pentesting 0.4.9 → 0.5.3

package/dist/{auto-update-GKUAPLBP.js → auto-update-IDSABTT4.js}

@@ -8,8 +8,8 @@ import {
   readVersionCache,
   semverTuple,
   writeVersionCache
-} from "./chunk-L4MURCOP.js";
-import "./chunk-X3X45KYT.js";
+} from "./chunk-ZC53SMRU.js";
+import "./chunk-FHPP7RP2.js";
 import "./chunk-3RG5ZIWI.js";
 export {
   checkForUpdate,

package/dist/{chunk-X3X45KYT.js → chunk-FHPP7RP2.js}

@@ -132,7 +132,7 @@ var SENSITIVE_TOOLS = [
 
 // src/config/constants.ts
 var APP_NAME = "pentesting";
-var APP_VERSION = "0.4.9";
+var APP_VERSION = "0.5.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_API_KEY = process.env.PENTEST_API_KEY || process.env.ANTHROPIC_API_KEY || "";
 var LLM_BASE_URL = process.env.PENTEST_BASE_URL || void 0;

package/dist/{chunk-L4MURCOP.js → chunk-ZC53SMRU.js}

@@ -1,7 +1,7 @@
 import {
   APP_NAME,
   APP_VERSION
-} from "./chunk-X3X45KYT.js";
+} from "./chunk-FHPP7RP2.js";
 
 // src/core/update/auto-update.ts
 import { execSync } from "child_process";

