pentesting 0.12.12 → 0.14.1

package/README.md

@@ -11,61 +11,18 @@
                   A U T O N O M O U S   S E C U R I T Y   A G E N T
 ```
 
-**v0.12.10 | Multi-Agent System | 50+ Security Tools**
 
 [![npm](https://img.shields.io/badge/npm-pentesting-red)](https://www.npmjs.org/package/pentesting)
-[![Docker](https://img.shields.io/badge/docker-kalilinux%2Fkali--rolling-blue)](https://hub.docker.com/r/kalilinux/kali-rolling)
-[![License: MIT](https://img.shields.io/badge/License-MIT-red.svg)](https://opensource.org/licenses/MIT)
 
 </div>
 
 ---
 
-## ⚠️ Requirements
-
-**This agent requires Kali Linux environment for full functionality.**
-
-### Option 1: Native Kali Linux (Recommended)
-```bash
-# On Kali Linux
-sudo apt update && sudo apt install -y kali-linux-headless nodejs npm
-npm install -g pentesting
-pentesting
-```
-
-### Option 2: Docker with Kali Image
-```bash
-# Pull official Kali Linux image
-docker pull kalilinux/kali-rolling
-
-# Run with full tools
-docker run -it --rm --network host \
-  -e PENTEST_API_KEY="your_key" \
-  -e PENTEST_BASE_URL="https://api.openai.com/v1" \
-  -e PENTEST_MODEL="gpt-4-turbo" \
-  kalilinux/kali-rolling bash -c "
-    apt update && apt install -y nodejs npm kali-tools-top10 && \
-    npm install -g pentesting && \
-    pentesting
-  "
-```
-
-### Option 3: Kali on WSL2 (Windows)
-```bash
-# Install Kali from Microsoft Store, then:
-sudo apt update && sudo apt install -y kali-linux-headless nodejs npm
-sudo npm install -g pentesting
-pentesting
-```
-
----
-
 ## Quick Start
 
 ```bash
 npm install -g pentesting
 
-# requirements
 export PENTEST_API_KEY="your_api_key"
 export PENTEST_BASE_URL="https://api.z.ai/api/anthropic"
 export PENTEST_MODEL="glm-4.7"
@@ -73,22 +30,14 @@ export PENTEST_MODEL="glm-4.7"
 pentesting
 ```
 
-**Note:** If a security tool is not installed, the agent will automatically attempt to install it using `apt`.
-
----
+## Purpose
 
-## Core Features
+This project is a pentesting tool that can be used to test the security of a system.
 
-| Feature | Description |
-|---------|-------------|
-| **Multi-Agent System** | 5 specialist agents (Recon, Web, Exploit, PrivEsc, Lateral) |
-| **Autonomous Orchestration** | Strategic planning, self-diagnostics, quality gates |
-| **50+ Security Tools** | nmap, sqlmap, ffuf, gobuster, hydra, metasploit... |
-| **Auto-Install** | Missing tools are automatically installed via apt |
-| **CTF Research** | Writeup search (0xdf, IppSec), scenario-based research |
-| **Audit & Safety** | Tool execution logging, risk scoring, approval system |
+## issue report
 
----
+email: agnusdei1207@gmail.com
+linkedin: https://www.linkedin.com/in/sang-woo-park-158685393/en
 
 ## TUI Commands
 
@@ -113,44 +62,6 @@ pentesting
 
 ---
 
-## Supported Tools
-
-The agent supports 50+ security tools. If a tool is missing, it will be installed automatically:
-
-| Category | Tools |
-|----------|-------|
-| **Reconnaissance** | nmap, rustscan, masscan, subfinder, amass |
-| **Web** | ffuf, gobuster, nikto, nuclei, sqlmap, whatweb |
