pentesting 0.2.4 → 0.2.5

package/README.md

@@ -29,6 +29,11 @@ export PENTEST_API_KEY=your_api_key
 export PENTEST_BASE_URL=https://your-api-endpoint.com/v1
 export PENTEST_MODEL=your-model-name
 
+export PENTEST_API_KEY="key"
+export PENTEST_BASE_URL="https://api.z.ai/api/anthropic"
+export PENTEST_MODEL="glm-4.7"
+
+
 # Run
 pentesting
 ```

package/dist/index.js

@@ -12,7 +12,7 @@ import Spinner from "ink-spinner";
 
 // src/core/agent/autonomous-agent.ts
 import Anthropic from "@anthropic-ai/sdk";
-import { EventEmitter as EventEmitter3 } from "events";
+import { EventEmitter as EventEmitter4 } from "events";
 
 // src/core/prompts/autonomous-prompt.ts
 var AUTONOMOUS_HACKING_PROMPT = `You are Hacker-Code, an elite autonomous penetration testing AI designed for CTF competitions and professional security assessments. You operate with minimal human intervention, making intelligent decisions, adapting to obstacles, and persistently pursuing objectives until complete system compromise.
@@ -251,6 +251,8 @@ var AGENT_EVENT = {
   TOOL_CALL: "tool_call",
   TOOL_RESULT: "tool_result",
   COMMAND_EXECUTE: "command_execute",
+  APPROVAL_NEEDED: "approval_needed",
+  TOKEN_USAGE: "token_usage",
   // State changes
   TARGET_SET: "target_set",
   PHASE_CHANGE: "phase_change",
@@ -1374,7 +1376,7 @@ const { chromium } = require('playwright');
 }
 
 // src/config/constants.ts
-var APP_VERSION = "0.2.4";
+var APP_VERSION = "0.2.5";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_API_KEY = process.env.PENTEST_API_KEY || process.env.ANTHROPIC_API_KEY || "";
 var LLM_BASE_URL = process.env.PENTEST_BASE_URL || void 0;
@@ -1732,6 +1734,183 @@ function getMCPManager() {
   return mcpManager;
 }
 
+// src/core/approval/approval-manager.ts
+import { EventEmitter as EventEmitter3 } from "events";
+var APPROVAL_EVENT = {
+  REQUEST: "approval_request",
+  RESPONSE: "approval_response",
+  TIMEOUT: "approval_timeout"
+};
+var CRITICAL_TOOLS = [
+  "execute_command",
+  "write_file",
+  "delete_file",
+  "modify_file",
+  "send_request",
+  "exploit_execute"
+];
+var HIGH_RISK_PATTERNS = [
+  /rm\s+-rf/i,
+  /mkfs/i,
+  /dd\s+if=/i,
+  /format/i,
+  /shutdown/i,
+  /reboot/i,
+  /kill\s+-9/i,
+  /pkill/i,
+  /iptables/i,
+  /ufw/i,
+  /firewall/i,
+  /passwd/i,
+  /useradd/i,
+  /userdel/i,
+  /chmod\s+777/i,
+  /chown/i,
+  /sudo/i,
+  /su\s+-/i,
+  /nc\s+-e/i,
+  /bash\s+-i/i,
+  /reverse.*shell/i,
+  /bind.*shell/i,
+  /meterpreter/i,
+  /mimikatz/i
+];
+function assessRisk(toolName, toolInput) {
+  const inputStr = JSON.stringify(toolInput).toLowerCase();
+  for (const pattern of HIGH_RISK_PATTERNS) {
+    if (pattern.test(inputStr)) {
+      return "critical";
+    }
+  }
+  if (CRITICAL_TOOLS.includes(toolName)) {
+    return "high";
+  }
+  if (toolName.includes("script") || toolName.includes("exec")) {
+    return "medium";
+  }
+  if (toolName.includes("scan") || toolName.includes("request")) {
+    return "medium";
+  }
+  return "low";
+}
+function generateRequestId() {
+  return `approval_${Date.now()}_${Math.random().toString(36).substring(2, 8)}`;
+}
+var ApprovalManager = class extends EventEmitter3 {
+  pendingRequests = /* @__PURE__ */ new Map();
+  autoApprovedTools = /* @__PURE__ */ new Set();
+  autoDeniedTools = /* @__PURE__ */ new Set();
+  yoloMode = false;
+  defaultTimeout = 6e4;
+  // 1 minute
+  constructor(options) {
+    super();
+    this.yoloMode = options?.yoloMode ?? false;
