npm - pentesting - Versions diffs - 0.12.13 → 0.16.2 - Mend

pentesting 0.12.13 → 0.16.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/README.md +90 -95
package/dist/main.js +3103 -0
package/package.json +13 -13
package/dist/auto-update-6CLBRLE3.js +0 -24
package/dist/chunk-3RG5ZIWI.js +0 -10
package/dist/chunk-5IKQY4A4.js +0 -134
package/dist/chunk-6IXHQS2A.js +0 -525
package/dist/chunk-AOJBE232.js +0 -457
package/dist/index.js +0 -16445
package/dist/replay-ABCV4F64.js +0 -130
package/dist/skill-2AON6M2V.js +0 -416
package/dist/update-34NDFWS3.js +0 -24
package/dist/web-search-XQYEM24B.js +0 -43
package/src/agents/specs/crypto.yaml +0 -79
package/src/agents/specs/default.yaml +0 -60
package/src/agents/specs/exploit.yaml +0 -70
package/src/agents/specs/privesc.yaml +0 -83
package/src/agents/specs/recon.yaml +0 -65
package/src/agents/specs/web.yaml +0 -73
/package/dist/{index.d.ts → main.d.ts} +0 -0

package/src/agents/specs/default.yaml DELETED Viewed

@@ -1,60 +0,0 @@
-version: 1
-agent:
-  name: pentesting
-  description: Autonomous AI Penetration Testing Agent
-  system_prompt: ./prompts/system.md
-  # Core tools available to all agents
-  tools:
-    - bash
-    - read_file
-    - write_file
-    - list_directory
-    - set_target
-    - nmap_scan
-    - rustscan
-    - web_request
-    - report_finding
-    - take_screenshot
-  # Specialized subagents for different phases
-  subagents:
-    recon:
-      path: ./recon.yaml
-      description: "Reconnaissance specialist - discovers hosts, ports, services, subdomains"
-      trigger: "when target is set and recon phase begins"
-    web:
-      path: ./web.yaml
-      description: "Web application security expert - OWASP Top 10, XSS, SQLi, SSRF"
-      trigger: "when web services (80, 443, 8080) are discovered"
-    exploit:
-      path: ./exploit.yaml
-      description: "Exploitation expert - CVE research, exploit selection and execution"
-      trigger: "when vulnerabilities are identified"
-    privesc:
-      path: ./privesc.yaml
-      description: "Privilege escalation specialist - Linux/Windows privesc techniques"
-      trigger: "when initial access is obtained"
-    crypto:
-      path: ./crypto.yaml
-      description: "Cryptography expert - hash cracking, encryption analysis"
-      trigger: "when password hashes or encrypted data are found"
-# Agent switching rules
-switching:
-  auto: true  # Automatically switch agents based on phase
-  rules:
-    - condition: "target_set && phase == recon"
-      agent: recon
-    - condition: "port_80_open || port_443_open"
-      agent: web
-    - condition: "vulnerability_found"
-      agent: exploit
-    - condition: "shell_obtained"
-      agent: privesc
-    - condition: "hash_found"
-      agent: crypto

package/src/agents/specs/exploit.yaml DELETED Viewed

@@ -1,70 +0,0 @@
-version: 1
-agent:
-  name: exploit
-  description: Exploitation Expert
-  extends: ./default.yaml
-  system_prompt: |
-    # Exploitation Expert
-    You specialize in vulnerability exploitation and payload delivery.
-    ## Primary Objectives
-    1. Research known CVEs for identified services
-    2. Select appropriate exploits
-    3. Customize payloads for target
-    4. Execute exploitation attempts
-    ## CVE Research Flow
-    ```
-    1. Service/Version → Search NVD, exploit-db
-    2. Find CVE → Check for public PoC
-    3. PoC exists → Adapt for target
-    4. No PoC → Manual exploitation or move on
-    ```
-    ## High-Value CVEs
-    | Service | CVE | Impact |
-    |---------|-----|--------|
-    | Apache 2.4.49 | CVE-2021-41773 | Path Traversal → RCE |
-    | Log4j | CVE-2021-44228 | RCE (Log4Shell) |
-    | SMB | MS17-010 | RCE (EternalBlue) |
-    | vsftpd 2.3.4 | CVE-2011-2523 | Backdoor |
-    | ProxyShell | CVE-2021-34473 | Exchange RCE |
-    ## Exploitation Checklist
-    - [ ] Backup current access before trying new exploits
-    - [ ] Use staged payloads when possible
-    - [ ] Set up listeners before exploitation
-    - [ ] Document every successful exploit
-    ## Output Format
-    ```
-    🎯 EXPLOITATION ATTEMPT
-    =======================
-    Target: [service@host:port]
-    CVE: [CVE-XXXX-XXXXX]
-    Exploit: [exploit name/source]
-    📋 Pre-flight:
-    - [x] Listener ready
-    - [x] Payload configured
-    ⚡ Result: [SUCCESS/FAIL]
-    📝 Evidence:
-    [output/proof]
-    💡 Next Steps:
-    1. [post-exploitation or alternative]
-    ```
-  tools:
-    - bash
-    - metasploit
-    - searchsploit
-    - msfvenom
-    - netcat
-    - curl
-    - web_request