-| **Exploitation** | metasploit, searchsploit, msfvenom |
-| **Credential** | hydra, john, hashcat, crackmapexec |
-| **Windows/AD** | impacket-*, bloodhound, kerbrute, enum4linux |
-| **Utilities** | netcat, socat, chisel, proxychains |
-
----
-
-## Web Research (Playwright)
-
-The agent includes a powerful **Playwright-based web research** engine:
-
-- **CAPTCHA bypass** - Headless browser avoids detection
-- **Deep search** - Follows links and extracts content
-- **Multi-source** - Google, DuckDuckGo, exploit-db, CVE databases
-- **CTF research** - Searches 0xdf, ippsec, HackTheBox writeups
-
-```bash
-# Features available in autonomous mode:
-# - searchGoogle(query)
-# - deepSearch(query, { depth: 2 })
-# - searchWriteups("htb box name")
-# - ctfResearch("Lame", "linux")
-```
-
 ## Documentation
 
-- **[ARCHITECTURE.md](docs/ARCHITECTURE.md)** - System architecture
-
----
-
-## License
-
-MIT | ⚠️ **For authorized security testing and CTF competitions only.**
+- **[ARCHITECTURE.md](docs/ARCHITECTURE.md)** — System architecture & data flow

package/dist/{chunk-6GEXOEUI.js → chunk-5KIJPRTS.js}

@@ -5,7 +5,8 @@ var AGENT_STATUS = {
   PAUSED: "paused",
   STUCK: "stuck",
   WAITING_INPUT: "waiting_input",
-  COMPLETED: "completed"
+  COMPLETED: "completed",
+  STOPPED: "stopped"
 };
 var PHASE_ID = {
   RECON: "recon",
@@ -72,6 +73,7 @@ var AGENT_EVENT = {
   PAUSED: "paused",
   RESUMED: "resumed",
   RESET: "reset",
+  STATUS_CHANGED: "status_changed",
   // Discoveries
   FINDING: "finding",
   CREDENTIAL: "credential",
@@ -101,6 +103,17 @@ var MESSAGE_TYPE = {
   SYSTEM: "system",
   RESULT: "result"
 };
+var DEFAULTS = {
+  MAX_ITERATIONS: 200,
+  MAX_TOOL_CALLS_PER_ITERATION: 10,
+  DEFAULT_TIMEOUT: 6e4,
+  LONG_RUNNING_TIMEOUT: 6e5,
+  STUCK_THRESHOLD: 5,
+  STUCK_TIME_THRESHOLD: 3e5,
+  MAX_PHASE_ATTEMPTS: 20,
+  APPROVAL_TIMEOUT: 3e5
+  // 5 minutes
+};
 var TOOL_NAME = {
   // System
   BASH: "bash",
@@ -236,7 +249,138 @@ var TOOL_NAME = {
   SEARCH_LINUX_PRIVESC: "search_linux_privesc",
   SEARCH_WINDOWS_PRIVESC: "search_windows_privesc",
   CTF_RESEARCH: "ctf_research",
-  SECURITY_RESEARCH: "security_research"
+  SECURITY_RESEARCH: "security_research",
+  // Advanced Web Tools
+  XSSTRIKE: "xsstrike",
+  ARJUN: "arjun",
+  PARAMSPIDER: "paramspider",
+  COMMIX: "commix",
+  WPSCAN: "wpscan",
+  JOOMSCAN: "joomscan",
+  DROOPESCAN: "droopescan",
+  DALFOX: "dalfox",
+  SSRFMAP: "ssrfmap",
+  NOSQLMAP: "nosqlmap",
+  JWT_TOOL: "jwt_tool",
+  GITDUMPER: "gitdumper",
+  // Advanced Network & AD Tools
+  RESPONDER: "responder",
+  LIGOLO: "ligolo",
+  EVIL_WINRM: "evil_winrm",
+  NETEXEC: "netexec",
+  CERTIPY: "certipy",
+  RUBEUS: "rubeus",
+  MIMIKATZ: "mimikatz",
+  COVENANT: "covenant",
+  PYPYKATZ: "pypykatz",
+  LDEEP: "ldeep",
+  ADIDNSDUMP: "adidnsdump",
+  PETITPOTAM: "petitpotam",
+  PRINTERBUG: "printerbug",
+  // Advanced Exploitation
+  PWNTOOLS: "pwntools",
+  ROPPER: "ropper",
+  CHECKSEC: "checksec",
+  ONE_GADGET: "one_gadget",
+  ANGR: "angr",
+  GHIDRA: "ghidra",
+  // Deep Research
+  SEARCH_CVE: "search_cve",
