pentesting 0.56.7 → 0.70.1

package/dist/main.js

@@ -239,7 +239,13 @@ var SPECIAL_FILES = {
   /** Persistent knowledge store */
   PERSISTENT_KNOWLEDGE: "persistent-knowledge.json",
   /** Debug log file */
-  DEBUG_LOG: "debug.log"
+  DEBUG_LOG: "debug.log",
+  /**
+   * Session snapshot for Insane-level long session resumption (3차).
+   * Stores current phase, achieved foothold, next steps, credentials.
+   * Written by PlaybookSynthesizer on flag capture / manual update_mission.
+   */
+  SESSION_SNAPSHOT: "session-snapshot.json"
 };
 
 // src/shared/constants/files/patterns.ts
@@ -341,6 +347,9 @@ function initDebugLogger() {
 function debugLog(category, message, data) {
   logger.log(category, message, data);
 }
+function flowLog(actor, direction, store, detail) {
+  logger.log("flow", `${actor} ${direction} ${store}: ${detail}`);
+}
 
 // src/shared/utils/config/env.ts
 var ENV_KEYS = {
@@ -621,7 +630,11 @@ var DISPLAY_LIMITS = {
   /** Max evidence items to show in finding preview */
   EVIDENCE_ITEMS_PREVIEW: 3,
   /** Max characters per evidence item in preview */
-  EVIDENCE_PREVIEW_LENGTH: 120
+  EVIDENCE_PREVIEW_LENGTH: 120,
+  /** Max characters for API error response body */
+  API_ERROR_PREVIEW: 500,
+  /** Max characters per session/storage value in auth capture */
+  SESSION_VALUE_PREVIEW: 300
 };
 
 // src/shared/constants/limits/agent.ts
@@ -711,7 +724,7 @@ var INPUT_PROMPT_PATTERNS = [
 
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.56.7";
+var APP_VERSION = "0.70.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -932,6 +945,8 @@ var TOOL_NAMES = {
   ADD_TARGET: "add_target",
   ASK_USER: "ask_user",
   HELP: "help",
+  // Session Management (3차 Insane — long session resumption)
+  SAVE_SESSION_SNAPSHOT: "save_session_snapshot",
   // Resource Management
   BG_STATUS: "bg_status",
   BG_CLEANUP: "bg_cleanup",
@@ -1108,14 +1123,18 @@ var NODE_TYPE = {
   VULNERABILITY: "vulnerability",
   ACCESS: "access",
   LOOT: "loot",
-  OSINT: "osint"
-};
-var NODE_TYPES = {
-  ...NODE_TYPE,
-  EXPLOIT: "exploit",
-  TECHNIQUE: "technique",
-  TARGET: "target",
-  FINDING: "finding"
+  OSINT: "osint",
+  // ─── Active Directory Node Types (2차 — Hard/Insane support) ───
+  /** AD domain object (e.g. DOMAIN.LOCAL) */
+  DOMAIN: "domain",
+  /** AD user or computer account */
+  USER_ACCOUNT: "user-account",
+  /** Group Policy Object — may grant code exec if writable */
+  GPO: "gpo",
+  /** ACL entry — WriteDACL/GenericAll/etc. on another object */
+  ACL: "acl",
+  /** ADCS certificate template — ESC1-13 attack surface */
+  CERTIFICATE_TEMPLATE: "certificate-template"
 };
 var NODE_STATUS = {
   DISCOVERED: "discovered",
@@ -1326,13 +1345,21 @@ function formatFailedNode(label, reason) {
 function recommendChains(nodes, edges) {
   const chains = [];
   const visited = /* @__PURE__ */ new Set();
-  const goalTypes = [NODE_TYPE.ACCESS, NODE_TYPE.LOOT];
+  const goalTypes = [
+    NODE_TYPE.ACCESS,
+    NODE_TYPE.LOOT,
+    NODE_TYPE.DOMAIN,
+    // AD Domain compromise
+    NODE_TYPE.CERTIFICATE_TEMPLATE
+    // ADCS attack path goal
+  ];
   const entryNodes = Array.from(nodes.values()).filter(
     (n) => n.type === NODE_TYPE.HOST || n.type === NODE_TYPE.SERVICE || n.type === NODE_TYPE.CREDENTIAL || n.type === NODE_TYPE.OSINT
   );
+  const ctx = { nodes, edges, goalTypes, results: chains };
   for (const entry of entryNodes) {
     visited.clear();
-    dfsChains(entry.id, nodes, edges, [], [], visited, chains, goalTypes);
+    dfsChains(entry.id, [], [], visited, ctx);
   }
   const seen = /* @__PURE__ */ new Set();
   const unique = chains.filter((c) => {
@@ -1345,7 +1372,8 @@ function recommendChains(nodes, edges) {
   );
   return unique.slice(0, GRAPH_LIMITS.MAX_CHAINS);
 }
-function dfsChains(nodeId, nodes, edges, path2, pathEdges, visited, results, goalTypes) {
+function dfsChains(nodeId, path2, pathEdges, visited, ctx) {
+  const { nodes, edges, goalTypes, results } = ctx;
   if (visited.has(nodeId)) return;
   if (path2.length >= GRAPH_LIMITS.MAX_CHAIN_DEPTH) return;
   const node = nodes.get(nodeId);
@@ -1369,7 +1397,7 @@ function dfsChains(nodeId, nodes, edges, path2, pathEdges, visited, results, goa
     (e) => e.from === nodeId && e.status !== EDGE_STATUS.FAILED
   );
   for (const edge of outEdges) {
-    dfsChains(edge.to, nodes, edges, path2, [...pathEdges, edge], visited, results, goalTypes);
+    dfsChains(edge.to, path2, [...pathEdges, edge], visited, ctx);
   }
   path2.pop();
   visited.delete(nodeId);
@@ -1387,8 +1415,48 @@ function estimateImpact(node) {
     if (sev === SEVERITY.HIGH) return SEVERITY.HIGH;
     if (sev === SEVERITY.MEDIUM) return SEVERITY.MEDIUM;
   }
+  if (node.type === NODE_TYPE.DOMAIN) return SEVERITY.CRITICAL;
+  if (node.type === NODE_TYPE.CERTIFICATE_TEMPLATE) return SEVERITY.HIGH;
   return SEVERITY.LOW;
 }
+function extractSuccessfulChain(nodes, edges) {
+  const MIN_CHAIN_LENGTH = 2;
+  const succeededNodes = Array.from(nodes.values()).filter((n) => n.status === NODE_STATUS.SUCCEEDED);
+  if (succeededNodes.length < MIN_CHAIN_LENGTH) return null;
+  const succeededEdges = edges.filter((e) => e.status === EDGE_STATUS.SUCCEEDED);
+  const chainLabels = [];
+  const toolsUsed = [];
+  const visited = /* @__PURE__ */ new Set();
+  const incomingTargets = new Set(succeededEdges.map((e) => e.to));
+  const entryNodes = succeededNodes.filter((n) => !incomingTargets.has(n.id));
+  const queue = entryNodes.length > 0 ? [entryNodes[0]] : [succeededNodes[0]];
+  while (queue.length > 0) {
+    const current = queue.shift();
+    if (visited.has(current.id)) continue;
+    visited.add(current.id);
+    const abstractLabel = abstractifyLabel(current.label);
+    chainLabels.push(abstractLabel);
+    if (current.technique) toolsUsed.push(current.technique.split(" ")[0]);
+    const nextEdges = succeededEdges.filter((e) => e.from === current.id);
+    for (const edge of nextEdges) {
+      const nextNode = nodes.get(edge.to);
+      if (nextNode && nextNode.status === NODE_STATUS.SUCCEEDED) {
+        if (edge.action) toolsUsed.push(edge.action.split(" ")[0]);
+        queue.push(nextNode);
+      }
+    }
+  }
+  if (chainLabels.length < MIN_CHAIN_LENGTH) return null;
+  const serviceNodes = succeededNodes.filter((n) => n.type === NODE_TYPE.SERVICE);
+  const serviceProfile = serviceNodes.length > 0 ? serviceNodes.map((n) => abstractifyLabel(n.label)).join(" + ") : "unknown";
+  const chainSummary = chainLabels.join(" \u2192 ");
+  const uniqueTools = [...new Set(toolsUsed.filter(Boolean))];
+  return { serviceProfile, chainSummary, toolsUsed: uniqueTools };
+}
+function abstractifyLabel(label) {
+  let result = label.replace(/^(host|service|vulnerability|access|loot|osint|credential|cve_search):/i, "").replace(/^https?:\/\/|^ftp:\/\//gi, "").replace(/\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?\b/g, "").replace(/:\d{2,5}\b/g, "").replace(/\b[0-9a-f]{16,}\b/gi, "").replace(/(\d+\.\d+)\.\d+/g, "$1.x").trim().replace(/\s+/g, " ");
+  return result || label;
+}
 
