pentesting 0.47.4 → 0.48.1

package/README.md

@@ -33,15 +33,8 @@ Pentesting support tool
 
 ## Quick Start with Docker (Recommended)
 
-```bash
-# One-time use (data deleted after exit)
-docker run -it --rm \
-  -e PENTEST_API_KEY="your_glm_api_key" \
-  -e PENTEST_BASE_URL="https://open.bigmodel.cn/api/paas/v4" \
-  -e PENTEST_MODEL="glm-5" \
-  agnusdei1207/pentesting
 
-# Persistent data (saved to ./pentest-data/)
+```bash
 docker run -it --rm \
   -e PENTEST_API_KEY="your_glm_api_key" \
   -e PENTEST_BASE_URL="https://open.bigmodel.cn/api/paas/v4" \
@@ -50,8 +43,6 @@ docker run -it --rm \
   agnusdei1207/pentesting
 ```
 
-Web search is automatically configured to use GLM Web Search with your `PENTEST_API_KEY`.
-
 ### Using Brave Search
 
 ```bash
@@ -65,38 +56,6 @@ docker run -it --rm \
   agnusdei1207/pentesting
 ```
 
-Get Brave Search API key at: https://brave.com/search/api/
-
-### Using Serper (Google Search)
-
-```bash
-docker run -it --rm \
-  -e PENTEST_API_KEY="your_glm_api_key" \
-  -e PENTEST_BASE_URL="https://open.bigmodel.cn/api/paas/v4" \
-  -e PENTEST_MODEL="glm-5" \
-  -e SEARCH_API_KEY="your_serper_api_key" \
-  -e SEARCH_API_URL="https://google.serper.dev/search" \
-  -v ./pentest-data:/root/.pentest \
-  agnusdei1207/pentesting
-```
-
-Get Serper API key at: https://serper.dev/
-
-## Environment Variables
-
-| Variable | Required | Default | Description |
-|----------|----------|---------|-------------|
-| `PENTEST_API_KEY` | ✅ Yes | - | LLM API key (also used for web search if `SEARCH_API_KEY` not set) |
-| `PENTEST_BASE_URL` | No | - | Custom API endpoint URL |
-| `PENTEST_MODEL` | No | - | Model name (e.g., `glm-5`) |
-| `SEARCH_API_KEY` | No | Uses `PENTEST_API_KEY` | Web search API key (optional, falls back to main key) |
-| `SEARCH_API_URL` | No | GLM Web Search | Web search API URL |
-
-### Web Search Defaults
-
-- **Default**: GLM Web Search (`https://open.bigmodel.cn/api/paas/v4/tools/web-search-pro`)
-- **API Key**: Falls back to `PENTEST_API_KEY` if `SEARCH_API_KEY` not set
-
 ## Issue
 
 email: agnusdei1207@gmail.com

package/dist/main.js

@@ -331,7 +331,7 @@ var ORPHAN_PROCESS_NAMES = [
 
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.47.4";
+var APP_VERSION = "0.48.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -698,6 +698,12 @@ var ATTACK_TACTICS = {
   C2: "command_and_control",
   IMPACT: "impact"
 };
+var ATTACK_VALUE_RANK = {
+  HIGH: 3,
+  MED: 2,
+  LOW: 1,
+  NONE: 0
+};
 var APPROVAL_STATUSES = {
   AUTO: "auto",
   USER_CONFIRMED: "user_confirmed",
@@ -816,10 +822,6 @@ var SECONDS_PER_HOUR = 3600;
 
 // src/shared/constants/paths.ts
 import path from "path";
-import { fileURLToPath } from "url";
-var __filename = fileURLToPath(import.meta.url);
-var __dirname = path.dirname(__filename);
-var PROJECT_ROOT = path.resolve(__dirname, "../../../");
 var PENTESTING_ROOT = ".pentesting";
 var WORK_DIR = `${PENTESTING_ROOT}/tmp`;
 var MEMORY_DIR = `${PENTESTING_ROOT}/memory`;
@@ -829,6 +831,7 @@ var LOOT_DIR = `${PENTESTING_ROOT}/loot`;
 var OUTPUTS_DIR = `${PENTESTING_ROOT}/outputs`;
 var DEBUG_DIR = `${PENTESTING_ROOT}/debug`;
 var JOURNAL_DIR = `${PENTESTING_ROOT}/journal`;
+var TURNS_DIR = `${PENTESTING_ROOT}/memory/turns`;
 var WORKSPACE = {
   /** Root directory */
   get ROOT() {
@@ -865,6 +868,10 @@ var WORKSPACE = {
   /** Persistent per-turn journal (§13 memo system) */
   get JOURNAL() {
     return path.resolve(JOURNAL_DIR);
+  },
+  /** Turn record files */
+  get TURNS() {
+    return path.resolve(TURNS_DIR);
   }
 };
 
@@ -7151,8 +7158,8 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
       }
     },
     execute: async (p) => {
-      const { existsSync: existsSync11, statSync: statSync3, readdirSync: readdirSync4 } = await import("fs");
-      const { join: join13 } = await import("path");
+      const { existsSync: existsSync12, statSync: statSync3, readdirSync: readdirSync4 } = await import("fs");
+      const { join: join14 } = await import("path");
       const category = p.category || "";
       const search = p.search || "";
       const minSize = p.min_size || 0;
@@ -7198,7 +7205,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         results.push("");
       };
       const scanDir = (dirPath, maxDepth = 3, depth = 0) => {
-        if (depth > maxDepth || !existsSync11(dirPath)) return;
+        if (depth > maxDepth || !existsSync12(dirPath)) return;
         let entries;
         try {
           entries = readdirSync4(dirPath, { withFileTypes: true });
@@ -7207,7 +7214,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         }
         for (const entry of entries) {
           if (entry.name.startsWith(".") || SKIP_DIRS.has(entry.name)) continue;
-          const fullPath = join13(dirPath, entry.name);
+          const fullPath = join14(dirPath, entry.name);
           if (entry.isDirectory()) {
             scanDir(fullPath, maxDepth, depth + 1);
             continue;
@@ -7584,8 +7591,8 @@ Requires root/sudo privileges.`,
       const iface = p.interface || "";
       const duration = p.duration || NETWORK_CONFIG.DEFAULT_SPOOF_DURATION;