+  SEARCH_EXPLOIT_DB: "search_exploit_db",
+  DEEP_SEARCH: "deep_search",
+  FETCH_URL: "fetch_url",
+  // Advanced Web Exploitation (SSTI, Prototype Pollution, GraphQL, SSRF)
+  TPLMAP: "tplmap",
+  // SSTI exploitation
+  GRAPHQLMAP: "graphqlmap",
+  // GraphQL introspection & exploitation
+  CORS_SCANNER: "cors_scanner",
+  // CORS misconfiguration
+  CRLFUZZ: "crlfuzz",
+  // CRLF injection
+  SMUGGLER: "smuggler",
+  // HTTP request smuggling
+  YSOSERIAL: "ysoserial",
+  // Java deserialization
+  // Cloud & Container
+  CLOUDFOX: "cloudfox",
+  // AWS/Azure/GCP enumeration
+  PACU: "pacu",
+  // AWS exploitation framework
+  SCOUT_SUITE: "scout_suite",
+  // Multi-cloud security audit
+  TRIVY: "trivy",
+  // Container vulnerability scanner
+  KUBECTL: "kubectl",
+  // Kubernetes exploitation
+  DOCKER_ESCAPE: "docker_escape",
+  // Docker breakout tools
+  // Zero-Day Research & Fuzzing
+  AFL_FUZZ: "afl_fuzz",
+  // American Fuzzy Lop
+  BOOFUZZ: "boofuzz",
+  // Network protocol fuzzing
+  SYZKALLER: "syzkaller",
+  // Kernel fuzzing
+  // Recursive Web Search
+  RECURSIVE_SEARCH: "recursive_search",
+  // Deep recursive URL crawling
+  WAYBACK_MACHINE: "wayback_machine",
+  // Wayback Machine deep dive
+  UNIFIED_SEARCH: "unified_search",
+  // Multi-engine unified search
+  ZERO_DAY_RESEARCH: "zero_day_research",
+  // Multi-source 0day/PoC research
+  // Mobile & API Testing
+  FRIDA: "frida",
+  // Dynamic instrumentation
+  OBJECTION: "objection",
+  // Runtime mobile exploration
+  APKTOOL: "apktool",
+  // Android APK reverse engineering
+  MITMPROXY: "mitmproxy",
+  // TLS interception proxy
+  POSTMAN: "postman",
+  // API endpoint testing
+  // Wireless & Network MITM
+  AIRCRACK_NG: "aircrack_ng",
+  // Wireless cracking suite
+  REAVER: "reaver",
+  // WPS brute force
+  BETTERCAP: "bettercap",
+  // Network attack & monitoring
+  WIFITE: "wifite",
+  // Automated wireless attack
+  // Active Directory — Advanced
+  COERCER: "coercer",
+  // Authentication coercion (PetitPotam/PrinterBug unified)
+  NTLMRELAYX: "ntlmrelayx",
+  // NTLM relay attacks
+  KRBRELAYX: "krbrelayx",
+  // Kerberos relay attacks
+  NOPAC: "nopac",
+  // SAM-Account-Name spoofing (CVE-2021-42278/42287)
+  ZEROLOGON: "zerologon",
+  // ZeroLogon exploit (CVE-2020-1472)
+  // Social Engineering & Phishing
+  GOPHISH: "gophish",
+  // Phishing framework
+  EVILGINX: "evilginx",
+  // Adversary-in-the-middle phishing
+  // Advanced Code Analysis & Research
+  CODEQL: "codeql",
+  // Semantic code analysis for vulns
+  SEMGREP: "semgrep",
+  // Static analysis pattern matching
+  RET2DLRESOLVE: "ret2dlresolve",
+  // Return-oriented exploitation
+  KERNEL_EXPLOIT: "kernel_exploit",
+  // Kernel exploitation toolkit
+  // Continuous Persistent Search
+  CONTINUOUS_SEARCH: "continuous_search",
+  // Persistent background research
+  EXPLOIT_CHAIN_RESEARCH: "exploit_chain_research"
+  // Multi-stage exploit chain discovery
 };
 var APT_PACKAGE = {
   // Network
@@ -451,7 +595,113 @@ var TOOL_TO_APT = {
   [TOOL_NAME.SEARCH_LINUX_PRIVESC]: null,
