pentesting 0.1.12 → 0.2.0

package/README.md

@@ -9,13 +9,15 @@
 [![npm version](https://badge.fury.io/js/pentesting.svg)](https://www.npmjs.com/package/pentesting)
 [![Docker](https://img.shields.io/badge/Docker-pentesting--tools-blue)](https://hub.docker.com/r/agnusdei1207/pentesting-tools)
 
-## Features
-
-- **7-Phase Workflow**: Recon → Enum → Vuln Analysis → Exploitation → PrivEsc → Lateral → Reporting
-- **Parallel Agent Orchestration**: 2-4 specialized agents working simultaneously
-- **Ralph-Style Loops**: Self-referential iteration until objective completion
-- **Confidence Scoring**: Findings rated 0-100 to filter false positives
-- **MCP Integration**: Model Context Protocol for extended tool capabilities
+## ✨ Features
+
+- **7-Phase Attack Workflow**: Recon → Scan → Enum → Vuln Analysis → Exploitation → PrivEsc → Reporting
+- **9 Specialized Agents**: Built-in experts for each security domain
+- **Ralph Loop**: Autonomous iteration until objective is achieved
+- **Streaming Responses**: Real-time output from Claude
+- **Session Persistence**: Save/resume pentesting sessions
+- **Tool Approval**: Manual confirmation for dangerous commands
+- **MCP Integration**: Extend with Model Context Protocol tools
 - **Docker Toolkit**: 50+ pre-installed pentesting tools
 
 ## Quick Start
@@ -35,9 +37,117 @@ export ANTHROPIC_API_KEY=your_api_key
 ### Run
 
 ```bash
-pentesting
-# or
-npx pentesting
+pentesting              # Interactive mode
+pentesting --yolo       # Auto-approve all tools (dangerous!)
+```
+
+## CLI Commands
+
+```bash
+/target <ip>        Set target
+/start [objective]  Start autonomous pentest
+/scan <target>      Quick enumeration
+/exploit <service>  Search for exploits
+/privesc [os]       Check privilege escalation vectors
+/web <url>          Web application testing
+/hash <hash>        Identify and crack hashes
+/attack <objective> Execute attack chain
+/report             Generate pentest report
+/sessions           List saved sessions
+/resume [id]        Resume a session
+/yolo               Toggle auto-approve mode
+/approve /deny      Approve/deny tool execution
+/findings           Show findings
+/clear              Clear screen
+/exit               Exit
+```
+
+## Built-in Agents
+
+| Agent | Specialty |
+|-------|-----------|
+| **target-explorer** | Network reconnaissance, service enumeration |
+| **exploit-researcher** | CVE research, exploit development |
+| **privesc-master** | Linux/Windows privilege escalation |
+| **web-hacker** | OWASP Top 10, SQLi, XSS, SSRF |
+| **crypto-solver** | Hash cracking, cipher analysis |
+| **forensics-analyst** | Memory forensics, file carving |
+| **reverse-engineer** | Binary analysis, exploit development |
+| **attack-architect** | Attack strategy planning |
+| **finding-reviewer** | Vulnerability validation |
+
+## Architecture
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                        TUI (app.tsx)                         │
+│  - Streaming text display                                    │
+│  - Tool approval prompts                                     │
+│  - Session management                                        │
+└──────────────────────────┬──────────────────────────────────┘
+                          │ Wire Protocol
+┌──────────────────────────▼──────────────────────────────────┐
+│                 PentestingAgent (Unified)                    │
+│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐       │
+│  │ RalphLoop    │  │ Streaming    │  │ Session      │       │
+│  │ (Auto-iter)  │  │ Handler      │  │ Manager      │       │
+│  └──────────────┘  └──────────────┘  └──────────────┘       │
+│                                                              │
+│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐       │
+│  │ Context      │  │ Retry        │  │ Approval     │       │
+│  │ Compaction   │  │ Handler      │  │ Manager      │       │
+│  └──────────────┘  └──────────────┘  └──────────────┘       │
+│                                                              │
+│  ┌──────────────────────────────────────────────────┐       │
+│  │         AutonomousHackingAgent (Core)             │       │
+│  │  ┌──────────────────────────────────────────┐    │       │
+│  │  │ 9 Built-in Specialized Agents            │    │       │
+│  │  │ (No plugins needed)                       │    │       │
+│  │  └──────────────────────────────────────────┘    │       │
+│  │  - Hook System                                    │       │
+│  │  - MCP Client for Extended Tools                  │       │
+│  └──────────────────────────────────────────────────┘       │
+└──────────────────────────┬──────────────────────────────────┘
+                          │
+         ┌────────────────┼────────────────┐
+    ┌────▼────┐     ┌────▼────┐     ┌────▼────┐
+    │ Tool    │     │  Bash   │     │   MCP   │
+    │Executor │     │ Commands│     │ Servers │
+    └─────────┘     └─────────┘     └─────────┘
+```
+
+## Programmatic Usage
+
+```typescript
+import { PentestingAgent, PENTEST_EVENT } from 'pentesting';
+
+const agent = new PentestingAgent({
+    yoloMode: false,          // Require approval for dangerous tools
+    useStreaming: true,       // Enable streaming responses
+    maxIterations: 100,       // Max Ralph loop iterations
+    autoSave: true,           // Auto-save session state
+});
+
+// Listen for events
+agent.on(PENTEST_EVENT.FINDING, (finding) => {
+    console.log(`Found: ${finding.title} (${finding.severity})`);
+});
+
+agent.on(PENTEST_EVENT.APPROVAL_NEEDED, (request) => {
+    console.log(`Approval needed for: ${request.toolName}`);
+    agent.approveToolCall(request.id, 'approve');
+});
+
+agent.on(PENTEST_EVENT.TEXT_DELTA, (text) => {
+    process.stdout.write(text);
+});
+
+// Start pentesting
+await agent.start('Get root access', '192.168.1.100');
+
+// Or use individual commands
+const scanResult = await agent.chat('/scan 10.10.10.1');
+const exploitResult = await agent.chat('/exploit Apache 2.4.49');
 ```
 