       const hostsFile = createTempFile(FILE_EXTENSIONS.HOSTS);
-      const { writeFileSync: writeFileSync9 } = await import("fs");
-      writeFileSync9(hostsFile, `${spoofIp}	${domain}
+      const { writeFileSync: writeFileSync10 } = await import("fs");
+      writeFileSync10(hostsFile, `${spoofIp}	${domain}
 ${spoofIp}	*.${domain}
 `);
       const ifaceFlag = iface ? `-i ${iface}` : "";
@@ -8962,80 +8969,80 @@ var ServiceParser = class {
 
 // src/domains/registry.ts
 import { join as join7, dirname as dirname3 } from "path";
-import { fileURLToPath as fileURLToPath2 } from "url";
-var __dirname2 = dirname3(fileURLToPath2(import.meta.url));
+import { fileURLToPath } from "url";
+var __dirname = dirname3(fileURLToPath(import.meta.url));
 var DOMAINS = {
   [SERVICE_CATEGORIES.NETWORK]: {
     id: SERVICE_CATEGORIES.NETWORK,
     name: "Network Infrastructure",
     description: "Vulnerability scanning, port mapping, and network service exploitation.",
-    promptPath: join7(__dirname2, "network/prompt.md")
+    promptPath: join7(__dirname, "network/prompt.md")
   },
   [SERVICE_CATEGORIES.WEB]: {
     id: SERVICE_CATEGORIES.WEB,
     name: "Web Application",
     description: "Web app security testing, injection attacks, and auth bypass.",
-    promptPath: join7(__dirname2, "web/prompt.md")
+    promptPath: join7(__dirname, "web/prompt.md")
   },
   [SERVICE_CATEGORIES.DATABASE]: {
     id: SERVICE_CATEGORIES.DATABASE,
     name: "Database Security",
     description: "SQL injection, database enumeration, and data extraction.",
-    promptPath: join7(__dirname2, "database/prompt.md")
+    promptPath: join7(__dirname, "database/prompt.md")
   },
   [SERVICE_CATEGORIES.AD]: {
     id: SERVICE_CATEGORIES.AD,
     name: "Active Directory",
     description: "Kerberos, LDAP, and Windows domain privilege escalation.",
-    promptPath: join7(__dirname2, "ad/prompt.md")
+    promptPath: join7(__dirname, "ad/prompt.md")
   },
   [SERVICE_CATEGORIES.EMAIL]: {
     id: SERVICE_CATEGORIES.EMAIL,
     name: "Email Services",
     description: "SMTP, IMAP, POP3 security and user enumeration.",
-    promptPath: join7(__dirname2, "email/prompt.md")
+    promptPath: join7(__dirname, "email/prompt.md")
   },
   [SERVICE_CATEGORIES.REMOTE_ACCESS]: {
     id: SERVICE_CATEGORIES.REMOTE_ACCESS,
     name: "Remote Access",
     description: "SSH, RDP, VNC and other remote control protocols.",
-    promptPath: join7(__dirname2, "remote-access/prompt.md")
+    promptPath: join7(__dirname, "remote-access/prompt.md")
   },
   [SERVICE_CATEGORIES.FILE_SHARING]: {
     id: SERVICE_CATEGORIES.FILE_SHARING,
     name: "File Sharing",
     description: "SMB, NFS, FTP and shared resource security.",
-    promptPath: join7(__dirname2, "file-sharing/prompt.md")
+    promptPath: join7(__dirname, "file-sharing/prompt.md")
   },
   [SERVICE_CATEGORIES.CLOUD]: {
     id: SERVICE_CATEGORIES.CLOUD,
     name: "Cloud Infrastructure",
     description: "AWS, Azure, and GCP security and misconfiguration.",
-    promptPath: join7(__dirname2, "cloud/prompt.md")
+    promptPath: join7(__dirname, "cloud/prompt.md")
   },
   [SERVICE_CATEGORIES.CONTAINER]: {
     id: SERVICE_CATEGORIES.CONTAINER,
     name: "Container Systems",
     description: "Docker and Kubernetes security testing.",
-    promptPath: join7(__dirname2, "container/prompt.md")
+    promptPath: join7(__dirname, "container/prompt.md")
   },
   [SERVICE_CATEGORIES.API]: {
     id: SERVICE_CATEGORIES.API,
     name: "API Security",
     description: "REST, GraphQL, and SOAP API security testing.",
-    promptPath: join7(__dirname2, "api/prompt.md")
+    promptPath: join7(__dirname, "api/prompt.md")
   },
   [SERVICE_CATEGORIES.WIRELESS]: {
     id: SERVICE_CATEGORIES.WIRELESS,
     name: "Wireless Networks",
     description: "WiFi and Bluetooth security testing.",
-    promptPath: join7(__dirname2, "wireless/prompt.md")
+    promptPath: join7(__dirname, "wireless/prompt.md")
   },
   [SERVICE_CATEGORIES.ICS]: {
     id: SERVICE_CATEGORIES.ICS,
     name: "Industrial Systems",
     description: "Critical infrastructure - Modbus, DNP3, ENIP.",
-    promptPath: join7(__dirname2, "ics/prompt.md")
+    promptPath: join7(__dirname, "ics/prompt.md")
   }
 };
 
@@ -9675,10 +9682,10 @@ function logLLM(message, data) {
 }
 
 // src/engine/orchestrator/orchestrator.ts
-import { fileURLToPath as fileURLToPath3 } from "url";
+import { fileURLToPath as fileURLToPath2 } from "url";
 import { dirname as dirname4, join as join8 } from "path";
-var __filename2 = fileURLToPath3(import.meta.url);
-var __dirname3 = dirname4(__filename2);
+var __filename = fileURLToPath2(import.meta.url);
+var __dirname2 = dirname4(__filename);
 
 // src/engine/state-persistence.ts
 import { writeFileSync as writeFileSync6, readFileSync as readFileSync4, existsSync as existsSync6, readdirSync, statSync, unlinkSync as unlinkSync4, rmSync } from "fs";
@@ -9957,7 +9964,30 @@ var NOISE_PATTERNS = [
 ];
 function structuralPreprocess(output) {
   let cleaned = stripAnsi(output);