+    this.defaultTimeout = options?.timeout ?? 6e4;
+  }
+  /**
+   * Enable/disable YOLO mode (auto-approve everything)
+   */
+  setYoloMode(enabled) {
+    this.yoloMode = enabled;
+    this.emit("yolo_mode_changed", enabled);
+  }
+  /**
+   * Check if approval is required for a tool call
+   */
+  requiresApproval(toolName, toolInput) {
+    if (this.yoloMode) return false;
+    if (this.autoApprovedTools.has(toolName)) return false;
+    if (this.autoDeniedTools.has(toolName)) return true;
+    const risk = assessRisk(toolName, toolInput);
+    if (risk === "low") return false;
+    return true;
+  }
+  /**
+   * Request approval for a tool call
+   */
+  async requestApproval(toolName, toolInput, reason) {
+    if (this.autoDeniedTools.has(toolName)) {
+      return "deny";
+    }
+    if (this.autoApprovedTools.has(toolName)) {
+      return "approve";
+    }
+    const risk = assessRisk(toolName, toolInput);
+    const request = {
+      id: generateRequestId(),
+      toolName,
+      toolInput,
+      reason: reason || `Tool "${toolName}" requires approval (${risk} risk)`,
+      riskLevel: risk,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.pendingRequests.set(request.id, request);
+    this.emit(APPROVAL_EVENT.REQUEST, request);
+    return new Promise((resolve) => {
+      const timeout = setTimeout(() => {
+        this.pendingRequests.delete(request.id);
+        this.emit(APPROVAL_EVENT.TIMEOUT, request.id);
+        resolve("deny");
+      }, this.defaultTimeout);
+      const responseHandler = (response) => {
+        if (response.requestId === request.id) {
+          clearTimeout(timeout);
+          this.pendingRequests.delete(request.id);
+          this.removeListener(APPROVAL_EVENT.RESPONSE, responseHandler);
+          if (response.decision === "approve_always") {
+            this.autoApprovedTools.add(toolName);
+            resolve("approve");
+          } else if (response.decision === "deny_always") {
+            this.autoDeniedTools.add(toolName);
+            resolve("deny");
+          } else {
+            resolve(response.decision);
+          }
+        }
+      };
+      this.on(APPROVAL_EVENT.RESPONSE, responseHandler);
+    });
+  }
+  /**
+   * Respond to an approval request (called by UI)
+   */
+  respond(requestId, decision) {
+    const response = {
+      requestId,
+      decision,
+      respondedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.emit(APPROVAL_EVENT.RESPONSE, response);
+  }
+  /**
+   * Get pending requests
+   */
+  getPendingRequests() {
+    return Array.from(this.pendingRequests.values());
+  }
+  /**
+   * Get auto-approved tools
+   */
+  getAutoApprovedTools() {
+    return Array.from(this.autoApprovedTools);
+  }
+  /**
+   * Reset all auto decisions
+   */
+  resetAutoDecisions() {
+    this.autoApprovedTools.clear();
+    this.autoDeniedTools.clear();
+  }
+};
+var approvalManager = null;
+function getApprovalManager(options) {
+  if (!approvalManager) {
+    approvalManager = new ApprovalManager(options);
+  }
+  return approvalManager;
+}
+
 // src/core/tools/web-search.ts
 import { spawn as spawn4 } from "child_process";
 async function searchDuckDuckGo(query, options = {}) {
@@ -2959,7 +3138,7 @@ var DEFAULT_PHASES = [
   { id: PHASE_ID.EXFIL, name: "Data Exfiltration", shortName: "Exfil", status: PHASE_STATUS.PENDING, attempts: 0 },
   { id: PHASE_ID.REPORT, name: "Reporting", shortName: "Report", status: PHASE_STATUS.PENDING, attempts: 0 }