package/dist/index.js

@@ -15,7 +15,7 @@ import {
   PHASE_STATUS,
   THOUGHT_TYPE,
   TOOL_NAME
-} from "./chunk-X3X45KYT.js";
+} from "./chunk-FHPP7RP2.js";
 import {
   __require
 } from "./chunk-3RG5ZIWI.js";
@@ -1723,9 +1723,27 @@ var ApprovalManager = class extends EventEmitter3 {
           this.removeListener(APPROVAL_EVENT.RESPONSE, responseHandler);
           if (response.decision === "approve_always") {
             this.autoApprovedTools.add(toolName);
+            const pendingForSameTool = Array.from(this.pendingRequests.entries()).filter(([_, req]) => req.toolName === toolName);
+            for (const [pendingId, _] of pendingForSameTool) {
+              this.pendingRequests.delete(pendingId);
+              this.emit(APPROVAL_EVENT.RESPONSE, {
+                requestId: pendingId,
+                decision: "approve",
+                respondedAt: (/* @__PURE__ */ new Date()).toISOString()
+              });
+            }
             resolve("approve");
           } else if (response.decision === "deny_always") {
             this.autoDeniedTools.add(toolName);
+            const pendingForSameTool = Array.from(this.pendingRequests.entries()).filter(([_, req]) => req.toolName === toolName);
+            for (const [pendingId, _] of pendingForSameTool) {
+              this.pendingRequests.delete(pendingId);
+              this.emit(APPROVAL_EVENT.RESPONSE, {
+                requestId: pendingId,
+                decision: "deny",
+                respondedAt: (/* @__PURE__ */ new Date()).toISOString()
+              });
+            }
             resolve("deny");
           } else {
             resolve(response.decision);
@@ -3298,6 +3316,14 @@ ${prompt}`
     this.state.lastProgressTime = /* @__PURE__ */ new Date();
     this.state.repeatedActions.clear();
   }
+  /**
+   * Check if the main loop should stop (due to pause, completion, etc.)
+   * Uses string comparison to avoid TypeScript narrowing issues with const enums
+   */
+  shouldStopLoop() {
+    const status = this.state.status;
+    return status === AGENT_STATUS.PAUSED || status === AGENT_STATUS.COMPLETED || status === AGENT_STATUS.IDLE;
+  }
   trackAction(action) {
     const count = this.state.repeatedActions.get(action) || 0;
     this.state.repeatedActions.set(action, count + 1);
@@ -3399,7 +3425,7 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
     });
     let iteration = 0;
     const maxIterations = this.config.maxIterations;
-    while (iteration < maxIterations && this.state.status === AGENT_STATUS.RUNNING) {
+    while (iteration < maxIterations && !this.shouldStopLoop()) {
       iteration++;
       this.state.iteration = iteration;
       this.getCurrentPhase().attempts++;
@@ -3422,7 +3448,15 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
           continue;
         }
         const response = await this.executeStep();
+        if (this.shouldStopLoop()) {
+          this.think(THOUGHT_TYPE.OBSERVATION, "Execution paused by user");
+          break;
+        }
         await this.analyzeResponse(response);
+        if (this.shouldStopLoop()) {
+          this.think(THOUGHT_TYPE.OBSERVATION, "Execution paused by user");
+          break;
+        }
         if (this.shouldAdvancePhase()) {
           if (!this.advanceToNextPhase()) {
             this.think(THOUGHT_TYPE.OBSERVATION, "[done] All phases completed!");
@@ -3436,9 +3470,14 @@ Goal: Deep penetration to obtain root/system privileges, extract internal data,
         await this.attemptRecovery(error);
       }
     }
-    this.state.status = AGENT_STATUS.COMPLETED;
-    await this.generateFinalReport();
-    this.emit(AGENT_EVENT.COMPLETE, this.getSummary());
+    const finalStatus = this.state.status;
+    if (finalStatus !== AGENT_STATUS.PAUSED && finalStatus !== AGENT_STATUS.COMPLETED) {
+      this.state.status = AGENT_STATUS.COMPLETED;
+      await this.generateFinalReport();
+      this.emit(AGENT_EVENT.COMPLETE, this.getSummary());