-  const lines = cleaned.split("\n");
+  const filteredLines = filterAndDedup(cleaned.split("\n"));
+  if (filteredLines.length > MAX_PREPROCESSED_LINES) {
+    const headSize = Math.floor(MAX_PREPROCESSED_LINES * 0.5);
+    const tailSize = Math.floor(MAX_PREPROCESSED_LINES * 0.3);
+    const head = filteredLines.slice(0, headSize);
+    const tail = filteredLines.slice(-tailSize);
+    const skipped = filteredLines.length - headSize - tailSize;
+    cleaned = [
+      ...head,
+      "",
+      `... [${skipped} lines skipped for Analyst LLM context \u2014 full output saved to file] ...`,
+      "",
+      ...tail
+    ].join("\n");
+  } else {
+    cleaned = filteredLines.join("\n");
+  }
+  if (cleaned.length > ANALYST_MAX_INPUT_CHARS) {
+    cleaned = cleaned.slice(0, ANALYST_MAX_INPUT_CHARS) + `
+... [truncated at ${ANALYST_MAX_INPUT_CHARS} chars for Analyst LLM \u2014 full output saved to file]`;
+  }
+  return cleaned;
+}
+function filterAndDedup(lines) {
   const result2 = [];
   let lastLine = "";
   let consecutiveDupes = 0;
@@ -9991,27 +10021,7 @@ function structuralPreprocess(output) {
       result2.push(lastLine);
     }
   }
-  if (result2.length > MAX_PREPROCESSED_LINES) {
-    const headSize = Math.floor(MAX_PREPROCESSED_LINES * 0.5);
-    const tailSize = Math.floor(MAX_PREPROCESSED_LINES * 0.3);
-    const head = result2.slice(0, headSize);
-    const tail = result2.slice(-tailSize);
-    const skipped = result2.length - headSize - tailSize;
-    cleaned = [
-      ...head,
-      "",
-      `... [${skipped} lines skipped for Analyst LLM context \u2014 full output saved to file] ...`,
-      "",
-      ...tail
-    ].join("\n");
-  } else {
-    cleaned = result2.join("\n");
-  }
-  if (cleaned.length > ANALYST_MAX_INPUT_CHARS) {
-    cleaned = cleaned.slice(0, ANALYST_MAX_INPUT_CHARS) + `
-... [truncated at ${ANALYST_MAX_INPUT_CHARS} chars for Analyst LLM \u2014 full output saved to file]`;
-  }
-  return cleaned;
+  return result2;
 }
 var ANALYST_SYSTEM_PROMPT = `You are an independent pentesting output analyst. You receive raw tool output and must extract ONLY actionable intelligence for the main attack agent.
 
@@ -10260,38 +10270,7 @@ var CoreAgent = class _CoreAgent {
         }
         if (progress.consecutiveIdleIterations >= AGENT_LIMITS.MAX_CONSECUTIVE_IDLE) {
           progress.consecutiveIdleIterations = 0;
-          const phase = this.state.getPhase();
-          const targets = this.state.getTargets().size;
-          const findings = this.state.getFindings().length;
-          const phaseDirection = {
-            [PHASES.RECON]: `RECON: Scan targets. Enumerate services and versions.`,
-            [PHASES.VULN_ANALYSIS]: `VULN ANALYSIS: ${targets} target(s) discovered. Search for CVEs and known exploits.`,
-            [PHASES.EXPLOIT]: `EXPLOIT: ${findings} finding(s) available. Attack the highest-severity one.`,
-            [PHASES.POST_EXPLOIT]: `POST-EXPLOIT: Escalate privileges. Search for escalation paths.`,
-            [PHASES.PRIV_ESC]: `PRIVESC: Find and exploit privilege escalation vectors.`,
-            [PHASES.LATERAL]: `LATERAL: Reuse discovered credentials on other hosts.`,
-            [PHASES.WEB]: `WEB: Enumerate the attack surface. Test every input for injection.`
-          };
-          const direction = phaseDirection[phase] || phaseDirection[PHASES.RECON];
-          messages.push({
-            role: LLM_ROLES.USER,
-            content: `\u26A1 DEADLOCK: ${AGENT_LIMITS.MAX_CONSECUTIVE_IDLE} turns with ZERO tool calls.
-Phase: ${phase} | Targets: ${targets} | Findings: ${findings} | Tools executed: ${progress.totalToolsExecuted} (${progress.toolSuccesses}\u2713 ${progress.toolErrors}\u2717)
-
-${direction}
-
-ESCALATION CHAIN \u2014 follow this order:
-1. web_search: Search for techniques, bypasses, default creds, CVEs, HackTricks
-2. BYPASS: Try alternative approaches \u2014 different protocols, ports, encodings, methods
-3. ZERO-DAY EXPLORATION: Probe for unknown vulns \u2014 fuzz parameters, test edge cases, analyze error responses for leaks
-4. BRUTE-FORCE: Wordlists, credential stuffing, common passwords, custom password lists from context
-5. ask_user: ONLY as last resort \u2014 ask the user for hints, wordlists, or guidance
-
-RULES:
-- Every turn MUST have tool calls
-- NEVER silently give up \u2014 exhaust ALL 5 steps above first
-- ACT NOW \u2014 do not plan, do not explain, do not summarize. EXECUTE.`
-          });
+          messages.push({ role: LLM_ROLES.USER, content: this.buildDeadlockNudge(progress) });
         }
       } catch (error) {
         if (this.isAbortError(error)) {
@@ -10476,6 +10455,48 @@ ${firstLine}`, phase }
     return callbacks;
   }
   // ─────────────────────────────────────────────────────────────────
+  // SUBSECTION: Deadlock Nudge Builder
+  // ─────────────────────────────────────────────────────────────────
+  /**
+   * Build a deadlock nudge message for the agent.
+   *
+   * WHY separated: The nudge template is ~30 lines of prompt engineering.
+   * Keeping it in run() obscures the iteration control logic.
