
|
+
}
|
|
222
|
+
return {
|
|
223
|
+
required: yes,
|
|
224
|
+
...details !== undefined ? { details } : {}
|
|
225
|
+
};
|
|
226
|
+
}
|
|
227
|
+
function parseEndpointCreateOptions(argv) {
|
|
228
|
+
const endpoint = getFlag("--endpoint", argv);
|
|
229
|
+
const description = getFlag("--description", argv);
|
|
230
|
+
if (!endpoint)
|
|
231
|
+
throw new Error("--endpoint is required");
|
|
232
|
+
if (description === undefined)
|
|
233
|
+
throw new Error("--description is required");
|
|
234
|
+
const type = parseEndpointType(getFlag("--type", argv));
|
|
235
|
+
const location = getFlag("--location", argv);
|
|
236
|
+
const startLineNumber = parseInteger("--start-line", getFlag("--start-line", argv));
|
|
237
|
+
const endLineNumber = parseInteger("--end-line", getFlag("--end-line", argv));
|
|
238
|
+
const objectives = getAllFlags("--objective", argv);
|
|
239
|
+
const authenticationRequired = parseAuthenticationRequiredFlag(argv);
|
|
240
|
+
const businessLogic = getFlag("--business-logic", argv);
|
|
241
|
+
const threatModel = getFlag("--threat-model", argv);
|
|
242
|
+
return {
|
|
243
|
+
endpoint,
|
|
244
|
+
description,
|
|
245
|
+
...type !== undefined ? { type } : {},
|
|
246
|
+
...location !== undefined ? { location } : {},
|
|
247
|
+
...startLineNumber !== undefined ? { startLineNumber } : {},
|
|
248
|
+
...endLineNumber !== undefined ? { endLineNumber } : {},
|
|
249
|
+
...objectives.length > 0 ? { objectives } : {},
|
|
250
|
+
...authenticationRequired !== undefined ? { authenticationRequired } : {},
|
|
251
|
+
...businessLogic !== undefined ? { businessLogic } : {},
|
|
252
|
+
...threatModel !== undefined ? { threatModel } : {}
|
|
253
|
+
};
|
|
254
|
+
}
|
|
255
|
+
function parseEndpointUpdateOptions(argv) {
|
|
256
|
+
const update = {};
|
|
257
|
+
const endpoint = getFlag("--endpoint", argv);
|
|
258
|
+
if (endpoint !== undefined)
|
|
259
|
+
update.endpoint = endpoint;
|
|
260
|
+
const description = getFlag("--description", argv);
|
|
261
|
+
if (description !== undefined)
|
|
262
|
+
update.description = description;
|
|
263
|
+
const type = parseEndpointType(getFlag("--type", argv));
|
|
264
|
+
if (type !== undefined)
|
|
265
|
+
update.type = type;
|
|
266
|
+
const location = getFlag("--location", argv);
|
|
267
|
+
if (location !== undefined)
|
|
268
|
+
update.location = location;
|
|
269
|
+
const startLine = parseInteger("--start-line", getFlag("--start-line", argv));
|
|
270
|
+
if (startLine !== undefined)
|
|
271
|
+
update.startLineNumber = startLine;
|
|
272
|
+
const endLine = parseInteger("--end-line", getFlag("--end-line", argv));
|
|
273
|
+
if (endLine !== undefined)
|
|
274
|
+
update.endLineNumber = endLine;
|
|
275
|
+
const objectives = getAllFlags("--objective", argv);
|
|
276
|
+
if (objectives.length > 0)
|
|
277
|
+
update.objectives = objectives;
|
|
278
|
+
const auth = parseAuthenticationRequiredFlag(argv);
|
|
279
|
+
if (auth !== undefined)
|
|
280
|
+
update.authenticationRequired = auth;
|
|
281
|
+
const businessLogic = getFlag("--business-logic", argv);
|
|
282
|
+
if (businessLogic !== undefined)
|
|
283
|
+