+    } else if (finalStatus === AGENT_STATUS.PAUSED) {
+      this.emit(AGENT_EVENT.PAUSED);
+    }
   }
   // ===== Step Execution =====
   async executeStep() {
@@ -3596,6 +3635,25 @@ Use report_finding tool for important discoveries.
             is_error: !result.success
           }]
         });
+        if (!this.state.target.primary && result.success && result.output) {
+          const ipMatches = result.output.match(/\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b/g);
+          if (ipMatches) {
+            const validIPs = [...new Set(ipMatches)].filter(
+              (ip) => !ip.startsWith("127.") && !ip.startsWith("0.") && !ip.startsWith("255.")
+            );
+            if (validIPs.length === 1) {
+              this.setTarget(validIPs[0]);
+              this.emit(AGENT_EVENT.RESPONSE, `
+[Target auto-set: ${validIPs[0]}]
+`);
+            } else if (validIPs.length > 1) {
+              this.emit(AGENT_EVENT.RESPONSE, `
+[Multiple IPs found: ${validIPs.join(", ")}]
+[Use /target <ip> to select one]
+`);
+            }
+          }
+        }
         if (response.stop_reason === "tool_use") {
           return this.executeStep();
         }
@@ -4917,6 +4975,235 @@ var FindingDisplay = ({ block }) => {
 // src/cli/app.tsx
 import { homedir } from "os";
 import { join as join6 } from "path";
+
+// src/cli/utils/keyboard-listener.ts
+import { EventEmitter as EventEmitter7 } from "events";
+import * as readline2 from "readline";
+var KeyboardListener = class extends EventEmitter7 {
+  isListening = false;
+  isPaused = false;
+  stdin = process.stdin;
+  originalRawMode;
+  preInputBuffer = "";
+  constructor() {
+    super();
+    this.handleKeypress = this.handleKeypress.bind(this);
+    this.handleData = this.handleData.bind(this);
+  }
+  /**
+   * Start listening for keyboard input in raw mode
+   */
+  start() {
+    if (this.isListening) return;
+    try {
+      if (this.stdin.isTTY) {
+        this.originalRawMode = this.stdin.isRaw;
+        this.stdin.setRawMode(true);
+        readline2.emitKeypressEvents(this.stdin);
+        this.stdin.on("keypress", this.handleKeypress);
+        this.stdin.resume();
+        this.isListening = true;
+      }
+    } catch {
+      this.stdin.on("data", this.handleData);
+      this.isListening = true;
+    }
+  }
+  /**
+   * Stop listening and restore terminal state
+   */
+  stop() {
+    if (!this.isListening) return;
+    try {
+      this.stdin.off("keypress", this.handleKeypress);
+      this.stdin.off("data", this.handleData);
+      if (this.stdin.isTTY && this.originalRawMode !== void 0) {
+        this.stdin.setRawMode(this.originalRawMode);
+      }
+    } catch {
+    }
+    this.isListening = false;
+  }
+  /**
+   * Pause listening (for when Ink needs control)
+   */
+  pause() {
+    if (!this.isListening || this.isPaused) return;
+    try {
+      if (this.stdin.isTTY && this.originalRawMode !== void 0) {
+        this.stdin.setRawMode(this.originalRawMode);
+      }
+      this.isPaused = true;
+    } catch {
+    }
+  }
+  /**
+   * Resume listening (after Ink releases control)
+   */
+  resume() {
+    if (!this.isListening || !this.isPaused) return;
+    try {
+      if (this.stdin.isTTY) {
+        this.stdin.setRawMode(true);
+      }
+      this.isPaused = false;
+    } catch {
+    }
+  }
+  /**
+   * Get the current pre-input buffer
+   */
+  getPreInputBuffer() {
+    return this.preInputBuffer;
+  }
+  /**
+   * Clear the pre-input buffer
+   */
+  clearPreInputBuffer() {
+    this.preInputBuffer = "";
+  }
+  /**
+   * Get and clear the pre-input buffer
+   */
+  consumePreInputBuffer() {
+    const buffer = this.preInputBuffer;
+    this.preInputBuffer = "";
+    return buffer;
+  }
+  /**
+   * Handle keypress events (readline mode)
+   */
+  handleKeypress(_str, key) {
+    if (this.isPaused) return;
+    if (key.name === "escape") {
+      this.emit("escape" /* ESCAPE */);
+      return;
+    }
+    if (key.ctrl && key.name === "c") {