+   * Philosophy §12: Nudge is a safety net, not a driver —
+   * it reminds the agent to ACT, but never prescribes HOW.
+   */
+  buildDeadlockNudge(progress) {
+    const phase = this.state.getPhase();
+    const targets = this.state.getTargets().size;
+    const findings = this.state.getFindings().length;
+    const phaseDirection = {
+      [PHASES.RECON]: `RECON: Scan targets. Enumerate services and versions.`,
+      [PHASES.VULN_ANALYSIS]: `VULN ANALYSIS: ${targets} target(s) discovered. Search for CVEs and known exploits.`,
+      [PHASES.EXPLOIT]: `EXPLOIT: ${findings} finding(s) available. Attack the highest-severity one.`,
+      [PHASES.POST_EXPLOIT]: `POST-EXPLOIT: Escalate privileges. Search for escalation paths.`,
+      [PHASES.PRIV_ESC]: `PRIVESC: Find and exploit privilege escalation vectors.`,
+      [PHASES.LATERAL]: `LATERAL: Reuse discovered credentials on other hosts.`,
+      [PHASES.WEB]: `WEB: Enumerate the attack surface. Test every input for injection.`
+    };
+    const direction = phaseDirection[phase] || phaseDirection[PHASES.RECON];
+    return `\u26A1 DEADLOCK: ${AGENT_LIMITS.MAX_CONSECUTIVE_IDLE} turns with ZERO tool calls.
+Phase: ${phase} | Targets: ${targets} | Findings: ${findings} | Tools executed: ${progress.totalToolsExecuted} (${progress.toolSuccesses}\u2713 ${progress.toolErrors}\u2717)
+
+${direction}
+
+ESCALATION CHAIN \u2014 follow this order:
+1. web_search: Search for techniques, bypasses, default creds, CVEs, HackTricks
+2. BYPASS: Try alternative approaches \u2014 different protocols, ports, encodings, methods
+3. ZERO-DAY EXPLORATION: Probe for unknown vulns \u2014 fuzz parameters, test edge cases, analyze error responses for leaks
+4. BRUTE-FORCE: Wordlists, credential stuffing, common passwords, custom password lists from context
+5. ask_user: ONLY as last resort \u2014 ask the user for hints, wordlists, or guidance
+
+RULES:
+- Every turn MUST have tool calls
+- NEVER silently give up \u2014 exhaust ALL 5 steps above first
+- ACT NOW \u2014 do not plan, do not explain, do not summarize. EXECUTE.`;
+  }
+  // ─────────────────────────────────────────────────────────────────
   // SUBSECTION: Event Emitters
   // ─────────────────════════════════════════════════════════════
   emitThink(iteration, progress) {
@@ -10640,83 +10661,20 @@ ${firstLine}`, phase }
     const toolStartTime = Date.now();
     logLLM("CoreAgent executing tool", { id: call.id, name: call.name, input: call.input });
     if (!this.toolRegistry) {
-      return {
-        toolCallId: call.id,
-        output: "",
-        error: "Tool registry not initialized. Call setToolRegistry() first."
-      };
+      return { toolCallId: call.id, output: "", error: "Tool registry not initialized. Call setToolRegistry() first." };
     }
     try {
-      const result2 = await this.toolRegistry.execute({
-        name: call.name,
-        input: call.input
-      });
+      const result2 = await this.toolRegistry.execute({ name: call.name, input: call.input });
       let outputText = result2.output ?? "";
       this.scanForFlags(outputText);
-      if (result2.error) {
-        outputText = this.enrichToolError({ toolName: call.name, input: call.input, error: result2.error, originalOutput: outputText, progress });
-        if (progress) progress.toolErrors++;
-      } else {
-        if (progress) {
-          progress.toolSuccesses++;
-          progress.blockedCommandPatterns.clear();
-        }
-      }
-      const rawOutputForTUI = outputText;
-      let digestedOutputForLLM = outputText;
-      let digestResult = null;
-      try {
-        const llmDigestFn = createLLMDigestFn(this.llm);
-        digestResult = await digestToolOutput(
-          outputText,
-          call.name,
-          JSON.stringify(call.input).slice(0, DISPLAY_LIMITS.OUTPUT_SUMMARY),
-          llmDigestFn
-        );
-        digestedOutputForLLM = digestResult.digestedOutput;
-      } catch {
-        if (digestedOutputForLLM.length > AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH) {
-          const truncated = digestedOutputForLLM.slice(0, AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH);
-          const remaining = digestedOutputForLLM.length - AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH;
-          digestedOutputForLLM = `${truncated}
-
-... [TRUNCATED ${remaining} characters for context hygiene] ...
-\u{1F4A1} TIP: If you need to see the full output, use a tool to read the file directly or run the command with | head, | tail, or | grep.`;
-        }
-      }
-      this.emitToolResult(call.name, result2.success, rawOutputForTUI, result2.error, Date.now() - toolStartTime);
-      const inputSummary = JSON.stringify(call.input);
-      this.turnToolJournal.push({
-        name: call.name,
-        inputSummary,
-        success: result2.success,
-        analystSummary: digestResult?.memo ? digestResult.memo.keyFindings.join("; ") || "No key findings" : digestedOutputForLLM,
-        outputFile: digestResult?.fullOutputPath ?? null
-      });
-      if (digestResult?.memo) {
-        const m = digestResult.memo;
-        this.turnMemo.keyFindings.push(...m.keyFindings);
-        this.turnMemo.credentials.push(...m.credentials);
-        this.turnMemo.attackVectors.push(...m.attackVectors);
-        this.turnMemo.failures.push(...m.failures);
-        this.turnMemo.suspicions.push(...m.suspicions);
-        const VALUE_RANK = { HIGH: 3, MED: 2, LOW: 1, NONE: 0 };
-        if ((VALUE_RANK[m.attackValue] ?? 0) > (VALUE_RANK[this.turnMemo.attackValue] ?? 0)) {
-          this.turnMemo.attackValue = m.attackValue;
-        }
-        this.turnMemo.nextSteps.push(...m.nextSteps);
-        if (m.reflection) this.turnReflections.push(m.reflection);
-      }
-      if (digestResult?.memo?.credentials.length) {
-        for (const cred of digestResult.memo.credentials) {
-          this.state.addLoot({
-            type: "credential",
-            host: "auto-extracted",
-            detail: cred,
-            obtainedAt: Date.now()
-          });
-        }
-      }
+      outputText = this.handleToolResult(result2, call, outputText, progress);
+      const { digestedOutputForLLM, digestResult } = await this.digestAndEmit(
+        call,
+        outputText,
+        result2,
+        toolStartTime
+      );
+      this.recordJournalMemo(call, result2, digestedOutputForLLM, digestResult);
       return { toolCallId: call.id, output: digestedOutputForLLM, error: result2.error };
     } catch (error) {
       const errorMsg = String(error);
@@ -10726,6 +10684,90 @@ ${firstLine}`, phase }
       return { toolCallId: call.id, output: enrichedError, error: errorMsg };
     }
   }
+  /**
+   * Handle tool result: enrich errors or track success.