 ];
-var AutonomousHackingAgent = class extends EventEmitter3 {
+var AutonomousHackingAgent = class extends EventEmitter4 {
   client;
   state;
   config;
@@ -2970,6 +3149,13 @@ var AutonomousHackingAgent = class extends EventEmitter3 {
   hookExecutor;
   mcpManager;
   contextManager;
+  approvalManager;
+  // Token usage tracking
+  tokenUsage = {
+    input: 0,
+    output: 0,
+    total: 0
+  };
   // Rabbit hole detection settings
   STUCK_THRESHOLD = 5;
   // Same action repeat count
@@ -2988,6 +3174,7 @@ var AutonomousHackingAgent = class extends EventEmitter3 {
     this.hookExecutor = getHookExecutor();
     this.mcpManager = getMCPManager();
     this.contextManager = new ContextManager(this.client);
+    this.approvalManager = getApprovalManager({ yoloMode: config?.autoApprove });
     this.state = this.createInitialState();
     this.initSystems();
   }
@@ -3399,6 +3586,12 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
         }
       }
     );
+    if (response.usage) {
+      this.tokenUsage.input += response.usage.input_tokens;
+      this.tokenUsage.output += response.usage.output_tokens;
+      this.tokenUsage.total = this.tokenUsage.input + this.tokenUsage.output;
+      this.emit(AGENT_EVENT.TOKEN_USAGE, this.tokenUsage);
+    }
     return this.processResponse(response);
   }
   buildContextPrompt() {
@@ -3457,6 +3650,29 @@ Use report_finding tool for important discoveries.
           this.think(THOUGHT_TYPE.STUCK, `Tool blocked by hook: ${hookCheck.output}`);
           continue;
         }
+        if (this.approvalManager.requiresApproval(toolName, toolInput)) {
+          const risk = assessRisk(toolName, toolInput);
+          this.emit(AGENT_EVENT.APPROVAL_NEEDED, {
+            id: block.id,
+            toolName,
+            toolInput,
+            riskLevel: risk
+          });
+          const decision = await this.approvalManager.requestApproval(
+            toolName,
+            toolInput,
+            `Executing ${toolName} (${risk} risk)`
+          );
+          if (decision === "deny") {
+            this.think(THOUGHT_TYPE.STUCK, `Tool denied by user: ${toolName}`);
+            this.emit(AGENT_EVENT.TOOL_RESULT, {
+              id: block.id,
+              name: toolName,
+              result: { success: false, output: "Denied by user" }
+            });
+            continue;
+          }
+        }
         const result = await executeToolCall(toolName, toolInput);
         await this.hookExecutor.runPostToolUse(toolName, result.output || "");
         const resultType = result.success ? "result" : "result";
@@ -3833,14 +4049,14 @@ Respond helpfully to the user's message. If they ask to perform security testing
 // src/core/session/session-manager.ts
 import * as fs3 from "fs/promises";
 import * as path3 from "path";
-import { EventEmitter as EventEmitter4 } from "events";
+import { EventEmitter as EventEmitter5 } from "events";
 var SESSIONS_DIR = ".pentesting/sessions";
 function generateSessionId() {
   const timestamp = Date.now().toString(36);
   const random = Math.random().toString(36).substring(2, 8);
   return `session_${timestamp}_${random}`;
 }
-var SessionManager = class extends EventEmitter4 {
+var SessionManager = class extends EventEmitter5 {
   sessionsDir;
   currentSession = null;
   constructor(baseDir) {
@@ -4015,183 +4231,6 @@ function getSessionManager() {