 // src/shared/utils/attack-graph/prompt-formatter.ts
 function formatGraphForPrompt(nodes, edges, failedPaths) {
@@ -1461,7 +1529,13 @@ var TYPE_ICONS = {
   [NODE_TYPE.CREDENTIAL]: "\u{1F511}",
   [NODE_TYPE.ACCESS]: "\u{1F513}",
   [NODE_TYPE.LOOT]: "\u{1F3F4}",
-  [NODE_TYPE.OSINT]: "\u{1F50D}"
+  [NODE_TYPE.OSINT]: "\u{1F50D}",
+  // AD node icons (2차 — Hard/Insane support)
+  [NODE_TYPE.DOMAIN]: "\u{1F3F0}",
+  [NODE_TYPE.USER_ACCOUNT]: "\u{1F464}",
+  [NODE_TYPE.GPO]: "\u{1F4CB}",
+  [NODE_TYPE.ACL]: "\u{1F510}",
+  [NODE_TYPE.CERTIFICATE_TEMPLATE]: "\u{1F4DC}"
 };
 var STATUS_ICONS = {
   [NODE_STATUS.DISCOVERED]: "\u25CB",
@@ -1897,6 +1971,19 @@ var AttackGraph = class {
   addOSINT(category, detail, data = {}) {
     return registerOSINT(this.graphContainer, category, detail, data);
   }
+  /**
+   * Record an Active Directory object (domain, user-account, GPO, ACL, certificate-template).
+   *
+   * WHY: AD attacks chain through complex object relationships (ACL → user → cert → DA).
+   * Tracking these as graph nodes lets the Strategist see multi-hop AD paths.
+   *
+   * type: 'domain' | 'user-account' | 'gpo' | 'acl' | 'certificate-template'
+   * label: human-readable name (e.g. "CORP.LOCAL", "svc_sql", "ESC1-vulnerable")
+   * data: freeform metadata (members, rights, target, confidence, etc.)
+   */
+  addDomainObject(type, label, data = {}) {
+    return this.addNode(type, label, { adObject: true, ...data });
+  }
   // ─── Chain Discovery (DFS) ──────────────────────────────────
   /**
    * Find all viable attack paths using DFS.
@@ -2011,6 +2098,9 @@ function formatFingerprint(fp) {
 }
 