   [TOOL_NAME.SEARCH_WINDOWS_PRIVESC]: null,
   [TOOL_NAME.CTF_RESEARCH]: null,
-  [TOOL_NAME.SECURITY_RESEARCH]: null
+  [TOOL_NAME.SECURITY_RESEARCH]: null,
+  // Advanced Web Tools (pip/go install)
+  [TOOL_NAME.XSSTRIKE]: null,
+  [TOOL_NAME.ARJUN]: null,
+  [TOOL_NAME.PARAMSPIDER]: null,
+  [TOOL_NAME.COMMIX]: null,
+  [TOOL_NAME.WPSCAN]: null,
+  [TOOL_NAME.JOOMSCAN]: null,
+  [TOOL_NAME.DROOPESCAN]: null,
+  [TOOL_NAME.DALFOX]: null,
+  [TOOL_NAME.SSRFMAP]: null,
+  [TOOL_NAME.NOSQLMAP]: null,
+  [TOOL_NAME.JWT_TOOL]: null,
+  [TOOL_NAME.GITDUMPER]: null,
+  // Advanced Network & AD Tools
+  [TOOL_NAME.RESPONDER]: null,
+  [TOOL_NAME.LIGOLO]: null,
+  [TOOL_NAME.EVIL_WINRM]: APT_PACKAGE.EVIL_WINRM,
+  [TOOL_NAME.NETEXEC]: null,
+  [TOOL_NAME.CERTIPY]: null,
+  [TOOL_NAME.RUBEUS]: null,
+  [TOOL_NAME.MIMIKATZ]: null,
+  [TOOL_NAME.COVENANT]: null,
+  [TOOL_NAME.PYPYKATZ]: null,
+  [TOOL_NAME.LDEEP]: null,
+  [TOOL_NAME.ADIDNSDUMP]: null,
+  [TOOL_NAME.PETITPOTAM]: null,
+  [TOOL_NAME.PRINTERBUG]: null,
+  // Advanced Exploitation
+  [TOOL_NAME.PWNTOOLS]: null,
+  [TOOL_NAME.ROPPER]: null,
+  [TOOL_NAME.CHECKSEC]: null,
+  [TOOL_NAME.ONE_GADGET]: null,
+  [TOOL_NAME.ANGR]: null,
+  [TOOL_NAME.GHIDRA]: null,
+  // Deep Research (no apt package)
+  [TOOL_NAME.SEARCH_CVE]: null,
+  [TOOL_NAME.SEARCH_EXPLOIT_DB]: null,
+  [TOOL_NAME.DEEP_SEARCH]: null,
+  [TOOL_NAME.FETCH_URL]: null,
+  // Advanced Web Exploitation
+  [TOOL_NAME.TPLMAP]: null,
+  [TOOL_NAME.GRAPHQLMAP]: null,
+  [TOOL_NAME.CORS_SCANNER]: null,
+  [TOOL_NAME.CRLFUZZ]: null,
+  [TOOL_NAME.SMUGGLER]: null,
+  [TOOL_NAME.YSOSERIAL]: null,
+  // Cloud & Container
+  [TOOL_NAME.CLOUDFOX]: null,
+  [TOOL_NAME.PACU]: null,
+  [TOOL_NAME.SCOUT_SUITE]: null,
+  [TOOL_NAME.TRIVY]: null,
+  [TOOL_NAME.KUBECTL]: null,
+  [TOOL_NAME.DOCKER_ESCAPE]: null,
+  // Zero-Day Research & Fuzzing
+  [TOOL_NAME.AFL_FUZZ]: null,
+  [TOOL_NAME.BOOFUZZ]: null,
+  [TOOL_NAME.SYZKALLER]: null,
+  // Recursive Web Search
+  [TOOL_NAME.RECURSIVE_SEARCH]: null,
+  [TOOL_NAME.WAYBACK_MACHINE]: null,
+  [TOOL_NAME.UNIFIED_SEARCH]: null,
+  [TOOL_NAME.ZERO_DAY_RESEARCH]: null,
+  // Mobile & API Testing
+  [TOOL_NAME.FRIDA]: null,
+  // pip install frida-tools
+  [TOOL_NAME.OBJECTION]: null,
+  // pip install objection
+  [TOOL_NAME.APKTOOL]: null,
+  // binary install
+  [TOOL_NAME.MITMPROXY]: null,
+  // pip install mitmproxy
+  [TOOL_NAME.POSTMAN]: null,
+  // binary install
+  // Wireless & Network MITM
+  [TOOL_NAME.AIRCRACK_NG]: "aircrack-ng",
+  [TOOL_NAME.REAVER]: "reaver",
+  [TOOL_NAME.BETTERCAP]: null,
+  // go install
+  [TOOL_NAME.WIFITE]: null,
+  // pip install
+  // Active Directory — Advanced
+  [TOOL_NAME.COERCER]: null,
+  // pip install
+  [TOOL_NAME.NTLMRELAYX]: null,
+  // impacket
+  [TOOL_NAME.KRBRELAYX]: null,
+  // pip install
+  [TOOL_NAME.NOPAC]: null,
+  // python script
+  [TOOL_NAME.ZEROLOGON]: null,
+  // python script
+  // Social Engineering & Phishing
+  [TOOL_NAME.GOPHISH]: null,
+  // binary install
+  [TOOL_NAME.EVILGINX]: null,
+  // go install
+  // Advanced Code Analysis & Research