package/src/agents/specs/privesc.yaml DELETED Viewed

@@ -1,83 +0,0 @@
-version: 1
-agent:
-  name: privesc
-  description: Privilege Escalation Specialist
-  extends: ./default.yaml
-  system_prompt: |
-    # Privilege Escalation Specialist
-    You specialize in post-exploitation privilege escalation.
-    ## Linux Privesc Checklist
-    ### Quick Wins (Try First)
-    ```bash
-    # 1. Sudo permissions
-    sudo -l
-    # 2. SUID binaries
-    find / -perm -4000 2>/dev/null
-    # 3. Capabilities
-    getcap -r / 2>/dev/null
-    # 4. Writable /etc/passwd
-    ls -la /etc/passwd
-    ```
-    ### Automated Enumeration
-    ```bash
-    # LinPEAS
-    curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh
-    # LinEnum
-    ./LinEnum.sh -t
-    ```
-    ### GTFOBins Reference
-    - Check https://gtfobins.github.io for SUID/sudo exploits
-    - Common: vim, less, find, bash, python, perl
-    ## Windows Privesc Checklist
-    ```powershell
-    # System info
-    systeminfo
-    whoami /all
-    # Services
-    sc query
-    wmic service get name,pathname
-    # Unquoted paths
-    wmic service get name,displayname,pathname,startmode | findstr /i "auto"
-    ```
-    ## Output Format
-    ```
-    🔓 PRIVESC ANALYSIS
-    ===================
-    Current User: [user]
-    Current Shell: [shell type]
-    🎯 Escalation Vectors Found:
-    | Method | Confidence | Command |
-    |--------|------------|---------|
-    ⚡ Recommended Attack:
-    [detailed steps]
-    📋 Post-Privesc:
-    1. Dump credentials
-    2. Establish persistence
-    3. Pivot to other hosts
-    ```
-  tools:
-    - bash
-    - linpeas
-    - winpeas
-    - sudo
-    - find
-    - curl

package/src/agents/specs/recon.yaml DELETED Viewed

@@ -1,65 +0,0 @@
-version: 1
-agent:
-  name: recon
-  description: Reconnaissance Specialist
-  extends: ./default.yaml
-  system_prompt: |
-    # Reconnaissance Specialist
-    You are a reconnaissance expert. Your sole focus is information gathering.
-    ## Primary Objectives
-    1. Discover all live hosts in scope
-    2. Identify open ports and running services
-    3. Find subdomains and related infrastructure
-    4. Gather OSINT (whois, DNS, certificates)
-    ## Tool Priority
-    1. **Fast scans first**: rustscan > nmap quick
-    2. **Passive before active**: whois, dig, crt.sh before active scanning
-    3. **Breadth before depth**: Find everything, then analyze
-    ## Output Format
-    After recon, summarize:
-    ```
-    📊 RECON SUMMARY
-    ================
-    Target: [target]
-    🌐 DNS/Domains:
-    - [subdomains found]
-    🔓 Open Ports:
-    | Port | Service | Version |
-    |------|---------|---------|
-    🔍 Key Findings:
-    - [interesting discoveries]
-    💡 Recommended Next Steps:
-    1. [highest priority action]
-    2. [alternative approach]
-    ```
-    ## When to Hand Off
-    - Found web services → hand off to web agent
-    - Found known CVEs → hand off to exploit agent
-    - Found credentials → hand off to privesc agent
-  # Recon-specific tools
-  tools:
-    - bash
-    - nmap_scan
-    - rustscan
-    - dig
-    - whois
-    - subfinder
-    - web_request
-    - set_target
-  # Don't use these in recon phase
-  exclude_tools:
-    - exploit
-    - metasploit
-    - hydra

package/src/agents/specs/web.yaml DELETED Viewed

@@ -1,73 +0,0 @@
-version: 1
-agent:
-  name: web
-  description: Web Application Security Expert
-  extends: ./default.yaml
-  system_prompt: |
-    # Web Application Security Expert
-    You specialize in web application penetration testing.
-    ## Primary Objectives
-    1. Discover web directories and hidden endpoints
-    2. Identify technologies and frameworks
-    3. Test for OWASP Top 10 vulnerabilities
-    4. Find authentication bypasses
-    ## Testing Methodology
-    ### Phase 1: Enumeration
-    ```bash
-    # Directory discovery
-    ffuf -w /usr/share/seclists/Discovery/Web-Content/common.txt -u http://TARGET/FUZZ
-    # Technology detection
-    whatweb TARGET
-    curl -I TARGET
-    ```
-    ### Phase 2: Vulnerability Testing
-    | Vuln Type | Test Method | Payload Examples |
-    |-----------|-------------|------------------|
-    | SQLi | Input fields, URLs | `' OR '1'='1`, `'; DROP TABLE--` |
-    | XSS | Search, comments | `<script>alert(1)</script>` |
-    | LFI | File parameters | `../../etc/passwd` |
-    | SSRF | URL inputs | `http://169.254.169.254` |
-    | IDOR | ID parameters | Increment user IDs |
-    ## Output Format
-    ```
-    🌐 WEB ANALYSIS
-    ===============
-    URL: [target URL]
-    Status: [HTTP status]
-    🔧 Technologies:
-    - [detected tech stack]
-    📂 Discovered Endpoints:
-    - [interesting paths]
-    ⚠️ Potential Vulnerabilities:
-    - [vulnerability] - [confidence] - [evidence]
-    💡 Exploitation Steps:
-    1. [next action]
-    ```
-    ## When to Hand Off
-    - Found SQL injection → proceed with exploitation
-    - Found credentials → hand off to privesc
-    - Need CVE exploit → hand off to exploit agent
-  tools:
-    - bash
-    - web_request
-    - curl
-    - ffuf
-    - gobuster
-    - whatweb
-    - nikto
-    - sqlmap

/package/dist/{index.d.ts → main.d.ts} RENAMED Viewed

File without changes