 // src/shared/utils/agent-memory/working-memory.ts
+var PRUNE_IMPORTANCE_WEIGHT = 0.7;
+var PRUNE_RECENCY_WEIGHT = 0.3;
+var PRUNE_WINDOW_MS = 6e5;
 var WorkingMemory = class {
   entries = [];
   maxEntries = MEMORY_LIMITS.WORKING_MEMORY_MAX_ENTRIES;
@@ -2032,8 +2122,9 @@ var WorkingMemory = class {
    * and "hydra with darkweb2017.txt" are stored as distinct attempts.
    * The LLM can see what parameter combinations have been tried and pick new ones.
    */
-  recordFailure(tool, command, error) {
+  recordFailure(tool, command, error, hypothesizedReason) {
     const fp = extractFingerprint(tool, command);
+    fp.hypothesizedReason = hypothesizedReason;
     const fpLabel = formatFingerprint(fp);
     const entry = {
       id: `wm_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
@@ -2066,12 +2157,32 @@ var WorkingMemory = class {
       (e) => e.category === "failure" && e.fingerprint != null && fingerprintsMatch(e.fingerprint, fp)
     );
   }
+  /**
+   * 사후 보완: Analyst가 분류한 hypothesizedReason을 기존 실패 항목에 추가한다.
+   *
+   * WHY: pipeline.ts에서 recordFailure()가 먼저 호출되고, Analyst 분석은
+   * 비동기로 나중에 완료된다. command 매칭으로 최근 실패 fingerprint를 찾아
+   * hypothesizedReason을 보완한다. 기존 reason이 있으면 덮어쓰지 않는다.
+   */
+  updateLastFailureReason(command, hypothesizedReason) {
+    const effectiveTool = command.split(/\s+/)[0] || "";
+    const fp = extractFingerprint(effectiveTool, command);
+    for (let i = this.entries.length - 1; i >= 0; i--) {
+      const entry = this.entries[i];
+      if (entry.category === "failure" && entry.fingerprint && fingerprintsMatch(entry.fingerprint, fp)) {
+        if (!entry.fingerprint.hypothesizedReason) {
+          entry.fingerprint.hypothesizedReason = hypothesizedReason;
+        }
+        break;
+      }
+    }
+  }
   /** Internal prune helper (used by both add() and recordFailure()) */
   pruneIfNeeded() {
     if (this.entries.length > this.maxEntries) {
       this.entries.sort((a, b) => {
-        const aScore = a.importance * 0.7 + (1 - (Date.now() - a.timestamp) / 6e5) * 0.3;
-        const bScore = b.importance * 0.7 + (1 - (Date.now() - b.timestamp) / 6e5) * 0.3;
+        const aScore = a.importance * PRUNE_IMPORTANCE_WEIGHT + (1 - (Date.now() - a.timestamp) / PRUNE_WINDOW_MS) * PRUNE_RECENCY_WEIGHT;
+        const bScore = b.importance * PRUNE_IMPORTANCE_WEIGHT + (1 - (Date.now() - b.timestamp) / PRUNE_WINDOW_MS) * PRUNE_RECENCY_WEIGHT;
         return bScore - aScore;
       });
       this.entries = this.entries.slice(0, this.maxEntries);
@@ -2102,36 +2213,47 @@ var WorkingMemory = class {
     const successes = this.entries.filter((e) => e.category === "success");
     const insights = this.entries.filter((e) => e.category === "insight" || e.category === "discovery");
     const lines = ["<working-memory>"];
-    if (failures.length > 0) {
-      lines.push(`\u26A0\uFE0F FAILED ATTEMPTS (${failures.length} \u2014 DO NOT REPEAT EXACT SAME PARAMS):`);
-      for (const f of failures.slice(-DISPLAY_LIMITS.RECENT_FAILURES)) {
-        const fp = f.fingerprint;
-        if (fp) {
-          lines.push(`  \u2717 ${formatFingerprint(fp)} \u2192 ${f.content.split("\u2192").pop()?.trim() || ""}`);
-        } else {
-          lines.push(`  \u2717 ${f.content}`);
-        }
+    lines.push(...this.buildFailuresSection(failures));
+    lines.push(...this.buildSuccessesSection(successes));
+    lines.push(...this.buildInsightsSection(insights));
+    lines.push("</working-memory>");
+    return lines.join("\n");
+  }
+  buildFailuresSection(failures) {
+    if (failures.length === 0) return [];
+    const lines = [];
+    lines.push(`\u26A0\uFE0F FAILED ATTEMPTS (${failures.length} \u2014 DO NOT REPEAT EXACT SAME PARAMS):`);
+    for (const f of failures.slice(-DISPLAY_LIMITS.RECENT_FAILURES)) {
+      const fp = f.fingerprint;
+      if (fp) {
+        const reason = fp.hypothesizedReason ? ` [${fp.hypothesizedReason}]` : "";
+        lines.push(`  \u2717 ${formatFingerprint(fp)}${reason} \u2192 ${f.content.split("\u2192").pop()?.trim() || ""}`);
+      } else {
+        lines.push(`  \u2717 ${f.content}`);
       }
-      lines.push(...this.buildAttackCoverageLines(failures));
     }
+    lines.push(...this.buildAttackCoverageLines(failures));
     const consecutiveFails = this.getConsecutiveFailures();
     if (consecutiveFails >= MEMORY_LIMITS.CONSECUTIVE_FAIL_THRESHOLD) {
       lines.push(`\u{1F534} ${consecutiveFails} CONSECUTIVE FAILURES \u2014 consider changing approach or parameters`);
     }
-    if (successes.length > 0) {
-      lines.push(`\u2705 RECENT SUCCESSES (${successes.length}):`);
-      for (const s of successes.slice(-DISPLAY_LIMITS.RECENT_SUCCESSES)) {
-        lines.push(`  \u2713 ${s.content}`);
-      }
+    return lines;
+  }
+  buildSuccessesSection(successes) {
+    if (successes.length === 0) return [];
+    const lines = [`\u2705 RECENT SUCCESSES (${successes.length}):`];
+    for (const s of successes.slice(-DISPLAY_LIMITS.RECENT_SUCCESSES)) {
+      lines.push(`  \u2713 ${s.content}`);
     }
-    if (insights.length > 0) {
-      lines.push(`\u{1F4A1} INSIGHTS:`);
-      for (const i of insights.slice(-DISPLAY_LIMITS.RECENT_INSIGHTS)) {
-        lines.push(`  \u2192 ${i.content}`);
-      }
+    return lines;
+  }
+  buildInsightsSection(insights) {
+    if (insights.length === 0) return [];
+    const lines = ["\u{1F4A1} INSIGHTS:"];
+    for (const i of insights.slice(-DISPLAY_LIMITS.RECENT_INSIGHTS)) {
+      lines.push(`  \u2192 ${i.content}`);
     }
-    lines.push("</working-memory>");
-    return lines.join("\n");
+    return lines;
   }
   /**
    * Build ATTACK COVERAGE lines grouped by tool+target.
@@ -2227,9 +2349,38 @@ var EpisodicMemory = class {
 };
 