+      this.emit("ctrl_c" /* CTRL_C */);
+      return;
+    }
+    if (key.name === "return" || key.name === "enter") {
+      if (this.preInputBuffer) {
+        this.emit("line", this.preInputBuffer);
+      }
+      this.emit("enter" /* ENTER */);
+      return;
+    }
+    if (key.name === "backspace") {
+      if (this.preInputBuffer.length > 0) {
+        this.preInputBuffer = this.preInputBuffer.slice(0, -1);
+      }
+      this.emit("backspace" /* BACKSPACE */);
+      return;
+    }
+    if (key.name === "up") {
+      this.emit("up" /* UP */);
+      return;
+    }
+    if (key.name === "down") {
+      this.emit("down" /* DOWN */);
+      return;
+    }
+    if (key.name === "left") {
+      this.emit("left" /* LEFT */);
+      return;
+    }
+    if (key.name === "right") {
+      this.emit("right" /* RIGHT */);
+      return;
+    }
+    if (key.name === "tab") {
+      this.emit("tab" /* TAB */);
+      return;
+    }
+    if (_str && !key.ctrl && !key.meta && _str.length === 1) {
+      const charCode = _str.charCodeAt(0);
+      if (charCode >= 32 && charCode <= 126) {
+        this.preInputBuffer += _str;
+        this.emit("char", _str);
+      }
+    }
+  }
+  /**
+   * Handle raw data events (fallback mode)
+   */
+  handleData(data) {
+    if (this.isPaused) return;
+    const str = data.toString();
+    for (let i = 0; i < str.length; i++) {
+      const char = str[i];
+      const code = char.charCodeAt(0);
+      if (code === 27) {
+        if (i + 1 < str.length && str[i + 1] === "[") {
+          if (i + 2 < str.length) {
+            const arrow = str[i + 2];
+            switch (arrow) {
+              case "A":
+                this.emit("up" /* UP */);
+                break;
+              case "B":
+                this.emit("down" /* DOWN */);
+                break;
+              case "C":
+                this.emit("right" /* RIGHT */);
+                break;
+              case "D":
+                this.emit("left" /* LEFT */);
+                break;
+            }
+            i += 2;
+            continue;
+          }
+        } else {
+          this.emit("escape" /* ESCAPE */);
+          continue;
+        }
+      }
+      if (code === 3) {
+        this.emit("ctrl_c" /* CTRL_C */);
+        continue;
+      }
+      if (code === 13 || code === 10) {
+        if (this.preInputBuffer) {
+          this.emit("line", this.preInputBuffer);
+        }
+        this.emit("enter" /* ENTER */);
+        continue;
+      }
+      if (code === 127 || code === 8) {
+        if (this.preInputBuffer.length > 0) {
+          this.preInputBuffer = this.preInputBuffer.slice(0, -1);
+        }
+        this.emit("backspace" /* BACKSPACE */);
+        continue;
+      }
+      if (code === 9) {
+        this.emit("tab" /* TAB */);
+        continue;
+      }
+      if (code >= 32 && code <= 126) {
+        this.preInputBuffer += char;
+        this.emit("char", char);
+      }
+    }
+  }
+  /**
+   * Check if currently listening
+   */
+  isActive() {
+    return this.isListening && !this.isPaused;
+  }
+};
+var keyboardListenerInstance = null;
+function getKeyboardListener() {
+  if (!keyboardListenerInstance) {
+    keyboardListenerInstance = new KeyboardListener();
+  }
+  return keyboardListenerInstance;
+}
+
+// src/cli/app.tsx
 import { jsx as jsx2, jsxs as jsxs2 } from "react/jsx-runtime";
 var App = ({ autoApprove = false, target }) => {
   const { exit } = useApp();
@@ -4931,12 +5218,19 @@ var App = ({ autoApprove = false, target }) => {
   const [showCommandHints, setShowCommandHints] = useState(false);
   const [mode, setMode] = useState("agent");
   const [checkpointCount, setCheckpointCount] = useState(0);
+  const [preInputBuffer, setPreInputBuffer] = useState("");
+  const [wasInterrupted, setWasInterrupted] = useState(false);
   const [agent] = useState(() => new AutonomousHackingAgent(void 0, { autoApprove }));
   const sessionManager2 = getSessionManager();