update.businessLogic = businessLogic;
|
|
284
|
+
const threatModel = getFlag("--threat-model", argv);
|
|
285
|
+
if (threatModel !== undefined)
|
|
286
|
+
update.threatModel = threatModel;
|
|
287
|
+
return update;
|
|
288
|
+
}
|
|
289
|
+
async function main() {
|
|
290
|
+
const args = process.argv.slice(2);
|
|
291
|
+
const sub = args[0];
|
|
292
|
+
if (!sub || sub === "--help" || sub === "-h" || sub === "help") {
|
|
293
|
+
showHelp();
|
|
294
|
+
return;
|
|
295
|
+
}
|
|
296
|
+
try {
|
|
297
|
+
if (sub === "get") {
|
|
298
|
+
const appId = args[1];
|
|
299
|
+
if (!appId) {
|
|
300
|
+
console.error("Error: app ID is required");
|
|
301
|
+
console.error("Usage: pensar apps get <appId>");
|
|
302
|
+
process.exit(1);
|
|
303
|
+
}
|
|
304
|
+
const app = await getApp(appId);
|
|
305
|
+
console.log(JSON.stringify(app, null, 2));
|
|
306
|
+
} else if (sub === "create") {
|
|
307
|
+
const projectId = args[1];
|
|
308
|
+
if (!projectId) {
|
|
309
|
+
console.error("Error: project ID is required");
|
|
310
|
+
console.error("Usage: pensar apps create <projectId> --name N --description D");
|
|
311
|
+
process.exit(1);
|
|
312
|
+
}
|
|
313
|
+
const opts = parseAppCreateOptions(args);
|
|
314
|
+
const result = await createApp(projectId, opts);
|
|
315
|
+
console.log(JSON.stringify(result, null, 2));
|
|
316
|
+
} else if (sub === "update") {
|
|
317
|
+
const appId = args[1];
|
|
318
|
+
if (!appId) {
|
|
319
|
+
console.error("Error: app ID is required");
|
|
320
|
+
console.error("Usage: pensar apps update <appId> [options]");
|
|
321
|
+
process.exit(1);
|
|
322
|
+
}
|
|
323
|
+
const opts = parseAppUpdateOptions(args);
|
|
324
|
+
const result = await updateApp(appId, opts);
|
|
325
|
+
console.log(JSON.stringify(result, null, 2));
|
|
326
|
+
} else if (sub === "delete") {
|
|
327
|
+
const appId = args[1];
|
|
328
|
+
if (!appId) {
|
|
329
|
+
console.error("Error: app ID is required");
|
|
330
|
+
console.error("Usage: pensar apps delete <appId>");
|
|
331
|
+
process.exit(1);
|
|
332
|
+
}
|
|
333
|
+
const result = await deleteApp(appId);
|
|
334
|
+
console.log(JSON.stringify(result, null, 2));
|
|
335
|
+
} else if (sub === "endpoints") {
|
|
336
|
+
const appId = args[1];
|
|
337
|
+
if (!appId) {
|
|
338
|
+
console.error("Error: app ID is required");
|
|
339
|
+
console.error("Usage: pensar apps endpoints <appId> [filters]");
|
|
340
|
+
process.exit(1);
|
|
341
|
+
}
|
|
342
|
+
const type = parseEndpointType(getFlag("--type", args));
|
|
343
|
+
const minRiskScore = parseNumber("--min-risk", getFlag("--min-risk", args));
|
|
344
|
+
const limit = parseInteger("--limit", getFlag("--limit", args));
|
|
345
|
+
const offset = parseInteger("--offset", getFlag("--offset", args));
|
|
346
|
+
const filters = {
|
|
347
|
+
...type !== undefined ? { type } : {},
|
|
348
|
+
...minRiskScore !== undefined ? { minRiskScore } : {},
|
|
349
|
+
...limit !== undefined ? { limit } : {},
|
|
350
|
+
...offset !== undefined ? { offset } : {}
|
|
351
|
+
};
|
|
352
|
+
const result = await listEndpoints(appId, filters);
|
|
353
|
+
console.log(JSON.stringify(result, null, 2));
|
|
354
|
+
} else if (sub === "endpoint") {