+  [TOOL_NAME.CODEQL]: null,
+  // binary install
+  [TOOL_NAME.SEMGREP]: null,
+  // pip install
+  [TOOL_NAME.RET2DLRESOLVE]: null,
+  [TOOL_NAME.KERNEL_EXPLOIT]: null,
+  // Continuous Persistent Search
+  [TOOL_NAME.CONTINUOUS_SEARCH]: null,
+  [TOOL_NAME.EXPLOIT_CHAIN_RESEARCH]: null
 };
 var SENSITIVE_TOOLS = [
   TOOL_NAME.WRITE_FILE,
@@ -462,10 +712,63 @@ var SENSITIVE_TOOLS = [
   TOOL_NAME.GENERATE_PAYLOAD,
   TOOL_NAME.LATERAL_MOVEMENT
 ];
+var RESOURCE_THRESHOLD = {
+  MEMORY_WARNING: 0.7,
+  MEMORY_CRITICAL: 0.85,
+  CONTEXT_TOKEN_LIMIT: 1e5,
+  CHECK_INTERVAL_MS: 1e4
+};
+var AGENT_CONFIG = {
+  // Core
+  MAX_ITERATIONS: 200,
+  MAX_TOOL_CALLS_PER_ITERATION: 10,
+  DEFAULT_TIMEOUT: 6e4,
+  LONG_RUNNING_TIMEOUT: 6e5,
+  // Stuck Detection
+  STUCK_THRESHOLD: 5,
+  STUCK_TIME_THRESHOLD: 3e5,
+  MAX_PHASE_ATTEMPTS: 20,
+  // Context Management
+  MAX_CONTEXT_TOKENS: 1e5,
+  CONTEXT_COMPACTION_THRESHOLD: 0.8,
+  // Resource Management
+  MEMORY_WARNING_THRESHOLD: 0.7,
+  MEMORY_CRITICAL_THRESHOLD: 0.85,
+  RESOURCE_CHECK_INTERVAL: 1e4,
+  // Approval
+  APPROVAL_TIMEOUT: 6e4,
+  // Audit
+  AUDIT_MAX_ENTRIES: 1e3,
+  AUDIT_RETENTION_DAYS: 7
+};
 
 // src/config/constants.ts
-var APP_NAME = "pentesting";
-var APP_VERSION = "0.12.12";
+import { homedir } from "os";
+import { join } from "path";
+var PENTEST_ROOT = join(homedir(), ".pentesting");
+var PATHS = {
+  /** Root directory for all pentesting data: ~/.pentesting */
+  ROOT: PENTEST_ROOT,
+  /** Session snapshots and wire logs */
+  SESSIONS: join(PENTEST_ROOT, "sessions"),
+  /** Self-reflection learning data */
+  LEARNING: join(PENTEST_ROOT, "learning"),
+  /** Audit logs */
+  AUDIT: join(PENTEST_ROOT, "audit"),
+  /** User skill definitions (SKILL.md files) */
+  SKILLS: join(PENTEST_ROOT, "skills"),
+  /** Context checkpoints for undo/revert */
+  CHECKPOINTS: join(PENTEST_ROOT, "checkpoints"),
+  /** Config files (config.toml / config.json) */
+  CONFIG_TOML: join(PENTEST_ROOT, "config.toml"),
+  CONFIG_JSON: join(PENTEST_ROOT, "config.json"),
+  /** Agent spec YAML files */
+  AGENT_SPECS: join("src", "agents", "specs")
+};
+function getPath(base, ...segments) {
+  return join(base, ...segments);
+}
+var APP_VERSION = "0.14.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_API_KEY = process.env.PENTEST_API_KEY || process.env.ANTHROPIC_API_KEY || "";
 var LLM_BASE_URL = process.env.PENTEST_BASE_URL || void 0;
@@ -479,7 +782,7 @@ var CONTEXT_WINDOW = {
   reservedTokens: 4e3
   // Reserved for system prompt
 };
-var AGENT_CONFIG = {
+var AGENT_CONFIG2 = {
   maxIterations: 200,
   maxToolCallsPerIteration: 10,
   autoApprove: false,
@@ -511,9 +814,13 @@ export {
   AGENT_EVENT,
   CLI_COMMAND,
   MESSAGE_TYPE,
+  DEFAULTS,
   TOOL_NAME,
   TOOL_TO_APT,
-  APP_NAME,
+  RESOURCE_THRESHOLD,
+  AGENT_CONFIG,
+  PATHS,
+  getPath,
   APP_VERSION,
   APP_DESCRIPTION,
   LLM_API_KEY,
@@ -521,5 +828,5 @@ export {
   LLM_MODEL,
   LLM_MAX_TOKENS,
   CONTEXT_WINDOW,
-  AGENT_CONFIG
+  AGENT_CONFIG2
 };

package/dist/{chunk-AOJBE232.js → chunk-M2IFHZDV.js}