+   * @returns Possibly enriched output text.
+   */
+  handleToolResult(result2, call, outputText, progress) {
+    if (result2.error) {
+      if (progress) progress.toolErrors++;
+      return this.enrichToolError({ toolName: call.name, input: call.input, error: result2.error, originalOutput: outputText, progress });
+    }
+    if (progress) {
+      progress.toolSuccesses++;
+      progress.blockedCommandPatterns.clear();
+    }
+    return outputText;
+  }
+  /**
+   * Digest tool output via Analyst LLM (§13 ③) and emit TUI event.
+   *
+   * WHY separated: Digest + emit is a self-contained pipeline:
+   *   raw output → Analyst → digest + file → TUI event.
+   * Isolating it makes the pipeline testable without running actual tools.
+   */
+  async digestAndEmit(call, outputText, result2, toolStartTime) {
+    const digestFallbackOutput = outputText;
+    let digestedOutputForLLM = outputText;
+    let digestResult = null;
+    try {
+      const llmDigestFn = createLLMDigestFn(this.llm);
+      digestResult = await digestToolOutput(
+        outputText,
+        call.name,
+        JSON.stringify(call.input).slice(0, DISPLAY_LIMITS.OUTPUT_SUMMARY),
+        llmDigestFn
+      );
+      digestedOutputForLLM = digestResult.digestedOutput;
+    } catch {
+      if (digestedOutputForLLM.length > AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH) {
+        const truncated = digestedOutputForLLM.slice(0, AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH);
+        const remaining = digestedOutputForLLM.length - AGENT_LIMITS.MAX_TOOL_OUTPUT_LENGTH;
+        digestedOutputForLLM = `${truncated}
+
+... [TRUNCATED ${remaining} characters for context hygiene] ...
+\u{1F4A1} TIP: If you need to see the full output, use a tool to read the file directly or run the command with | head, | tail, or | grep.`;
+      }
+    }
+    const outputFilePath = digestResult?.fullOutputPath ?? null;
+    const tuiOutput = digestResult?.digestedOutput ? `${digestResult.digestedOutput}${outputFilePath ? `
+\u{1F4C4} Full output: ${outputFilePath}` : ""}` : digestFallbackOutput.slice(0, DISPLAY_LIMITS.OUTPUT_SUMMARY);
+    this.emitToolResult(call.name, result2.success, tuiOutput, result2.error, Date.now() - toolStartTime);
+    return { digestedOutputForLLM, digestResult };
+  }
+  /**
+   * Record tool execution results to Journal and aggregate memos.
+   *
+   * WHY no truncation on inputSummary: Strategist needs full context —
+   * "hydra -l admin -P rockyou.txt ssh://10.0.0.1" must survive intact.
+   */
+  recordJournalMemo(call, result2, digestedOutputForLLM, digestResult) {
+    this.turnToolJournal.push({
+      name: call.name,
+      inputSummary: JSON.stringify(call.input),
+      success: result2.success,
+      analystSummary: digestResult?.memo ? digestResult.memo.keyFindings.join("; ") || "No key findings" : digestedOutputForLLM,
+      outputFile: digestResult?.fullOutputPath ?? null
+    });
+    if (digestResult?.memo) {
+      const m = digestResult.memo;
+      this.turnMemo.keyFindings.push(...m.keyFindings);
+      this.turnMemo.credentials.push(...m.credentials);
+      this.turnMemo.attackVectors.push(...m.attackVectors);
+      this.turnMemo.failures.push(...m.failures);
+      this.turnMemo.suspicions.push(...m.suspicions);
+      if ((ATTACK_VALUE_RANK[m.attackValue] ?? 0) > (ATTACK_VALUE_RANK[this.turnMemo.attackValue] ?? 0)) {
+        this.turnMemo.attackValue = m.attackValue;
+      }
+      this.turnMemo.nextSteps.push(...m.nextSteps);
+      if (m.reflection) this.turnReflections.push(m.reflection);
+    }
+    if (digestResult?.memo?.credentials.length) {
+      for (const cred of digestResult.memo.credentials) {
+        this.state.addLoot({ type: LOOT_TYPES.CREDENTIAL, host: "auto-extracted", detail: cred, obtainedAt: Date.now() });
+      }
+    }
+  }
   /**
    * Enrich tool error — delegates to extracted module (§3-1)
    */
@@ -10794,7 +10836,7 @@ ${firstLine}`, phase }
 // src/agents/prompt-builder.ts
 import { readFileSync as readFileSync6, existsSync as existsSync9, readdirSync as readdirSync3 } from "fs";
 import { join as join11, dirname as dirname5 } from "path";
-import { fileURLToPath as fileURLToPath4 } from "url";
+import { fileURLToPath as fileURLToPath3 } from "url";
 
 // src/shared/constants/prompts.ts
 var PROMPT_PATHS = {
@@ -10853,6 +10895,44 @@ var PROMPT_CONFIG = {
 var INITIAL_TASKS = {
   RECON: "Initial reconnaissance and target discovery"
 };
+var CONTEXT_EXTRACTOR_PROMPT = `You are extracting actionable intelligence from a penetration testing session.