|
|
355
|
+
const endpointId = args[1];
|
|
356
|
+
if (!endpointId) {
|
|
357
|
+
console.error("Error: endpoint ID is required");
|
|
358
|
+
console.error("Usage: pensar apps endpoint <endpointId>");
|
|
359
|
+
process.exit(1);
|
|
360
|
+
}
|
|
361
|
+
const result = await getEndpoint(endpointId);
|
|
362
|
+
console.log(JSON.stringify(result, null, 2));
|
|
363
|
+
} else if (sub === "endpoint-create") {
|
|
364
|
+
const appId = args[1];
|
|
365
|
+
if (!appId) {
|
|
366
|
+
console.error("Error: app ID is required");
|
|
367
|
+
console.error("Usage: pensar apps endpoint-create <appId> --endpoint E --description D");
|
|
368
|
+
process.exit(1);
|
|
369
|
+
}
|
|
370
|
+
const opts = parseEndpointCreateOptions(args);
|
|
371
|
+
const result = await createEndpoint(appId, opts);
|
|
372
|
+
console.log(JSON.stringify(result, null, 2));
|
|
373
|
+
} else if (sub === "endpoint-update") {
|
|
374
|
+
const endpointId = args[1];
|
|
375
|
+
if (!endpointId) {
|
|
376
|
+
console.error("Error: endpoint ID is required");
|
|
377
|
+
console.error("Usage: pensar apps endpoint-update <endpointId> [options]");
|
|
378
|
+
process.exit(1);
|
|
379
|
+
}
|
|
380
|
+
const opts = parseEndpointUpdateOptions(args);
|
|
381
|
+
const result = await updateEndpoint(endpointId, opts);
|
|
382
|
+
console.log(JSON.stringify(result, null, 2));
|
|
383
|
+
} else if (sub === "endpoint-delete") {
|
|
384
|
+
const endpointId = args[1];
|
|
385
|
+
if (!endpointId) {
|
|
386
|
+
console.error("Error: endpoint ID is required");
|
|
387
|
+
console.error("Usage: pensar apps endpoint-delete <endpointId>");
|
|
388
|
+
process.exit(1);
|
|
389
|
+
}
|
|
390
|
+
const result = await deleteEndpoint(endpointId);
|
|
391
|
+
console.log(JSON.stringify(result, null, 2));
|
|
392
|
+
} else if (sub === "search") {
|
|
393
|
+
const query = args[1];
|
|
394
|
+
if (!query || query.startsWith("--")) {
|
|
395
|
+
console.error("Error: search query is required");
|
|
396
|
+
console.error("Usage: pensar apps search <query> [options]");
|
|
397
|
+
process.exit(1);
|
|
398
|
+
}
|
|
399
|
+
const projectId = getFlag("--project", args);
|
|
400
|
+
const type = parseAppType(getFlag("--type", args));
|
|
401
|
+
const limit = parseInteger("--limit", getFlag("--limit", args));
|
|
402
|
+
const offset = parseInteger("--offset", getFlag("--offset", args));
|
|
403
|
+
const result = await searchApps(query, {
|
|
404
|
+
...projectId !== undefined ? { projectId } : {},
|
|
405
|
+
...type !== undefined ? { type } : {},
|
|
406
|
+
...limit !== undefined ? { limit } : {},
|
|
407
|
+
...offset !== undefined ? { offset } : {}
|
|
408
|
+
});
|
|
409
|
+
console.log(JSON.stringify(result, null, 2));
|
|
410
|
+
} else if (sub === "search-endpoints") {
|
|
411
|
+
const query = args[1];
|
|
412
|
+
if (!query || query.startsWith("--")) {
|
|
413
|
+
console.error("Error: search query is required");
|
|
414
|
+
console.error("Usage: pensar apps search-endpoints <query> [options]");
|
|
415
|
+
process.exit(1);
|
|
416
|
+
}
|
|
417
|
+
const applicationId = getFlag("--app", args);
|
|
418
|
+
const projectId = getFlag("--project", args);
|