 ## Docker Environment
@@ -55,82 +165,26 @@ docker run -d --name pentesting-tools --network host \
 docker exec -it pentesting-tools nmap -sCV 10.0.0.1
 ```
 
-## Plugin System
-
-Based on Claude-Code plugin architecture:
-
-```
-plugins/pentesting-core/
-├── agents/           # 9 specialized AI agents
-├── commands/         # 5 slash commands
-├── hooks/            # Event handlers
-└── skills/           # 9 domain skills
-```
-
-### Agents
+## MCP Integration
 
-| Agent | Specialty |
-|-------|-----------|
-| target-explorer | Reconnaissance |
-| exploit-researcher | CVE/Exploit research |
-| privesc-master | Privilege escalation |
-| web-hacker | OWASP Top 10 |
-| crypto-solver | Cryptography |
-| forensics-analyst | Digital forensics |
-| reverse-engineer | Binary analysis |
-| attack-architect | Strategy planning |
-| finding-reviewer | Validation |
-
-### Commands
+Extend with additional MCP servers:
 
-```bash
-/pentest-loop <target> <objective>    # Autonomous attack loop
-/scan <target>                         # Quick enumeration
-/exploit <query>                       # Search/run exploits
-/vuln-review                          # Review findings
-```
+```typescript
+const agent = new PentestingAgent();
 
-## Architecture
+// Add filesystem access
+await agent.addMCPServer('filesystem', 'npx', [
+    '-y', '@modelcontextprotocol/server-filesystem', '/'
+]);
 
-```
-┌──────────────────────────────────────────────────────────────┐
-│                  AutonomousHackingAgent                      │
-├──────────────────────────────────────────────────────────────┤
-│  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐          │
-│  │   Claude    │  │   Plugin    │  │    MCP      │          │
-│  │    API      │  │   System    │  │   Client    │          │
-│  └─────────────┘  └─────────────┘  └─────────────┘          │
-│         │                │                │                  │
-│  ┌──────┴────────────────┴────────────────┴───────┐         │
-│  │              Tool Executor                       │         │
-│  │  (bash, nmap, sqlmap, msfconsole, etc.)        │         │
-│  └─────────────────────────────────────────────────┘         │
-├──────────────────────────────────────────────────────────────┤
-│  Hook System │ Command Parser │ Web Search │ Agents         │
-└──────────────────────────────────────────────────────────────┘
+// Add custom security tools
+await agent.addMCPServer('security-tools', 'docker', [
+    'exec', '-i', 'pentesting-tools', '/bin/bash'
+]);
 ```
 
 ## Configuration
 
-### MCP Servers
-
-Create `.pentest/mcp.json`:
-
-```json
-{
-  "mcpServers": {
-    "filesystem": {
-      "command": "npx",
-      "args": ["-y", "@modelcontextprotocol/server-filesystem", "/"]
-    },
-    "pentesting-tools": {
-      "command": "docker",
-      "args": ["exec", "-i", "pentesting-tools", "/bin/bash"]
-    }
-  }
-}
-```
-
 ### Environment Variables
 
 | Variable | Description | Default |
@@ -138,6 +192,39 @@ Create `.pentest/mcp.json`:
 | ANTHROPIC_API_KEY | Claude API key | Required |
 | PENTEST_MODEL | Claude model | claude-sonnet-4-20250514 |
 | PENTEST_MAX_TOKENS | Max response tokens | 8192 |
+| PENTESTING_DOCKER | Force Docker execution | 0 |
+| PENTESTING_CONTAINER | Docker container name | pentesting-tools |
+
+## Project Structure
+
+```
+src/
+├── index.tsx              # CLI entry point
+├── cli/
+│   └── app.tsx            # TUI with streaming, approval, sessions
+├── core/
+│   ├── index.ts           # All core exports
+│   ├── agent/
+│   │   ├── pentesting-agent.ts   # Unified agent
+│   │   ├── autonomous-agent.ts   # Core agent logic
+│   │   └── agent-orchestrator.ts # Parallel agent execution
+│   ├── approval/          # Tool approval system
+│   ├── context/           # Conversation compaction
+│   ├── hooks/             # Event hooks
+│   ├── loop/              # Ralph autonomous loop
+│   ├── session/           # Session persistence
+│   ├── streaming/         # Real-time streaming
+│   ├── prompts/           # System prompts
+│   └── tools/             # Tool definitions & executor
+├── agents/
+│   └── index.ts           # 9 built-in specialized agents
+├── commands/
+│   └── index.ts           # Built-in slash commands
+├── wire/                  # Agent-UI communication protocol
+├── mcp/                   # MCP client integration
+├── utils/                 # Retry logic, utilities
+└── config/                # Constants, theme
+```
 
 ## Development
 
@@ -160,7 +247,7 @@ npm run dev
 
 ⚠️ **Only use on systems you own or have explicit permission to test.**
 
-This tool is for authorized penetration testing and CTF competitions only.
+This tool is for authorized penetration testing and CTF competitions only. Unauthorized access to computer systems is illegal.
 
 ## License