   const approvalManager2 = getApprovalManager({ yoloMode: autoApprove });
   const sessionDirRef = useRef(join6(homedir(), ".pentest", "sessions", `session-${Date.now()}`));
   const contextManagerRef = useRef(null);
   const wireLoggerRef = useRef(null);
+  const keyboardListenerRef = useRef(getKeyboardListener());
+  const isProcessingRef = useRef(false);
+  useEffect(() => {
+    isProcessingRef.current = isProcessing;
+  }, [isProcessing]);
   useEffect(() => {
     const sessionId = `session-${Date.now()}`;
     contextManagerRef.current = new ContextManager2(sessionDirRef.current);
@@ -4946,7 +5240,7 @@ var App = ({ autoApprove = false, target }) => {
         setCheckpointCount(contextManagerRef.current?.getCheckpoints().length || 0);
       }
     });
-    import("./auto-update-GKUAPLBP.js").then(({ checkForUpdateAsync, formatUpdateNotification }) => {
+    import("./auto-update-IDSABTT4.js").then(({ checkForUpdateAsync, formatUpdateNotification }) => {
       checkForUpdateAsync().then((result) => {
         if (result.hasUpdate) {
           const notification = formatUpdateNotification(result);
@@ -4988,6 +5282,60 @@ var App = ({ autoApprove = false, target }) => {
     setElapsedTime(0);
     return duration;
   }, []);
+  useEffect(() => {
+    const listener = keyboardListenerRef.current;
+    const handleEscape = () => {
+      if (isProcessingRef.current && !pendingApproval) {
+        agent.pause();
+        stopTimer();
+        setIsProcessing(false);
+        setCurrentStatus("");
+        setWasInterrupted(true);
+        addMessage(MESSAGE_TYPE.SYSTEM, "\u23F8 Interrupted by ESC - Ready for input");
+        const buffered = listener.consumePreInputBuffer();
+        if (buffered) {
+          setInput(buffered);
+        }
+        listener.pause();
+      }
+    };
+    const handleChar = () => {
+      setPreInputBuffer(listener.getPreInputBuffer());
+    };
+    const handleBackspace = () => {
+      setPreInputBuffer(listener.getPreInputBuffer());
+    };
+    listener.on("escape" /* ESCAPE */, handleEscape);
+    listener.on("char", handleChar);
+    listener.on("backspace" /* BACKSPACE */, handleBackspace);
+    return () => {
+      listener.off("escape" /* ESCAPE */, handleEscape);
+      listener.off("char", handleChar);
+      listener.off("backspace" /* BACKSPACE */, handleBackspace);
+    };
+  }, [agent, addMessage, stopTimer, pendingApproval]);
+  useEffect(() => {
+    const listener = keyboardListenerRef.current;
+    if (isProcessing && !pendingApproval) {
+      listener.clearPreInputBuffer();
+      setPreInputBuffer("");
+      listener.start();
+      listener.resume();
+    } else {
+      const buffered = listener.consumePreInputBuffer();
+      if (buffered && !wasInterrupted) {
+        setInput((prev) => prev + buffered);
+      }
+      setPreInputBuffer("");
+      setWasInterrupted(false);
+      listener.pause();
+    }
+  }, [isProcessing, pendingApproval, wasInterrupted]);
+  useEffect(() => {
+    return () => {
+      keyboardListenerRef.current.stop();
+    };
+  }, []);
   useEffect(() => {
     const banner = `
    \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557
@@ -5166,13 +5514,20 @@ pentesting v${APP_VERSION}`
           return;
         case CLI_COMMAND.START:
         case "s":
+          let startObjective = args.join(" ");
+          const firstArg = args[0];
+          if (firstArg && (firstArg.includes(".") || /^\d+\.\d+\.\d+\.\d+$/.test(firstArg))) {
+            agent.setTarget(firstArg);
+            addMessage(MESSAGE_TYPE.SYSTEM, `Target \u2192 ${firstArg}`);
+            startObjective = args.slice(1).join(" ") || "Perform comprehensive penetration testing";
+          }
           if (!agent.getState().target.primary) {
-            addMessage(MESSAGE_TYPE.ERROR, "Set target first: /target <ip>");
+            addMessage(MESSAGE_TYPE.ERROR, "Set target first: /target <ip> or /start <domain>");
             return;
           }
           setIsProcessing(true);