   return sessionManager;
 }
 
-// src/core/approval/approval-manager.ts
-import { EventEmitter as EventEmitter5 } from "events";
-var APPROVAL_EVENT = {
-  REQUEST: "approval_request",
-  RESPONSE: "approval_response",
-  TIMEOUT: "approval_timeout"
-};
-var CRITICAL_TOOLS = [
-  "execute_command",
-  "write_file",
-  "delete_file",
-  "modify_file",
-  "send_request",
-  "exploit_execute"
-];
-var HIGH_RISK_PATTERNS = [
-  /rm\s+-rf/i,
-  /mkfs/i,
-  /dd\s+if=/i,
-  /format/i,
-  /shutdown/i,
-  /reboot/i,
-  /kill\s+-9/i,
-  /pkill/i,
-  /iptables/i,
-  /ufw/i,
-  /firewall/i,
-  /passwd/i,
-  /useradd/i,
-  /userdel/i,
-  /chmod\s+777/i,
-  /chown/i,
-  /sudo/i,
-  /su\s+-/i,
-  /nc\s+-e/i,
-  /bash\s+-i/i,
-  /reverse.*shell/i,
-  /bind.*shell/i,
-  /meterpreter/i,
-  /mimikatz/i
-];
-function assessRisk(toolName, toolInput) {
-  const inputStr = JSON.stringify(toolInput).toLowerCase();
-  for (const pattern of HIGH_RISK_PATTERNS) {
-    if (pattern.test(inputStr)) {
-      return "critical";
-    }
-  }
-  if (CRITICAL_TOOLS.includes(toolName)) {
-    return "high";
-  }
-  if (toolName.includes("script") || toolName.includes("exec")) {
-    return "medium";
-  }
-  if (toolName.includes("scan") || toolName.includes("request")) {
-    return "medium";
-  }
-  return "low";
-}
-function generateRequestId() {
-  return `approval_${Date.now()}_${Math.random().toString(36).substring(2, 8)}`;
-}
-var ApprovalManager = class extends EventEmitter5 {
-  pendingRequests = /* @__PURE__ */ new Map();
-  autoApprovedTools = /* @__PURE__ */ new Set();
-  autoDeniedTools = /* @__PURE__ */ new Set();
-  yoloMode = false;
-  defaultTimeout = 6e4;
-  // 1 minute
-  constructor(options) {
-    super();
-    this.yoloMode = options?.yoloMode ?? false;
-    this.defaultTimeout = options?.timeout ?? 6e4;
-  }
-  /**
-   * Enable/disable YOLO mode (auto-approve everything)
-   */
-  setYoloMode(enabled) {
-    this.yoloMode = enabled;
-    this.emit("yolo_mode_changed", enabled);
-  }
-  /**
-   * Check if approval is required for a tool call
-   */
-  requiresApproval(toolName, toolInput) {
-    if (this.yoloMode) return false;
-    if (this.autoApprovedTools.has(toolName)) return false;
-    if (this.autoDeniedTools.has(toolName)) return true;
-    const risk = assessRisk(toolName, toolInput);
-    if (risk === "low") return false;
-    return true;
-  }
-  /**
-   * Request approval for a tool call
-   */
-  async requestApproval(toolName, toolInput, reason) {
-    if (this.autoDeniedTools.has(toolName)) {
-      return "deny";
-    }
-    if (this.autoApprovedTools.has(toolName)) {
-      return "approve";
-    }
-    const risk = assessRisk(toolName, toolInput);
-    const request = {
-      id: generateRequestId(),
-      toolName,
-      toolInput,
-      reason: reason || `Tool "${toolName}" requires approval (${risk} risk)`,
-      riskLevel: risk,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    };
-    this.pendingRequests.set(request.id, request);
-    this.emit(APPROVAL_EVENT.REQUEST, request);
-    return new Promise((resolve) => {
-      const timeout = setTimeout(() => {
-        this.pendingRequests.delete(request.id);
-        this.emit(APPROVAL_EVENT.TIMEOUT, request.id);
-        resolve("deny");
-      }, this.defaultTimeout);
-      const responseHandler = (response) => {
-        if (response.requestId === request.id) {
-          clearTimeout(timeout);
-          this.pendingRequests.delete(request.id);