|
419
|
+
const type = parseEndpointType(getFlag("--type", args));
|
|
420
|
+
const minRiskScore = parseNumber("--min-risk", getFlag("--min-risk", args));
|
|
421
|
+
const authRequired = hasFlag("--auth-required", args) ? true : hasFlag("--no-auth-required", args) ? false : undefined;
|
|
422
|
+
const limit = parseInteger("--limit", getFlag("--limit", args));
|
|
423
|
+
const offset = parseInteger("--offset", getFlag("--offset", args));
|
|
424
|
+
const result = await searchEndpoints(query, {
|
|
425
|
+
...applicationId !== undefined ? { applicationId } : {},
|
|
426
|
+
...projectId !== undefined ? { projectId } : {},
|
|
427
|
+
...type !== undefined ? { type } : {},
|
|
428
|
+
...minRiskScore !== undefined ? { minRiskScore } : {},
|
|
429
|
+
...authRequired !== undefined ? { authRequired } : {},
|
|
430
|
+
...limit !== undefined ? { limit } : {},
|
|
431
|
+
...offset !== undefined ? { offset } : {}
|
|
432
|
+
});
|
|
433
|
+
console.log(JSON.stringify(result, null, 2));
|
|
434
|
+
} else if (!sub.startsWith("-")) {
|
|
435
|
+
const projectId = sub;
|
|
436
|
+
const limit = parseInteger("--limit", getFlag("--limit", args));
|
|
437
|
+
const offset = parseInteger("--offset", getFlag("--offset", args));
|
|
438
|
+
const result = await listApps(projectId, {
|
|
439
|
+
...limit !== undefined ? { limit } : {},
|
|
440
|
+
...offset !== undefined ? { offset } : {}
|
|
441
|
+
});
|
|
442
|
+
console.log(JSON.stringify(result, null, 2));
|
|
443
|
+
} else {
|
|
444
|
+
console.error(`Error: Unknown subcommand "${sub}"`);
|
|
445
|
+
showHelp();
|
|
446
|
+
process.exit(1);
|
|
447
|
+
}
|
|
448
|
+
} catch (err) {
|
|
449
|
+
console.error(`
|
|
450
|
+
Error: ${err instanceof Error ? err.message : String(err)}`);
|
|
451
|
+
process.exit(1);
|
|
452
|
+
}
|
|
453
|
+
}
|
|
454
|
+
main();
|
|
@@ -1,27 +1,47 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
|
+
import"./cli-1vqseayr.js";
|
|
3
|
+
import"./cli-75gknttk.js";
|
|
4
|
+
import"./cli-snrgdygv.js";
|
|
5
|
+
import"./cli-hzbhb0dn.js";
|
|
6
|
+
import"./cli-w4dn16dw.js";
|
|
7
|
+
import"./cli-wdwbvry5.js";
|
|
8
|
+
import"./cli-fw5r7pfj.js";
|
|
9
|
+
import"./cli-wb34w94p.js";
|
|
10
|
+
import"./cli-9fsre5pt.js";
|
|
11
|
+
import"./cli-70g8wmtx.js";
|
|
12
|
+
import"./cli-mswm4k81.js";
|
|
13
|
+
import"./cli-w9b9bxnr.js";
|
|
14
|
+
import"./cli-3y0dgy56.js";
|
|
15
|
+
import"./cli-319h88b8.js";
|
|
16
|
+
import"./cli-4v2c92ha.js";
|
|
17
|
+
import"./cli-p0a8qssm.js";
|
|
2
18
|
import {
|
|
19
|
+
config,
|
|
3
20
|
disconnect,
|
|
4
21
|
fetchWorkspaces,
|
|
22
|
+
getPensarApiUrl,
|
|
23
|
+
getPensarConsoleUrl,
|
|
24
|
+
init_auth,
|
|
25
|
+
init_config,
|
|
5
26
|
isConnected,
|
|
6
27
|
pollForWorkspaceCreation,
|
|
7
28
|
pollLegacyToken,
|
|
8
29
|
pollWorkOSToken,
|
|
9
30
|
selectWorkspace,
|
|
10
31
|
startDeviceFlow
|
|
11
|
-
} from "./cli-
|
|
12
|
-
import
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
} from "./cli-bhh5fm4h.js";
|
|
17
|
-
import"./cli-jv0h5hac.js";
|
|
18
|
-
import"./cli-6zj1m6s6.js";
|
|
32
|
+
} from "./cli-vjg9pdxh.js";
|
|
33
|
+
import"./cli-2sdqzmg5.js";
|
|
34
|
+