 // src/shared/utils/agent-memory/persistent-memory.ts
-import { existsSync as existsSync2, readFileSync, writeFileSync as writeFileSync2 } from "fs";
+import { existsSync as existsSync2, readFileSync, writeFileSync as writeFileSync2, unlinkSync } from "fs";
 import { join as join2 } from "path";
+
+// src/shared/utils/agent-memory/similarity.ts
+var JACCARD_MATCH_THRESHOLD = 0.15;
+var MIN_TOKEN_LENGTH = 2;
+function tokenize(s) {
+  return new Set(
+    s.toLowerCase().replace(/[^a-z0-9\s]/g, " ").split(/\s+/).filter((t) => t.length >= MIN_TOKEN_LENGTH)
+  );
+}
+function jaccardSimilarity(a, b) {
+  const setA = tokenize(a);
+  const setB = tokenize(b);
+  if (setA.size === 0 || setB.size === 0) return 0;
+  let intersection = 0;
+  for (const token of setA) {
+    if (setB.has(token)) intersection++;
+  }
+  const union = setA.size + setB.size - intersection;
+  return union === 0 ? 0 : intersection / union;
+}
+function matchesServiceProfile(serviceProfile, services) {
+  if (services.length === 0) return false;
+  const query = services.join(" ");
+  return jaccardSimilarity(serviceProfile, query) >= JACCARD_MATCH_THRESHOLD;
+}
+
+// src/shared/utils/agent-memory/persistent-memory.ts
 var MEMORY_FILE = join2(WORKSPACE.MEMORY, SPECIAL_FILES.PERSISTENT_KNOWLEDGE);
+var SNAPSHOT_FILE = join2(WORKSPACE.MEMORY, SPECIAL_FILES.SESSION_SNAPSHOT);
+var MAX_PLAYBOOK_DISPLAY = 3;
 var PersistentMemory = class {
   knowledge;
   constructor() {
@@ -2287,7 +2438,37 @@ var PersistentMemory = class {
    * Clear all knowledge (for testing isolation).
    */
   clear() {
-    this.knowledge = { successfulTechniques: [], failurePatterns: [], techFacts: [] };
+    this.knowledge = { successfulTechniques: [], failurePatterns: [], techFacts: [], exploitChains: [] };
+    this.save();
+    try {
+      if (existsSync2(SNAPSHOT_FILE)) {
+        unlinkSync(SNAPSHOT_FILE);
+      }
+    } catch {
+    }
+  }
+  /**
+   * Record a successful exploit chain for session-level reuse (CurriculumPT §).
+   *
+   * WHY: 단일 기법 저장(recordSuccess)과 달리, 체인 전체를 저장한다.
+   * 다음 세션에서 동일 서비스 스택 조우 시 체인 첫 단계부터 시도할 수 있다.
+   */
+  recordExploitChain(serviceProfile, chainSummary, toolsUsed) {
+    const existing = this.knowledge.exploitChains.find(
+      (c) => c.serviceProfile === serviceProfile && c.chainSummary === chainSummary
+    );
+    if (existing) {
+      existing.successCount++;
+      existing.lastSucceededAt = Date.now();
+    } else {
+      this.knowledge.exploitChains.push({
+        serviceProfile,
+        chainSummary,
+        toolsUsed,
+        successCount: 1,
+        lastSucceededAt: Date.now()
+      });
+    }
     this.save();
   }
   /**
@@ -2301,22 +2482,94 @@ var PersistentMemory = class {
         relevant.push(`${svc}: ${techniques.map((t) => `${t.technique} (${t.successCount}x)`).join(", ")}`);
       }
     }
-    if (relevant.length === 0) return "";
-    return [
-      "<persistent-memory>",
-      "PREVIOUSLY SUCCESSFUL TECHNIQUES:",
-      ...relevant.map((r) => `  \u{1F4DA} ${r}`),
-      "</persistent-memory>"
-    ].join("\n");
+    const matchedChains = this.knowledge.exploitChains.filter(
+      (chain) => matchesServiceProfile(chain.serviceProfile, services)
+    ).sort((a, b) => b.successCount - a.successCount).slice(0, MAX_PLAYBOOK_DISPLAY);
+    if (relevant.length === 0 && matchedChains.length === 0) return "";
+    const sections = ["<persistent-memory>"];
+    if (relevant.length > 0) {
+      sections.push(
+        "PREVIOUSLY SUCCESSFUL TECHNIQUES:",
+        ...relevant.map((r) => `  \u{1F4DA} ${r}`)
+      );
+    }
+    if (matchedChains.length > 0) {
+      sections.push(
+        "EXPLOIT CHAIN PLAYBOOKS (matched to current target):",
+        ...matchedChains.map(
+          (c) => `  \u{1F517} [${c.serviceProfile}] ${c.chainSummary} (${c.successCount}x) tools:[${c.toolsUsed.join(",")}]`
+        )
+      );
+    }
+    sections.push("</persistent-memory>");
+    return sections.join("\n");
+  }
+  /**
+   * Save a session snapshot for long-session resumption (3차 Insane protocol).
+   *
+   * WHY: Insane-level boxes require multi-hour sessions spanning restarts.
+   * The snapshot stores WHERE we are (phase), WHAT we achieved (foothold),
+   * WHAT'S NEXT (prioritized list), and WHAT credentials are usable.
+   * On session start, Strategist reads this and resumes immediately.
+   */
+  saveSessionSnapshot(snapshot) {
+    try {
+      ensureDirExists(WORKSPACE.MEMORY);
+      writeFileSync2(SNAPSHOT_FILE, JSON.stringify(snapshot, null, 2));
+    } catch {
+    }
+  }
+  /**
+   * Load the most recent session snapshot (if any).
+   */
+  loadSessionSnapshot() {
+    try {
+      if (existsSync2(SNAPSHOT_FILE)) {
+        return JSON.parse(readFileSync(SNAPSHOT_FILE, "utf-8"));
+      }
+    } catch {
+    }
+    return null;
+  }
+  /**
+   * Format session snapshot for Strategist prompt injection.
+   * Returns empty string if no snapshot exists.
+   */
+  snapshotToPrompt() {
+    const snap = this.loadSessionSnapshot();
+    if (!snap) return "";
+    const lines = [
+      "<session-snapshot>",
+      `TARGET: ${snap.target}  PHASE: ${snap.phase}  SAVED: ${new Date(snap.savedAt).toISOString()}`,
+      "",
+      "ACHIEVED:",
+      ...snap.achieved.map((a) => `  \u2705 ${a}`),
+      "",
+      "NEXT PRIORITIES (resume here):",
+      ...snap.next.map((n, i) => `  ${i + 1}. ${n}`)
+    ];
+    if (snap.credentials.length > 0) {
+      lines.push("", "USABLE CREDENTIALS:");
+      snap.credentials.forEach((c) => lines.push(`  \u{1F511} ${c}`));
+    }
+    if (snap.notes) {
+      lines.push("", `NOTES: ${snap.notes}`);
+    }
+    lines.push("</session-snapshot>");
+    return lines.join("\n");
   }
   load() {
     try {
       if (existsSync2(MEMORY_FILE)) {
-        return JSON.parse(readFileSync(MEMORY_FILE, "utf-8"));
+        const data = JSON.parse(readFileSync(MEMORY_FILE, "utf-8"));
+        return {
+          ...data,
+          exploitChains: data.exploitChains ?? []
+        };
       }
     } catch {
     }
-    return { successfulTechniques: [], failurePatterns: [], techFacts: [] };
+    return { successfulTechniques: [], failurePatterns: [], techFacts: [], exploitChains: [] };
   }
   save() {
     try {
@@ -2551,10 +2804,29 @@ var TargetState = class {
 };
 