+DO NOT simply summarize or shorten. EXTRACT critical facts:
+
+1. DISCOVERED: Services, versions, paths, parameters (exact IPs, ports, versions)
+2. CONFIRMED: Vulnerabilities or access confirmed
+3. CREDENTIALS: Usernames, passwords, tokens, keys
+4. DEAD ENDS: What failed \u2014 include EXACT command, tool, arguments, wordlist/file used.
+   Distinguish between:
+   - "This approach itself is impossible" (e.g., SSH key-only \u2192 no password brute force works)
+   - "This specific attempt failed" (e.g., sqlmap with default tamper \u2192 try different tamper)
+5. OPEN LEADS: Unexplored paths worth pursuing
+
+Every line must include exact commands/tools/files used.
+The reader must be able to judge whether a retry with different parameters is worthwhile.`;
+var REFLECTION_PROMPT = `You are a tactical reviewer for a penetration testing agent.
+Review ALL actions from this turn \u2014 successes AND failures.
+
+1. ASSESSMENT: What did this turn accomplish? Rate: HIGH / MED / LOW / NONE.
+2. SUCCESSES: What worked? Can this pattern be replicated elsewhere?
+3. FAILURES: What failed? Is this a repeated pattern? If so \u2192 STOP this approach.
+4. BLIND SPOTS: What was missed or overlooked?
+5. NEXT PRIORITY: Single most valuable next action.
+
+3-5 lines. Every word must be actionable.`;
+var SUMMARY_REGENERATOR_PROMPT = `Update this penetration testing session summary with the new turn data.
+
+Must include:
+- All discovered hosts, services, versions (exact IPs, ports, software versions)
+- All confirmed vulnerabilities
+- All obtained credentials
+- Failed attempts with EXACT commands/tools/arguments/files used.
+  For each failure, state:
+  - The root cause (auth method? WAF? patched? wrong params?)
+  - Whether retrying with different parameters could work
+- Top unexplored leads
+
+Remove outdated/superseded info. Keep concise but COMPLETE.
+The reader must be able to decide what to retry and what to never attempt again.`;
 
 // src/shared/constants/scoring.ts
 var ATTACK_SCORING = {
@@ -11018,7 +11098,6 @@ function getAttacksForService(service, port) {
 import { writeFileSync as writeFileSync8, readFileSync as readFileSync5, existsSync as existsSync8, readdirSync as readdirSync2, statSync as statSync2, unlinkSync as unlinkSync5 } from "fs";
 import { join as join10 } from "path";
 var MAX_JOURNAL_ENTRIES = 50;
-var SUMMARY_REGEN_INTERVAL = 10;
 var MAX_OUTPUT_FILES = 30;
 var TURN_PREFIX = "turn-";
 var SUMMARY_FILE = "summary.md";
@@ -11075,9 +11154,6 @@ function getNextTurnNumber() {
     return 1;
   }
 }
-function shouldRegenerateSummary(currentTurn) {
-  return currentTurn > 0 && currentTurn % SUMMARY_REGEN_INTERVAL === 0;
-}
 function regenerateJournalSummary() {
   try {
     const entries = getRecentEntries();
@@ -11096,6 +11172,10 @@ function regenerateJournalSummary() {
   }
 }
 function buildSummaryFromEntries(entries) {
+  const buckets = collectSummaryBuckets(entries);
+  return formatSummaryMarkdown(buckets, entries);
+}
+function collectSummaryBuckets(entries) {
   const attempts = [];
   const findings = [];
   const credentials = [];
@@ -11104,19 +11184,11 @@ function buildSummaryFromEntries(entries) {
   const suspicions = [];
   const nextSteps = [];
   const reflections = [];
-  const VALUE_ORDER = { HIGH: 0, MED: 1, LOW: 2, NONE: 3 };
   const reversed = [...entries].reverse();
   for (const entry of reversed) {
     const value = entry.memo.attackValue || "LOW";
     for (const tool of entry.tools) {
-      attempts.push({
-        turn: entry.turn,
-        phase: entry.phase,
-        ok: tool.success,
-        name: tool.name,
-        input: tool.inputSummary,
-        value
-      });
+      attempts.push({ turn: entry.turn, phase: entry.phase, ok: tool.success, name: tool.name, input: tool.inputSummary, value });
     }
     for (const finding of entry.memo.keyFindings) {
       const line = `- [T${entry.turn}|\u26A1${value}] ${finding}`;
@@ -11155,9 +11227,13 @@ function buildSummaryFromEntries(entries) {
     }
   }
   attempts.sort((a, b) => {
-    const vd = (VALUE_ORDER[a.value] ?? 3) - (VALUE_ORDER[b.value] ?? 3);
+    const vd = (ATTACK_VALUE_RANK[b.value] ?? 0) - (ATTACK_VALUE_RANK[a.value] ?? 0);
     return vd !== 0 ? vd : b.turn - a.turn;
   });
+  return { attempts, findings, credentials, successes, failures, suspicions, nextSteps, reflections };
+}
+function formatSummaryMarkdown(buckets, entries) {
+  const { attempts, findings, credentials, successes, failures, suspicions, nextSteps, reflections } = buckets;
   const attemptLines = attempts.map(
     (a) => `- [T${a.turn}|${a.phase}|\u26A1${a.value}] ${a.ok ? "\u2705" : "\u274C"} ${a.name}: ${a.input}`
   );
@@ -11234,8 +11310,8 @@ function rotateOutputFiles() {
 }
 
 // src/agents/prompt-builder.ts
-var __dirname4 = dirname5(fileURLToPath4(import.meta.url));
-var PROMPTS_DIR = join11(__dirname4, "prompts");
+var __dirname3 = dirname5(fileURLToPath3(import.meta.url));
+var PROMPTS_DIR = join11(__dirname3, "prompts");
 var TECHNIQUES_DIR = join11(PROMPTS_DIR, PROMPT_PATHS.TECHNIQUES_DIR);
 var { AGENT_FILES } = PROMPT_PATHS;
 var PHASE_PROMPT_MAP = {
@@ -11537,12 +11613,20 @@ ${lines.join("\n")}
   }
   // --- §13: Session Journal Summary ---
   /**
-   * Load journal summary from .pentesting/journal/summary.md
-   * Provides compressed history of past turns — what worked, what failed,
-   * what was discovered. Main LLM uses this for continuity across many turns.