           startTimer();
-          const objective = args.join(" ") || "Perform comprehensive penetration testing";
+          const objective = startObjective || "Perform comprehensive penetration testing";
           setCurrentStatus("Initializing...");
           addMessage(MESSAGE_TYPE.SYSTEM, `\u{1F680} Starting: ${objective}`);
           try {
@@ -5421,7 +5776,7 @@ pentesting v${APP_VERSION}`
           return;
         case "update":
           try {
-            const { checkForUpdate, formatUpdateNotification, doUpdate } = await import("./update-2U2TR7HJ.js");
+            const { checkForUpdate, formatUpdateNotification, doUpdate } = await import("./update-OWR4FHRQ.js");
             const result = checkForUpdate(true);
             if (result.hasUpdate) {
               const notification = formatUpdateNotification(result);
@@ -5586,17 +5941,27 @@ pentesting v${APP_VERSION}`
       ] }, opt.decision)) }),
       /* @__PURE__ */ jsx2(Box2, { marginTop: 1, children: /* @__PURE__ */ jsx2(Text2, { dimColor: true, children: "\u2191\u2193 to select, Enter to confirm, or type /y /n /ya" }) })
     ] }),
-    isProcessing ? /* @__PURE__ */ jsxs2(Box2, { children: [
-      /* @__PURE__ */ jsx2(Text2, { color: THEME.status.running, children: /* @__PURE__ */ jsx2(Spinner, { type: "dots" }) }),
-      /* @__PURE__ */ jsxs2(Text2, { color: THEME.text.muted, children: [
-        " ",
-        currentStatus,
-        elapsedTime > 0 && /* @__PURE__ */ jsxs2(Text2, { dimColor: true, children: [
-          " (",
-          elapsedTime,
-          "s)"
+    isProcessing ? /* @__PURE__ */ jsxs2(Box2, { flexDirection: "column", children: [
+      /* @__PURE__ */ jsxs2(Box2, { children: [
+        /* @__PURE__ */ jsx2(Text2, { color: THEME.status.running, children: /* @__PURE__ */ jsx2(Spinner, { type: "dots" }) }),
+        /* @__PURE__ */ jsxs2(Text2, { color: THEME.text.muted, children: [
+          " ",
+          currentStatus,
+          elapsedTime > 0 && /* @__PURE__ */ jsxs2(Text2, { dimColor: true, children: [
+            " (",
+            elapsedTime,
+            "s)"
+          ] })
         ] })
-      ] })
+      ] }),
+      preInputBuffer && /* @__PURE__ */ jsxs2(Box2, { marginTop: 1, children: [
+        /* @__PURE__ */ jsxs2(Text2, { color: THEME.text.accent, children: [
+          "\u2728 ",
+          preInputBuffer
+        ] }),
+        /* @__PURE__ */ jsx2(Text2, { color: THEME.text.muted, children: "\u258C" })
+      ] }),
+      /* @__PURE__ */ jsx2(Box2, { marginTop: 1, children: /* @__PURE__ */ jsx2(Text2, { dimColor: true, children: "ESC to interrupt \u2502 Type ahead to queue input" }) })
     ] }) : /* @__PURE__ */ jsxs2(Box2, { flexDirection: "column", children: [
       showCommandHints && input.startsWith("/") && /* @__PURE__ */ jsx2(Box2, { flexDirection: "column", marginBottom: 1, children: /* @__PURE__ */ jsx2(Text2, { dimColor: true, children: [
         "/target <ip>",
@@ -5639,7 +6004,11 @@ pentesting v${APP_VERSION}`
         state.currentPhase !== AGENT_STATUS.IDLE && ` ${state.currentPhase} \u2502`
       ] }),
       /* @__PURE__ */ jsxs2(Text2, { dimColor: true, children: [
-        "Ctrl+X mode \u2502 /help \u2502 Ctrl+C ",
+        "v",
+        APP_VERSION,
+        " \u2502 Ctrl+X mode \u2502 /help \u2502 ",
+        isProcessing ? "ESC interrupt \u2502 " : "",
+        "Ctrl+C ",
         isProcessing ? "stop" : "exit"
       ] })
     ] })

package/dist/{update-2U2TR7HJ.js → update-OWR4FHRQ.js}

@@ -8,8 +8,8 @@ import {
   readVersionCache,
   semverTuple,
   writeVersionCache
-} from "./chunk-L4MURCOP.js";
-import "./chunk-X3X45KYT.js";
+} from "./chunk-ZC53SMRU.js";
+import "./chunk-FHPP7RP2.js";
 import "./chunk-3RG5ZIWI.js";
 export {
   checkForUpdate,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.4.9",
+  "version": "0.5.3",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/index.js",
@@ -78,4 +78,4 @@
     "tsx": "^4.19.2",
     "typescript": "^5.7.3"
   }
-}
+}