 // src/engine/state/finding-state.ts
+var FALLBACK_INFERENCE_DEPTH = 2;
 var FindingState = class {
   findings = [];
+  /**
+   * Add a finding to the state.
+   *
+   * inferenceDepth 자동 계산 (SAUP §18):
+   * - finding.inferenceDepth가 명시되면 그대로 사용
+   * - finding.basedOnFindingIds가 있으면 참조 Finding의 최대 depth+1 자동 설정
+   * - 둘 다 없으면 undefined 유지 (기존 동작)
+   */
   add(finding) {
-    this.findings.push(finding);
+    let resolved = finding;
+    if (finding.inferenceDepth === void 0 && finding.basedOnFindingIds?.length) {
+      const referencedDepths = finding.basedOnFindingIds.map((id) => this.findings.find((f) => f.id === id)?.inferenceDepth).filter((d) => d !== void 0);
+      if (referencedDepths.length > 0) {
+        const maxDepth = Math.max(...referencedDepths);
+        resolved = { ...finding, inferenceDepth: maxDepth + 1 };
+      } else {
+        resolved = { ...finding, inferenceDepth: FALLBACK_INFERENCE_DEPTH };
+      }
+    }
+    this.findings.push(resolved);
   }
   getAll() {
     return this.findings;
@@ -2986,6 +3258,12 @@ var SharedState = class {
   episodicMemory = new EpisodicMemory();
   persistentMemory = new PersistentMemory();
   dynamicTechniques = new DynamicTechniqueLibrary();
+  /**
+   * §18 Epistemic Awareness: Reflector LLM의 자기인식 결과를 다음 턴에 주입하기 위해 저장.
+   * WHY: Reflector가 "검증 안 된 전제"를 판단해도 PromptBuilder가 읽지 않으면 무의미.
+   *   이 필드로 turn N의 reflection → turn N+1 prompt 레이어(epistemic-check)에 주입된다.
+   */
+  lastReflection = null;
   constructor() {
     this.targetState = new TargetState(this.attackGraph);
     this.findingState = new FindingState();
@@ -3003,6 +3281,7 @@ var SharedState = class {
     this.workingMemory.clear();
     this.episodicMemory.clear();
     this.dynamicTechniques.clear();
+    this.lastReflection = null;
   }
   // Delegation to MissionState
   setMissionSummary(summary) {
@@ -3037,7 +3316,7 @@ var SharedState = class {
   setScope(scope) {
     this.engagementState.setScope(scope, this.sessionState.getPhase());
   }
-  // Delegation to TODOState
+  // Delegation to TodoState
   addTodo(content, priority = PRIORITIES.MEDIUM) {
     return this.todoState.add(content, priority);
   }
@@ -3124,23 +3403,11 @@ var SharedState = class {
   getTimeStatus() {
     return this.sessionState.getTimeStatus();
   }
-  /** @deprecated Use StateSerializer.toPrompt(state) */
-  toPrompt() {
-    const lines = [];
-    const eng = this.getEngagement();
-    if (eng) lines.push(`Engagement: ${eng.name} (${eng.client})`);
-    const t = this.getAllTargets();
-    if (t.length > 0) lines.push(`Targets: ${t.length}`);
-    const f = this.getFindings();
-    if (f.length > 0) lines.push(`Findings: ${f.length}`);
-    lines.push(`Phase: ${this.getPhase()}`);
-    return lines.join("\n");
-  }
 };
 
 // src/engine/process/process-lifecycle.ts
 import { spawn as spawn4 } from "child_process";
-import { writeFileSync as writeFileSync4, unlinkSync } from "fs";
+import { writeFileSync as writeFileSync4, unlinkSync as unlinkSync2 } from "fs";
 
 // src/engine/process/process-tree.ts
 import { execSync } from "child_process";
@@ -4258,7 +4525,7 @@ function startBackgroundProcess(command, options = {}) {
   if (!torLeak.safe) {
     for (const f of [stdoutFile, stderrFile, stdinFile]) {
       try {
-        unlinkSync(f);
+        unlinkSync2(f);
       } catch {
       }
     }
@@ -4461,7 +4728,7 @@ function getAllProcessEntries() {
 
 // src/engine/process/process-stopper.ts
 import { execSync as execSync2 } from "child_process";
-import { unlinkSync as unlinkSync2 } from "fs";
+import { unlinkSync as unlinkSync3 } from "fs";
 var cleanupDone = false;
 async function stopBackgroundProcess(processId) {
   const proc = getProcess(processId);
@@ -4473,15 +4740,15 @@ async function stopBackgroundProcess(processId) {
     await killProcessTree(proc.pid, proc.childPids);
   }
   try {
-    unlinkSync2(proc.stdoutFile);
+    unlinkSync3(proc.stdoutFile);
   } catch {
   }
   try {
-    unlinkSync2(proc.stderrFile);
+    unlinkSync3(proc.stderrFile);
   } catch {
   }
   try {
-    unlinkSync2(proc.stdinFile);
+    unlinkSync3(proc.stdinFile);
   } catch {
   }
   logEvent(processId, PROCESS_EVENTS.STOPPED, `Stopped ${proc.role} (PID:${proc.pid}, children:${proc.childPids.length})`);
@@ -4551,15 +4818,15 @@ async function cleanupAllProcesses() {
   }
   for (const [, proc] of backgroundProcesses) {
     try {
-      unlinkSync2(proc.stdoutFile);
+      unlinkSync3(proc.stdoutFile);
     } catch {
     }
     try {
-      unlinkSync2(proc.stderrFile);
+      unlinkSync3(proc.stderrFile);
     } catch {
     }
     try {
-      unlinkSync2(proc.stdinFile);
+      unlinkSync3(proc.stdinFile);
     } catch {
     }
   }
@@ -4651,22 +4918,22 @@ Ports In Use: ${ports.join(", ")}`);
 }
 