+   * Load journal summary — prefers Summary Regenerator (⑥) output,
+   * falls back to deterministic journal summary.
    */
   getJournalFragment() {
     try {
+      const summaryPath = join11(WORKSPACE.TURNS, "summary.md");
+      if (existsSync9(summaryPath)) {
+        const summary2 = readFileSync6(summaryPath, "utf-8");
+        if (summary2.trim()) {
+          return `<session-journal>
+${summary2}
+</session-journal>`;
+        }
+      }
       const summary = readJournalSummary();
       if (!summary) return "";
       return `<session-journal>
@@ -11566,9 +11650,9 @@ ${summary}
 // src/agents/strategist.ts
 import { readFileSync as readFileSync7, existsSync as existsSync10 } from "fs";
 import { join as join12, dirname as dirname6 } from "path";
-import { fileURLToPath as fileURLToPath5 } from "url";
-var __dirname5 = dirname6(fileURLToPath5(import.meta.url));
-var STRATEGIST_PROMPT_PATH = join12(__dirname5, "prompts", "strategist-system.md");
+import { fileURLToPath as fileURLToPath4 } from "url";
+var __dirname4 = dirname6(fileURLToPath4(import.meta.url));
+var STRATEGIST_PROMPT_PATH = join12(__dirname4, "prompts", "strategist-system.md");
 var Strategist = class {
   llm;
   state;
@@ -11626,7 +11710,14 @@ var Strategist = class {
       sections.push(failures);
     }
     try {
-      const journalSummary = readJournalSummary();
+      let journalSummary = "";
+      const summaryPath = join12(WORKSPACE.TURNS, "summary.md");
+      if (existsSync10(summaryPath)) {
+        journalSummary = readFileSync7(summaryPath, "utf-8").trim();
+      }
+      if (!journalSummary) {
+        journalSummary = readJournalSummary();
+      }
       if (journalSummary) {
         sections.push("");
         sections.push("## Session Journal (past turns summary)");
@@ -11743,7 +11834,94 @@ Detect stalls (repeated failures, no progress) and force completely different at
 Chain every finding: "If X works \u2192 immediately do Y \u2192 which enables Z."
 Maximum 50 lines. Zero preamble. Direct imperatives only. Never repeat failed approaches.`;
 
+// src/shared/utils/turn-record.ts
+function formatTurnRecord(input) {
+  const { turn, timestamp, phase, tools, memo: memo6, reflection } = input;
+  const time = timestamp.slice(0, 19).replace("T", " ");
+  const sections = [];
+  sections.push(`# Turn ${turn} | ${time} | Phase: ${phase}`);
+  sections.push("");
+  sections.push("## \uC2E4\uD589 \uB3C4\uAD6C");
+  if (tools.length === 0) {
+    sections.push("- (\uB3C4\uAD6C \uC2E4\uD589 \uC5C6\uC74C)");
+  } else {
+    for (const tool of tools) {
+      const status = tool.success ? "\u2705" : "\u274C";
+      const line = `- ${tool.name}(${tool.inputSummary}) \u2192 ${status} ${tool.analystSummary}`;
+      sections.push(line);
+    }
+  }
+  sections.push("");
+  sections.push("## \uD575\uC2EC \uC778\uC0AC\uC774\uD2B8");
+  if (memo6.keyFindings.length > 0) {
+    for (const f of memo6.keyFindings) sections.push(`- DISCOVERED: ${f}`);
+  }
+  if (memo6.credentials.length > 0) {
+    for (const c of memo6.credentials) sections.push(`- CREDENTIAL: ${c}`);
+  }
+  if (memo6.attackVectors.length > 0) {
+    for (const v of memo6.attackVectors) sections.push(`- CONFIRMED: ${v}`);
+  }
+  if (memo6.failures.length > 0) {
+    for (const f of memo6.failures) sections.push(`- DEAD END: ${f}`);
+  }
+  if (memo6.suspicions.length > 0) {
+    for (const s of memo6.suspicions) sections.push(`- SUSPICIOUS: ${s}`);
+  }
+  if (memo6.nextSteps.length > 0) {
+    for (const n of memo6.nextSteps) sections.push(`- NEXT: ${n}`);
+  }
+  if (memo6.keyFindings.length === 0 && memo6.failures.length === 0 && memo6.credentials.length === 0) {
+    sections.push("- (\uD2B9\uC774\uC0AC\uD56D \uC5C6\uC74C)");
+  }
+  sections.push("");
+  sections.push("## \uC790\uAE30\uBC18\uC131");
+  sections.push(reflection || "- (\uBC18\uC131 \uC5C6\uC74C)");
+  sections.push("");
+  return sections.join("\n");
+}
+function formatForExtraction(messages) {
+  const parts = ["\uB2E4\uC74C\uC740 \uD39C\uD14C\uC2A4\uD305 \uC138\uC158\uC758 \uB300\uD654 \uAE30\uB85D\uC785\uB2C8\uB2E4. \uD575\uC2EC \uC778\uC0AC\uC774\uD2B8\uB97C \uCD94\uCD9C\uD558\uC138\uC694:\n"];
+  for (const msg of messages) {
+    const role = msg.role === "assistant" ? "AGENT" : msg.role === "user" ? "RESULT" : msg.role.toUpperCase();
+    const content = typeof msg.content === "string" ? msg.content : JSON.stringify(msg.content);
+    const truncated = content.length > 3e3 ? content.slice(0, 1500) + "\n...(truncated)...\n" + content.slice(-1500) : content;
+    parts.push(`[${role}]
+${truncated}
+`);
+  }
+  return parts.join("\n");
+}
+function formatReflectionInput(input) {
+  const { tools, memo: memo6, phase } = input;
+  const parts = [
+    `\uD604\uC7AC Phase: ${phase}`,
+    "",
+    "\uC774\uBC88 \uD134 \uC2E4\uD589 \uACB0\uACFC:"
+  ];
+  for (const tool of tools) {
+    const status = tool.success ? "\u2705 \uC131\uACF5" : "\u274C \uC2E4\uD328";
+    parts.push(`- ${tool.name}(${tool.inputSummary}) \u2192 ${status}`);
+    if (tool.analystSummary) {
+      parts.push(`  \uC694\uC57D: ${tool.analystSummary}`);
+    }
+  }
+  if (tools.length === 0) {
+    parts.push("- (\uB3C4\uAD6C \uC2E4\uD589 \uC5C6\uC74C)");
+  }
+  parts.push("");
+  parts.push("Analyst \uCD94\uCD9C \uBA54\uBAA8:");
+  if (memo6.keyFindings.length > 0) parts.push(`  \uBC1C\uACAC: ${memo6.keyFindings.join(", ")}`);