@@ -1,3 +1,56 @@
+// src/constants/_shared/timing.const.ts
+var TIMEOUT = {
+  // 재시도 지연
+  RETRY_INITIAL: 300,
+  RETRY_MAX: 1e4,
+  // 네트워크 타임아웃
+  HTTP_REQUEST: 3e4,
+  // 30초
+  API_CALL: 15e3,
+  // 15초
+  WEBSOCKET_CONNECT: 5e3,
+  // 5초
+  // 도구 실행 타임아웃
+  TOOL_DEFAULT: 3e5,
+  // 5분
+  TOOL_SCAN: 6e5,
+  // 10분
+  TOOL_EXPLOIT: 18e4,
+  // 3분
+  TOOL_ANALYSIS: 12e4,
+  // 2분 - 분석 도구용
+  // UI 업데이트 인터벌
+  STATUS_UPDATE: 1e3,
+  // 1초
+  PROGRESS_UPDATE: 500,
+  // 0.5초
+  // 세션/체크포인트
+  CHECKPOINT_INTERVAL: 3e4,
+  // 30초
+  SESSION_CLEANUP: 7 * 24 * 60 * 60 * 1e3,
+  // 7일
+  CHECKPOINT_RETENTION: 30 * 24 * 60 * 60 * 1e3,
+  // 30일
+  // 감시/감사 임계값
+  AUDIT_LONG_EXECUTION: 3e5,
+  // 5분 - 비정상적으로 긴 실행 시간 감지
+  // 리스너/백그라운드 서비스 타임아웃
+  LISTENER_TIMEOUT: 36e5
+  // 1시간 - 리스너/백그라운드 서비스용
+};
+var DELAY = {
+  // 짧은 지연
+  SHORT: 100,
+  MEDIUM: 500,
+  LONG: 1e3,
+  // 재시도 백오프
+  BACKOFF_BASE: 1e3,
+  BACKOFF_MAX: 6e4,
+  // 사용자 확인 타임아웃
+  CONFIRMATION_TIMEOUT: 1e4
+  // 10초 (Ctrl+C 더블 프레스 확인 등)
+};
+
 // src/core/tools/web-search.ts
 var browser = null;
 var browserContext = null;
@@ -128,7 +181,7 @@ async function searchGoogle(query, options = {}) {
         waitUntil: "domcontentloaded"
       });
     }
-    await page.waitForSelector("h3", { timeout: 1e4 }).catch(() => {
+    await page.waitForSelector("h3", { timeout: TIMEOUT.RETRY_MAX }).catch(() => {
     });
     const searchResults = await page.$$eval("div.g, div.tF2Cxc, div.MjjYud", (elements) => {
       return elements.map((el) => {
@@ -242,7 +295,7 @@ async function searchBrave(query, options = {}) {
     await page.goto("https://search.brave.com/search?q=" + encodeURIComponent(query), {
       waitUntil: "domcontentloaded"
     });
-    await page.waitForSelector(".snippet", { timeout: 1e4 }).catch(() => {
+    await page.waitForSelector(".snippet", { timeout: TIMEOUT.RETRY_MAX }).catch(() => {
     });
     const searchResults = await page.$$eval("#results .snippet, .result, article, div.snippet", (elements) => {
       return elements.map((el) => {
@@ -433,8 +486,97 @@ async function ctfResearch(boxName, scenario) {
   ]);
   return { machine, scenario: scenarioResults, exploits, deepContent };
 }
+async function recursiveSearch(query, options = {}) {
+  const { maxDepth = 2, maxPagesPerLevel = 3, timeout = 3e4 } = options;
+  const visited = /* @__PURE__ */ new Set();
+  const allResults = [];
+  async function crawlLevel(urls, currentDepth) {
+    if (currentDepth > maxDepth) return;
+    const unvisited = urls.filter((u) => !visited.has(u)).slice(0, maxPagesPerLevel);
+    for (const url of unvisited) {
+      visited.add(url);
+      let page = null;
+      try {
+        const context = await getFreshContext();
+        page = await context.newPage();
+        if (!page) continue;
+        page.setDefaultTimeout(timeout);
+        await page.goto(url, { waitUntil: "domcontentloaded" });
+        const content = await page.evaluate(() => {
+          document.querySelectorAll("script, style, nav, footer, header, aside").forEach((el) => el.remove());