 // src/engine/process/process-cleanup.ts
-import { unlinkSync as unlinkSync3 } from "fs";
+import { unlinkSync as unlinkSync4 } from "fs";
 function syncCleanupAllProcesses(processMap) {
   for (const [, proc] of processMap) {
     if (!proc.hasExited) {
       killProcessTreeSync(proc.pid, proc.childPids);
     }
     try {
-      unlinkSync3(proc.stdoutFile);
+      unlinkSync4(proc.stdoutFile);
     } catch {
     }
     try {
-      unlinkSync3(proc.stderrFile);
+      unlinkSync4(proc.stderrFile);
     } catch {
     }
     try {
-      unlinkSync3(proc.stdinFile);
+      unlinkSync4(proc.stdinFile);
     } catch {
     }
   }
@@ -4691,12 +4958,25 @@ function registerExitHandlers(processMap) {
 registerExitHandlers(getBackgroundProcessesMap());
 
 // src/engine/state/state-serializer.ts
+var UNVERIFIED_CHAIN_DEPTH_THRESHOLD = 2;
 var StateSerializer = class {
   /**
    * Convert full state to a compact prompt summary
    */
   static toPrompt(state) {
     const lines = [];
+    this.formatContextAndMission(state, lines);
+    this.formatTargets(state, lines);
+    this.formatFindings(state, lines);
+    this.formatLoot(state, lines);
+    this.formatTodos(state, lines);
+    this.formatEnvironment(state, lines);
+    const snapshot = state.persistentMemory.snapshotToPrompt();
+    if (snapshot) lines.push(snapshot);
+    lines.push(`Phase: ${state.getPhase()}`);
+    return lines.join("\n");
+  }
+  static formatContextAndMission(state, lines) {
     const engagement = state.getEngagement();
     const scope = state.getScope();
     if (engagement) {
@@ -4713,54 +4993,83 @@ var StateSerializer = class {
     if (checklist.length > 0) {
       lines.push(`STRATEGIC CHECKLIST:`);
       for (const item of checklist) {
-        const status = item.isCompleted ? `${STATUS_MARKERS.RUNNING}` : "[...]";
+        const status = item.isCompleted ? "[x]" : "[ ]";
         lines.push(`  ${status} ${item.text} [${item.id}]`);
       }
     }
+  }
+  static formatTargets(state, lines) {
     const targets = state.getAllTargets();
-    if (targets.length > 0) {
-      const byCategory = /* @__PURE__ */ new Map();
-      for (const t of targets) {
-        const cat = t.primaryCategory || SERVICE_CATEGORIES.NETWORK;
-        if (!byCategory.has(cat)) byCategory.set(cat, []);
-        byCategory.get(cat).push(t);
-      }
-      lines.push(`Targets (${targets.length}):`);
-      for (const [cat, catTargets] of byCategory) {
-        lines.push(`  [${cat}] ${catTargets.length} hosts`);
-        for (const t of catTargets.slice(0, DISPLAY_LIMITS.TARGET_PREVIEW)) {
-          const ports = (t.ports || []).map((p) => `${p.port}/${p.service}`).join(", ");
-          lines.push(`    ${t.ip}${t.hostname ? ` (${t.hostname})` : ""}: ${ports || "unknown"}`);
-        }
+    if (targets.length === 0) return;
+    const byCategory = /* @__PURE__ */ new Map();
+    for (const t of targets) {
+      const cat = t.primaryCategory || SERVICE_CATEGORIES.NETWORK;
+      if (!byCategory.has(cat)) byCategory.set(cat, []);
+      byCategory.get(cat).push(t);
+    }
+    lines.push(`Targets (${targets.length}):`);
+    for (const [cat, catTargets] of byCategory) {
+      lines.push(`  [${cat}] ${catTargets.length} hosts`);
+      for (const t of catTargets.slice(0, DISPLAY_LIMITS.TARGET_PREVIEW)) {
+        const ports = (t.ports || []).map((p) => `${p.port}/${p.service}`).join(", ");
+        lines.push(`    ${t.ip}${t.hostname ? ` (${t.hostname})` : ""}: ${ports || "unknown"}`);
       }
     }
+  }
+  static formatFindings(state, lines) {
     const findings = state.getFindings();
-    if (findings.length > 0) {
-      const confirmed = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED).length;
-      const probable = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.PROBABLE && f.confidence < CONFIDENCE_THRESHOLDS.CONFIRMED).length;
-      const possible = findings.filter((f) => f.confidence < CONFIDENCE_THRESHOLDS.PROBABLE).length;
-      lines.push(`Findings: ${findings.length} total (confirmed:${confirmed} probable:${probable} possible:${possible})`);
-      const highPriority = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED).sort((a, b) => b.confidence - a.confidence);
-      if (highPriority.length > 0) {
-        lines.push(`  Confirmed Findings (\u2265${CONFIDENCE_THRESHOLDS.CONFIRMED}):`);
-        for (const f of highPriority.slice(0, DISPLAY_LIMITS.FINDING_PREVIEW)) {
-          const tactic = f.attackPattern ? ` [ATT&CK:${f.attackPattern}]` : "";
-          lines.push(`    [conf:${f.confidence}|${f.severity.toUpperCase()}] ${f.title} (${f.category || "general"})${tactic}`);
-        }
+    if (findings.length === 0) return;
+    const confirmed = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED).length;
+    const probable = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.PROBABLE && f.confidence < CONFIDENCE_THRESHOLDS.CONFIRMED).length;
+    const possible = findings.filter((f) => f.confidence < CONFIDENCE_THRESHOLDS.PROBABLE).length;
+    const unverifiedChain = findings.filter((f) => (f.inferenceDepth ?? 0) >= UNVERIFIED_CHAIN_DEPTH_THRESHOLD).length;
+    lines.push(`Findings: ${findings.length} total (confirmed:${confirmed} probable:${probable} possible:${possible}${unverifiedChain > 0 ? ` \u26A0\uFE0Funverified-chain:${unverifiedChain}` : ""})`);
+    const highPriority = findings.filter((f) => f.confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED).sort((a, b) => b.confidence - a.confidence);
+    if (highPriority.length > 0) {
+      lines.push(`  Confirmed Findings (\u2265${CONFIDENCE_THRESHOLDS.CONFIRMED}):`);
+      for (const f of highPriority.slice(0, DISPLAY_LIMITS.FINDING_PREVIEW)) {
+        const tactic = f.attackPattern ? ` [ATT&CK:${f.attackPattern}]` : "";
+        lines.push(`    [conf:${f.confidence}|${f.severity.toUpperCase()}] ${f.title} (${f.category || "general"})${tactic}`);
+      }
+    }
+    if (unverifiedChain > 0) {
+      const unverified = findings.filter((f) => (f.inferenceDepth ?? 0) >= UNVERIFIED_CHAIN_DEPTH_THRESHOLD).sort((a, b) => (b.inferenceDepth ?? 0) - (a.inferenceDepth ?? 0));
+      lines.push(`  \u26A0\uFE0F Unverified Inference Chain Findings (direct verification recommended):`);
+      for (const f of unverified.slice(0, DISPLAY_LIMITS.FINDING_PREVIEW)) {
+        lines.push(`    [depth:${f.inferenceDepth}|conf:${f.confidence}] ${f.title}`);
       }
     }
+  }
+  static formatLoot(state, lines) {
     const loot = state.getLoot();
-    if (loot.length > 0) {
-      lines.push(`Loot: ${loot.length} items`);
+    if (loot.length === 0) return;
+    const ACTIONABLE_TYPES = /* @__PURE__ */ new Set(["credential", "token", "hash", "api_key", "ssh_key", "ticket", "session"]);
+    const actionable = loot.filter((l) => ACTIONABLE_TYPES.has(l.type));
+    const other = loot.filter((l) => !ACTIONABLE_TYPES.has(l.type));
+    lines.push(`Loot (${loot.length} items):`);
+    for (const l of actionable.slice(0, DISPLAY_LIMITS.COMPACT_LIST_ITEMS)) {
+      lines.push(`  \u26A1 USABLE [${l.type}] ${l.host}: ${l.detail}`);
+    }
+    if (actionable.length > DISPLAY_LIMITS.COMPACT_LIST_ITEMS) {
+      lines.push(`  ... +${actionable.length - DISPLAY_LIMITS.COMPACT_LIST_ITEMS} more usable items`);
+    }
+    if (other.length > 0) {
+      lines.push(`  \u{1F4C1} Other: ${other.length} items (files, certificates, etc.)`);
     }
+    if (actionable.length > 0) {
+      lines.push(`  \u26A0\uFE0F Cross-service attack: Try ALL \u26A1 USABLE credentials/tokens on ALL discovered services.`);
+    }
+  }
+  static formatTodos(state, lines) {
     const todo = state.getTodo();
-    if (todo.length > 0) {
-      lines.push(`TODO (${todo.length}):`);
-      for (const t of todo.slice(0, DISPLAY_LIMITS.COMPACT_LIST_ITEMS)) {
-        const status = t.status === TODO_STATUSES.DONE ? "[x]" : t.status === TODO_STATUSES.IN_PROGRESS ? "[->]" : "[ ]";
-        lines.push(`  ${status} ${t.content} (${t.priority})`);
-      }
+    if (todo.length === 0) return;
+    lines.push(`TODO (${todo.length}):`);
+    for (const t of todo.slice(0, DISPLAY_LIMITS.COMPACT_LIST_ITEMS)) {
+      const status = t.status === TODO_STATUSES.DONE ? "[x]" : t.status === TODO_STATUSES.IN_PROGRESS ? "[->]" : "[ ]";
+      lines.push(`  ${status} ${t.content} (${t.priority})`);
     }
+  }
+  static formatEnvironment(state, lines) {
     const resourceInfo = getResourceSummary();
     if (resourceInfo) {
       lines.push(resourceInfo);
@@ -4785,13 +5094,11 @@ BLOCKED (leak real IP): ping, traceroute, dig, nslookup, nmap -sU`
     } else {
       lines.push(`Tor Proxy: OFF \u2014 direct connections.`);
     }
-    lines.push(`Phase: ${state.getPhase()}`);
-    return lines.join("\n");
   }
 };
 