-          this.removeListener(APPROVAL_EVENT.RESPONSE, responseHandler);
-          if (response.decision === "approve_always") {
-            this.autoApprovedTools.add(toolName);
-            resolve("approve");
-          } else if (response.decision === "deny_always") {
-            this.autoDeniedTools.add(toolName);
-            resolve("deny");
-          } else {
-            resolve(response.decision);
-          }
-        }
-      };
-      this.on(APPROVAL_EVENT.RESPONSE, responseHandler);
-    });
-  }
-  /**
-   * Respond to an approval request (called by UI)
-   */
-  respond(requestId, decision) {
-    const response = {
-      requestId,
-      decision,
-      respondedAt: (/* @__PURE__ */ new Date()).toISOString()
-    };
-    this.emit(APPROVAL_EVENT.RESPONSE, response);
-  }
-  /**
-   * Get pending requests
-   */
-  getPendingRequests() {
-    return Array.from(this.pendingRequests.values());
-  }
-  /**
-   * Get auto-approved tools
-   */
-  getAutoApprovedTools() {
-    return Array.from(this.autoApprovedTools);
-  }
-  /**
-   * Reset all auto decisions
-   */
-  resetAutoDecisions() {
-    this.autoApprovedTools.clear();
-    this.autoDeniedTools.clear();
-  }
-};
-var approvalManager = null;
-function getApprovalManager(options) {
-  if (!approvalManager) {
-    approvalManager = new ApprovalManager(options);
-  }
-  return approvalManager;
-}
-
 // src/config/theme.ts
 var THEME = {
   // Primary backgrounds (dark purple tones)
@@ -4287,6 +4326,7 @@ var App = ({ autoApprove = false, target }) => {
   const [currentStatus, setCurrentStatus] = useState("");
   const [elapsedTime, setElapsedTime] = useState(0);
   const [pendingApproval, setPendingApproval] = useState(null);
+  const [tokenUsage, setTokenUsage] = useState({ input: 0, output: 0, total: 0 });
   const [agent] = useState(() => new AutonomousHackingAgent(void 0, { autoApprove }));
   const sessionManager2 = getSessionManager();
   const approvalManager2 = getApprovalManager({ yoloMode: autoApprove });
@@ -4350,6 +4390,18 @@ var App = ({ autoApprove = false, target }) => {
     agent.on(AGENT_EVENT.CONTEXT_COMPACTED, () => {
       addMessage(MESSAGE_TYPE.SYSTEM, "\u{1F4BE} Context compacted to save tokens");
     });
+    agent.on(AGENT_EVENT.TOKEN_USAGE, (usage) => {
+      setTokenUsage(usage);
+    });
+    agent.on(AGENT_EVENT.APPROVAL_NEEDED, (data) => {
+      setPendingApproval({
+        id: data.id,
+        toolName: data.toolName,
+        riskLevel: data.riskLevel
+      });
+      addMessage(MESSAGE_TYPE.SYSTEM, `\u26A0\uFE0F  APPROVAL NEEDED: ${data.toolName} (${data.riskLevel} risk)`);
+      addMessage(MESSAGE_TYPE.SYSTEM, "   Type /approve or /deny");
+    });
     agent.on(AGENT_EVENT.COMPLETE, () => {
       const duration = stopTimer();
       addMessage(MESSAGE_TYPE.SYSTEM, `\u2713 Complete (${duration}s)`);
@@ -4622,6 +4674,7 @@ var App = ({ autoApprove = false, target }) => {
         " findings \u2502",
         state.credentials.length,
         " creds \u2502",
+        tokenUsage.total > 0 && `${(tokenUsage.total / 1e3).toFixed(1)}k tokens \u2502`,
         state.currentPhase !== AGENT_STATUS.IDLE && ` ${state.currentPhase} \u2502`
       ] }),
       /* @__PURE__ */ jsxs(Text, { dimColor: true, children: [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.2.4",
+  "version": "0.2.5",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/index.js",