+          const main = document.querySelector("main, article, .content, #content, .post-content") || document.body;
+          return main.textContent?.replace(/\s+/g, " ").trim().slice(0, 5e3) || "";
+        });
+        const links = await page.$$eval("a[href]", (anchors) => {
+          return anchors.map((a) => a.href).filter((href) => href.startsWith("http") && !href.includes("#")).slice(0, 15);
+        });
+        allResults.push({
+          title: await page.title(),
+          url,
+          snippet: content.slice(0, 200),
+          content,
+          links,
+          depth: currentDepth
+        });
+        if (currentDepth < maxDepth && links.length > 0) {
+          await crawlLevel(links, currentDepth + 1);
+        }
+      } catch {
+      } finally {
+        if (page) await page.close();
+      }
+    }
+  }
+  const initialResults = await unifiedSearch(query, { maxResults: maxPagesPerLevel });
+  const initialUrls = initialResults.map((r) => r.url).filter(Boolean);
+  await crawlLevel(initialUrls, 0);
+  return allResults;
+}
+async function waybackSearch(targetUrl, options = {}) {
+  const { limit = 20, timeout = 3e4 } = options;
+  const results = [];
+  let page = null;
+  try {
+    const context = await getFreshContext();
+    page = await context.newPage();
+    if (!page) return results;
+    page.setDefaultTimeout(timeout);
+    const cdxUrl = `https://web.archive.org/cdx/search/cdx?url=${encodeURIComponent(targetUrl)}&output=json&limit=${limit}&fl=timestamp,original,statuscode,mimetype`;
+    await page.goto(cdxUrl, { waitUntil: "domcontentloaded" });
+    const content = await page.evaluate(() => document.body.textContent || "");
+    try {
+      const parsed = JSON.parse(content);
+      for (let i = 1; i < parsed.length; i++) {
+        const [timestamp, url, status, mimeType] = parsed[i];
+        results.push({
+          timestamp,
+          url: `https://web.archive.org/web/${timestamp}/${url}`,
+          status,
+          mimeType
+        });
+      }
+    } catch {
+    }
+  } catch {
+  } finally {
+    if (page) await page.close();
+  }
+  return results;
+}
+async function zeroDayResearch(query) {
+  const [cves, pocs, advisories, githubExploits, nucleiTemplates] = await Promise.all([
+    unifiedSearch(`${query} site:nvd.nist.gov OR site:cve.mitre.org OR site:cvedetails.com`),
+    unifiedSearch(`${query} proof of concept exploit PoC site:github.com OR site:packetstormsecurity.com`),
+    unifiedSearch(`${query} security advisory bulletin site:security.snyk.io OR site:github.com/advisories`),
+    unifiedSearch(`${query} exploit RCE LFI site:github.com`),
+    unifiedSearch(`${query} nuclei template site:github.com/projectdiscovery`)
+  ]);
+  return { cves, pocs, advisories, githubExploits, nucleiTemplates };
+}
 
 export {
+  TIMEOUT,
+  DELAY,
   closeBrowser,
   searchGoogle,
   searchDuckDuckGo,
@@ -453,5 +595,8 @@ export {
   searchLinuxPrivesc,
   searchWindowsPrivesc,
   securityResearch,
-  ctfResearch
+  ctfResearch,
+  recursiveSearch,
+  waybackSearch,
+  zeroDayResearch
 };