aisec-cli 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/bin/aisec.mjs +12 -0
  2. package/lib/scan.mjs +29 -0
  3. package/package.json +2 -2
package/bin/aisec.mjs CHANGED
@@ -16,12 +16,16 @@ program
16
16
  .option("--stealth", "Stealth profile — slower, WAF evasion")
17
17
  .option("--aggressive", "Aggressive — full port scan, brute force, sqlmap")
18
18
  .option("--full", "Full — aggressive + subdomain scope + 50 iterations")
19
+ .option("--bounty", "Bug bounty — high-impact vulns, skip noise, PoC-ready output")
20
+ .option("--scan-type <type>", "Scan type: web, network, crypto", "web")
19
21
  .option("-e, --engine <engine>", "AI engine: claude or ollama", "claude")
20
22
  .option("-m, --model <model>", "Model name")
23
+ .option("--review-model <model>", "Review model (default: claude-sonnet-4-6)")
21
24
  .option("--temperature <temp>", "AI temperature 0.0-1.0", parseFloat)
22
25
  .option("-n, --max-iterations <n>", "Max AI iterations", parseInt)
23
26
  .option("--scope <scope>", "Scan scope: target, domain, subdomain")
24
27
  .option("-t, --timeout <minutes>", "Timeout in minutes, 0=unlimited", parseInt)
28
+ .option("--cost-cap <credits>", "Max credits to spend (0=no limit)", parseFloat)
25
29
  .option("--skip-recon", "Skip infrastructure recon")
26
30
  .option("--skip-browser", "Skip browser-based recon")
27
31
  .option("-u, --username <user>", "Username for auth scanning")
@@ -29,6 +33,14 @@ program
29
33
  .option("--cookies <json>", "Session cookies as JSON or @file")
30
34
  .option("--proxy <url>", "Proxy URL")
31
35
  .option("--headers <headers>", "Custom headers: 'Key:Val,Key2:Val2' or @file")
36
+ .option("--localstorage <json>", "Browser localStorage as JSON or @file")
37
+ .option("--custom-instructions <text>", "Free-text guidance for the AI agent (max 500 chars)")
38
+ .option("--disable-tools <tools>", "Comma-separated tools to disable (e.g. sqlmap,hydra,nikto)")
39
+ .option("--disable-enrichments <list>", "Comma-separated enrichments to disable (e.g. leak_check,shodan)")
40
+ .option("--out-of-scope <list>", "Comma-separated domains/paths to exclude")
41
+ .option("--wordlist <name>", "Wordlist: common, big, api-endpoints")
42
+ .option("--auto-compact", "Auto-compact context for long scans (saves credits)")
43
+ .option("--project-id <id>", "Assign scan to a project")
32
44
  .option("--fail-on <severity>", "Exit 1 if findings at this severity or above (critical, high, medium, low)")
33
45
  .option("--source <source>", "Scan source identifier (cli, ci, api)", "cli")
34
46
  .option("--token <token>", "API token (or AISEC_TOKEN env)")
package/lib/scan.mjs CHANGED
@@ -6,6 +6,7 @@ import { request, healthCheck } from "./api.mjs";
6
6
 
7
7
  function resolveProfile(opts) {
8
8
  if (opts.full) return "full";
9
+ if (opts.bounty) return "bounty";
9
10
  if (opts.aggressive) return "aggressive";
10
11
  if (opts.stealth) return "stealth";
11
12
  return undefined;
@@ -32,6 +33,19 @@ function parseCookies(raw) {
32
33
  return raw;
33
34
  }
34
35
 
36
+ function parseFileOrString(raw) {
37
+ if (!raw) return undefined;
38
+ if (raw.startsWith("@")) {
39
+ return readFileSync(raw.slice(1), "utf-8").trim();
40
+ }
41
+ return raw;
42
+ }
43
+
44
+ function parseCommaSeparated(raw) {
45
+ if (!raw) return undefined;
46
+ return raw.split(",").map(s => s.trim()).filter(Boolean);
47
+ }
48
+
35
49
  function buildBody(target, opts) {
36
50
  const body = { target, source: opts.source || "cli" };
37
51
  const profile = resolveProfile(opts);
@@ -47,10 +61,25 @@ function buildBody(target, opts) {
47
61
  if (opts.username) body.username = opts.username;
48
62
  if (opts.password) body.password = opts.password;
49
63
  if (opts.proxy) body.proxy = opts.proxy;
64
+ if (opts.costCap != null) body.cost_cap = opts.costCap;
65
+ if (opts.reviewModel) body.review_model = opts.reviewModel;
66
+ if (opts.scanType && opts.scanType !== "web") body.scan_type = opts.scanType;
50
67
  const cookies = parseCookies(opts.cookies);
51
68
  if (cookies) body.cookies_json = cookies;
52
69
  const headers = parseHeaders(opts.headers);
53
70
  if (headers) body.custom_headers = headers;
71
+ const ls = parseFileOrString(opts.localstorage);
72
+ if (ls) body.localstorage_json = ls;
73
+ if (opts.customInstructions) body.custom_instructions = opts.customInstructions;
74
+ const disabledTools = parseCommaSeparated(opts.disableTools);
75
+ if (disabledTools) body.disabled_tools = disabledTools;
76
+ const disabledEnrichments = parseCommaSeparated(opts.disableEnrichments);
77
+ if (disabledEnrichments) body.disabled_enrichments = disabledEnrichments;
78
+ const outOfScope = parseCommaSeparated(opts.outOfScope);
79
+ if (outOfScope) body.out_of_scope = outOfScope;
80
+ if (opts.wordlist) body.wordlist = opts.wordlist;
81
+ if (opts.autoCompact) body.auto_compact = true;
82
+ if (opts.projectId) body.project_id = opts.projectId;
54
83
  return body;
55
84
  }
56
85
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "aisec-cli",
3
- "version": "0.1.0",
3
+ "version": "0.2.0",
4
4
  "description": "CLI for aisec — AI-powered web security scanner",
5
5
  "type": "module",
6
6
  "bin": {
@@ -26,8 +26,8 @@
26
26
  "url": "https://github.com/aisec-foundation/cli-node.git"
27
27
  },
28
28
  "dependencies": {
29
- "commander": "^12.1.0",
30
29
  "chalk": "^5.3.0",
30
+ "commander": "^12.1.0",
31
31
  "ws": "^8.18.0"
32
32
  }
33
33
  }