 // src/engine/state/state-persistence/saver.ts
-import { writeFileSync as writeFileSync5, readdirSync, statSync, unlinkSync as unlinkSync4 } from "fs";
+import { writeFileSync as writeFileSync5, readdirSync, statSync, unlinkSync as unlinkSync5 } from "fs";
 import { join as join4 } from "path";
 function saveState(state) {
   const sessionsDir = WORKSPACE.SESSIONS;
@@ -4829,7 +5136,7 @@ function pruneOldSessions(sessionsDir) {
     }).sort((a, b) => b.mtime - a.mtime);
     const toDelete = sessionFiles.slice(AGENT_LIMITS.MAX_SESSION_FILES);
     for (const file of toDelete) {
-      unlinkSync4(file.path);
+      unlinkSync5(file.path);
     }
   } catch {
   }
@@ -5587,6 +5894,18 @@ Examples:
         };
       }
       state.setPhase(newPhase);
+      const targets = state.getAllTargets();
+      const primaryTarget = targets[0]?.ip ?? "unknown";
+      const loot = state.getLoot();
+      const usableCreds = loot.filter((l) => ["credential", "hash", "token"].includes(l.type)).map((l) => l.detail).slice(0, 10);
+      state.persistentMemory.saveSessionSnapshot({
+        target: primaryTarget,
+        phase: newPhase,
+        achieved: [`Phase transition: ${oldPhase} \u2192 ${newPhase}. Reason: ${reason}`],
+        next: [`Continue from ${newPhase} phase on ${primaryTarget}`],
+        credentials: usableCreds,
+        savedAt: Date.now()
+      });
       events.emit({
         type: EVENT_TYPES.PHASE_CHANGE,
         timestamp: Date.now(),
@@ -5599,7 +5918,64 @@ Examples:
       return {
         success: true,
         output: `Phase changed: ${oldPhase} \u2192 ${newPhase}
-Reason: ${reason}`
+Reason: ${reason}
+[Session snapshot saved for resumption]`
+      };
+    }
+  },
+  {
+    name: TOOL_NAMES.SAVE_SESSION_SNAPSHOT,
+    description: `Save a session snapshot for long-session resumption (Insane-level boxes).
+
+WHY: Insane boxes require multi-hour sessions spanning restarts.
+Call this when you reach a major milestone so the next session can resume immediately.
+
+WHEN to call:
+  - You gained a shell (record it with what you know so far)
+  - Phase transition (root \u2192 post-exploit \u2192 lateral)
+  - Flag captured (record what's next)
+  - Before ending a session voluntarily
+
+The snapshot persists to disk and is auto-injected into the Strategist on the next session start.`,
+    parameters: {
+      target: { type: "string", description: "Target IP or hostname" },
+      achieved: {
+        type: "array",
+        items: { type: "string" },
+        description: "What has been achieved (foothold, privesc steps, flags captured)"
+      },
+      next: {
+        type: "array",
+        items: { type: "string" },
+        description: "Prioritized list of next steps for the next session"
+      },
+      credentials: {
+        type: "array",
+        items: { type: "string" },
+        description: 'Usable credentials in "user:pass" or "user:hash" format'
+      },
+      notes: { type: "string", description: "Optional free-text notes for next session" }
+    },
+    required: ["target", "achieved", "next"],
+    execute: async (p) => {
+      const snapshot = {
+        target: p.target,
+        phase: state.getPhase(),
+        achieved: p.achieved || [],
+        next: p.next || [],
+        credentials: p.credentials || [],
+        notes: p.notes,
+        savedAt: Date.now()
+      };
+      state.persistentMemory.saveSessionSnapshot(snapshot);
+      return {
+        success: true,
+        output: `Session snapshot saved.
+Target: ${snapshot.target}
+Phase: ${snapshot.phase}
+Achieved: ${snapshot.achieved.length} items
+Next: ${snapshot.next.length} priorities
+Creds: ${snapshot.credentials.length}`
       };
     }
   }
@@ -5747,11 +6123,16 @@ Types: credential, hash, token, ssh_key, api_key, file, session, ticket, certifi
       }
     }
     state.episodicMemory.record("access_gained", `Loot [${lootTypeStr}] from ${host}: ${detail.slice(0, DISPLAY_LIMITS.MEMORY_EVENT_PREVIEW)}`);
+    const targets = state.getAllTargets();
+    const knownSvcs = targets.flatMap((t) => t.ports.map((p2) => `${t.ip}:${p2.port}(${p2.service || "?"})`)).slice(0, 6).join(", ");
+    const sprayHint = knownSvcs ? `NEXT ACTION: spray on ALL discovered services \u2014 ${knownSvcs}` : `NEXT ACTION: spray on SSH/FTP/SMB/RDP/web-login on all discovered hosts`;
     return {
       success: true,
       output: `Loot recorded: [${lootTypeStr}] from ${host}
 Detail: ${detail}
-` + (isCrackable ? `This is crackable. Consider: hash_crack({ hashes: "${detail.slice(0, DISPLAY_LIMITS.LOOT_DETAIL_PREVIEW)}..." })` : `Consider credential reuse / lateral movement with this loot.`)
+` + (isCrackable ? `Hash detected. Options:
+  (1) hash_crack immediately
+  (2) pass-the-hash if NTLM: use on SMB/WMI/RDP without cracking` : sprayHint)
     };
   }
 });
@@ -5825,78 +6206,6 @@ function buildNote(matched, fpMatched, confidence) {
   return parts.join(" | ");
 }
 