+  if (memo6.credentials.length > 0) parts.push(`  \uD06C\uB808\uB374\uC15C: ${memo6.credentials.join(", ")}`);
+  if (memo6.failures.length > 0) parts.push(`  \uC2E4\uD328: ${memo6.failures.join(", ")}`);
+  if (memo6.suspicions.length > 0) parts.push(`  \uC758\uC2EC: ${memo6.suspicions.join(", ")}`);
+  parts.push(`  \uACF5\uACA9 \uAC00\uCE58: ${memo6.attackValue}`);
+  return parts.join("\n");
+}
+
 // src/agents/main-agent.ts
+import { writeFileSync as writeFileSync9, existsSync as existsSync11, readFileSync as readFileSync8 } from "fs";
+import { join as join13 } from "path";
 var MainAgent = class extends CoreAgent {
   promptBuilder;
   strategist;
@@ -11797,6 +11975,45 @@ var MainAgent = class extends CoreAgent {
     this.turnReflections = [];
     const dynamicPrompt = await this.getCurrentPrompt();
     const result2 = await super.step(iteration, messages, dynamicPrompt, progress);
+    try {
+      if (messages.length > 2) {
+        const extraction = await this.llm.generateResponse(
+          [{ role: "user", content: formatForExtraction(messages) }],
+          void 0,
+          CONTEXT_EXTRACTOR_PROMPT
+        );
+        if (extraction.content?.trim()) {
+          messages.length = 0;
+          messages.push({
+            role: "user",
+            content: `<session-context>
+${extraction.content.trim()}
+</session-context>`
+          });
+        }
+      }
+    } catch {
+    }
+    try {
+      if (this.turnToolJournal.length > 0) {
+        const reflection = await this.llm.generateResponse(
+          [{
+            role: "user",
+            content: formatReflectionInput({
+              tools: this.turnToolJournal,
+              memo: this.turnMemo,
+              phase: this.state.getPhase()
+            })
+          }],
+          void 0,
+          REFLECTION_PROMPT
+        );
+        if (reflection.content?.trim()) {
+          this.turnReflections.push(reflection.content.trim());
+        }
+      }
+    } catch {
+    }
     if (this.turnToolJournal.length > 0) {
       try {
         const entry = {
@@ -11808,7 +12025,50 @@ var MainAgent = class extends CoreAgent {
           reflection: this.turnReflections.length > 0 ? this.turnReflections.join(" | ") : this.turnMemo.nextSteps.join("; ")
         };
         writeJournalEntry(entry);
-        if (shouldRegenerateSummary(this.turnCounter)) {
+        try {
+          ensureDirExists(WORKSPACE.TURNS);
+          const ts = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").slice(0, 19);
+          const turnFileName = `turn-${String(this.turnCounter).padStart(3, "0")}_${ts}.md`;
+          const turnPath = join13(WORKSPACE.TURNS, turnFileName);
+          const turnContent = formatTurnRecord({
+            turn: this.turnCounter,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+            phase: this.state.getPhase(),
+            tools: this.turnToolJournal,
+            memo: this.turnMemo,
+            reflection: entry.reflection
+          });
+          writeFileSync9(turnPath, turnContent, "utf-8");
+        } catch {
+        }
+        try {
+          const summaryPath = join13(WORKSPACE.TURNS, "summary.md");
+          const existingSummary = existsSync11(summaryPath) ? readFileSync8(summaryPath, "utf-8") : "";
+          const turnData = formatTurnRecord({
+            turn: this.turnCounter,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+            phase: this.state.getPhase(),
+            tools: this.turnToolJournal,
+            memo: this.turnMemo,
+            reflection: entry.reflection
+          });
+          const summaryResponse = await this.llm.generateResponse(
+            [{
+              role: "user",
+              content: existingSummary ? `\uAE30\uC874 \uC694\uC57D:
+${existingSummary}
+
+\uC774\uBC88 \uD134:
+${turnData}` : `\uCCAB \uD134 \uB370\uC774\uD130:
+${turnData}`
+            }],
+            void 0,
+            SUMMARY_REGENERATOR_PROMPT
+          );
+          if (summaryResponse.content?.trim()) {
+            writeFileSync9(summaryPath, summaryResponse.content.trim(), "utf-8");
+          }
+        } catch {
           regenerateJournalSummary();
         }
         rotateJournalEntries();

package/dist/prompts/base.md

@@ -596,4 +596,24 @@ Ask yourself at every Reflect step:
 8. **Search when stuck** — `web_search` and `browse_url` are the most powerful weapons
 9. **Write code directly if needed** — write scripts with `write_file` → execute with `run_cmd`
 
+## 📂 Session Memory — Past Turn Records
 
+Your past actions and insights are saved as files. Use them freely:
+
+```
+.pentesting/memory/turns/
+  ├── summary.md                         ← Full session summary (updated every turn)
+  ├── turn-001_2026-02-21T08-30-15.md    ← Turn 1 details
+  ├── turn-002_2026-02-21T08-31-22.md    ← Turn 2 details
+  └── ...
+```
+
+**Each turn file has 3 sections:**
+- `## 실행 도구` — Exact commands/tools/arguments used
+- `## 핵심 인사이트` — What was discovered, confirmed, or failed
+- `## 자기반성` — Turn assessment and next priority
+
+**How to use:**
+- `summary.md` gives you the full picture — read it to understand where you stand
+- Need details of a specific past turn? → `read_file(".pentesting/memory/turns/turn-005_...")`
+- All past findings, credentials, dead ends are preserved — never lost

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.47.4",
+  "version": "0.48.1",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/main.js",