import"./cli-gpnb45ck.js";
|
|
35
|
+
import"./cli-nx4crew0.js";
|
|
36
|
+
import"./cli-tggr2sf7.js";
|
|
19
37
|
import {
|
|
20
38
|
__require
|
|
21
39
|
} from "./cli-8rxa073f.js";
|
|
22
40
|
|
|
23
41
|
// src/cli/auth.ts
|
|
24
42
|
import * as readline from "readline";
|
|
43
|
+
init_auth();
|
|
44
|
+
init_config();
|
|
25
45
|
function openUrl(url) {
|
|
26
46
|
try {
|
|
27
47
|
const { spawn } = __require("child_process");
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import {
|
|
2
|
+
runAuthenticationAgent
|
|
3
|
+
} from "./cli-wb34w94p.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-70g8wmtx.js";
|
|
6
|
+
import"./cli-mswm4k81.js";
|
|
7
|
+
import"./cli-w9b9bxnr.js";
|
|
8
|
+
import"./cli-3y0dgy56.js";
|
|
9
|
+
import"./cli-319h88b8.js";
|
|
10
|
+
import"./cli-4v2c92ha.js";
|
|
11
|
+
import"./cli-p0a8qssm.js";
|
|
12
|
+
import"./cli-vjg9pdxh.js";
|
|
13
|
+
import"./cli-2sdqzmg5.js";
|
|
14
|
+
import"./cli-gpnb45ck.js";
|
|
15
|
+
import"./cli-nx4crew0.js";
|
|
16
|
+
import"./cli-tggr2sf7.js";
|
|
17
|
+
import"./cli-8rxa073f.js";
|
|
18
|
+
export {
|
|
19
|
+
runAuthenticationAgent
|
|
20
|
+
};
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import {
|
|
2
|
+
BlackboxAttackSurfaceAgent
|
|
3
|
+
} from "./cli-w4dn16dw.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-70g8wmtx.js";
|
|
6
|
+
import"./cli-mswm4k81.js";
|
|
7
|
+
import"./cli-w9b9bxnr.js";
|
|
8
|
+
import"./cli-3y0dgy56.js";
|
|
9
|
+
import"./cli-319h88b8.js";
|
|
10
|
+
import"./cli-4v2c92ha.js";
|
|
11
|
+
import"./cli-p0a8qssm.js";
|
|
12
|
+
import"./cli-vjg9pdxh.js";
|
|
13
|
+
import"./cli-2sdqzmg5.js";
|
|
14
|
+
import"./cli-gpnb45ck.js";
|
|
15
|
+
import"./cli-nx4crew0.js";
|
|
16
|
+
import"./cli-tggr2sf7.js";
|
|
17
|
+
import"./cli-8rxa073f.js";
|
|
18
|
+
export {
|
|
19
|
+
BlackboxAttackSurfaceAgent
|
|
20
|
+
};
|
|
@@ -1,24 +1,24 @@
|
|
|
1
1
|
import {
|
|
2
2
|
runPentestWorkflow
|
|
3
|
-
} from "./cli-
|
|
4
|
-
import"./cli-
|
|
5
|
-
import"./cli-
|
|
6
|
-
import"./cli-
|
|
7
|
-
import"./cli-
|
|
3
|
+
} from "./cli-75gknttk.js";
|
|
4
|
+
import"./cli-snrgdygv.js";
|
|
5
|
+
import"./cli-hzbhb0dn.js";
|
|
6
|
+
import"./cli-w4dn16dw.js";
|
|
7
|
+
import"./cli-wdwbvry5.js";
|
|
8
8
|
import"./cli-fw5r7pfj.js";
|
|
9
|
-
import"./cli-
|
|
10
|
-
import"./cli-
|
|
11
|
-
import"./cli-
|
|
12
|
-
import"./cli-
|
|
9
|
+
import"./cli-9fsre5pt.js";
|
|
10
|
+
import"./cli-70g8wmtx.js";
|
|
11
|
+
import"./cli-mswm4k81.js";
|
|
12
|
+
import"./cli-w9b9bxnr.js";
|
|
13
13
|
import"./cli-3y0dgy56.js";
|
|
14
|
-
import"./cli-
|
|
15
|
-
import"./cli-
|
|
16
|
-
import"./cli-
|
|
17
|
-
import"./cli-
|
|
14
|
+
import"./cli-319h88b8.js";
|
|
15
|
+
import"./cli-4v2c92ha.js";
|
|
16
|
+
import"./cli-p0a8qssm.js";
|
|
17
|
+
import"./cli-vjg9pdxh.js";
|
|
18
|
+
import"./cli-2sdqzmg5.js";
|
|
18
19
|
import"./cli-gpnb45ck.js";
|
|
19
|
-
import"./cli-
|
|
20
|
-
import"./cli-
|
|
21
|
-
import"./cli-hjc1pbs8.js";
|
|
20
|
+
import"./cli-nx4crew0.js";
|
|
21
|
+
import"./cli-tggr2sf7.js";
|
|
22
22
|
import"./cli-8rxa073f.js";
|
|
23
23
|
|
|
24
24
|
// src/core/api/blackboxPentest.ts
|