-// src/shared/utils/knowledge/service-vuln.ts
-var SERVICE_VULN_MAP = {
-  // Apache
-  "apache/2.4.49": {
-    cves: ["CVE-2021-41773"],
-    exploits: ['curl --path-as-is "http://TARGET/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"'],
-    priority: "critical",
-    checks: ["Path traversal to RCE"]
-  },
-  "apache/2.4.50": {
-    cves: ["CVE-2021-42013"],
-    exploits: ['curl --path-as-is "http://TARGET/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd"'],
-    priority: "critical",
-    checks: ["Path traversal bypass"]
-  },
-  // SSH
-  "openssh/7.2": {
-    cves: ["CVE-2016-10009", "CVE-2016-10010"],
-    exploits: ["Check for Roaming auth bypass"],
-    priority: "medium",
-    checks: ["Version disclosure", "Weak algorithms"]
-  },
-  // vsftpd
-  "vsftpd/2.3.4": {
-    cves: ["CVE-2011-2523"],
-    exploits: ["Connect with username containing :) to trigger backdoor on port 6200"],
-    priority: "critical",
-    checks: ["Backdoor trigger: user:)"]
-  },
-  // SMB
-  "samba/3.0": {
-    cves: ["CVE-2004-0882"],
-    exploits: ["trans2open exploit"],
-    priority: "high",
-    checks: ["SMBv1 enabled"]
-  },
-  "smb": {
-    cves: ["MS17-010"],
-    exploits: ["EternalBlue exploit"],
-    priority: "critical",
-    checks: ["nmap --script smb-vuln-ms17-010"]
-  },
-  // MySQL
-  "mysql/5.0": {
-    cves: ["CVE-2012-2122"],
-    exploits: ["MariaDB/CMySQL authentication bypass"],
-    priority: "high",
-    checks: ["Try root without password", "mysql -u root"]
-  },
-  // Redis
-  "redis": {
-    cves: [],
-    exploits: ["Unauthenticated RCE via CONFIG SET dir + SLAVEOF"],
-    priority: "critical",
-    checks: ["redis-cli -h TARGET ping", "CONFIG GET dir"]
-  },
-  // Jenkins
-  "jenkins": {
-    cves: [],
-    exploits: ["Script Console RCE", "CVE-2019-1003000"],
-    priority: "high",
-    checks: ["/scriptText endpoint", "/manage/scriptConsole"]
-  },
-  // Elasticsearch
-  "elasticsearch/1": {
-    cves: ["CVE-2014-3120"],
-    exploits: ["Groovy sandbox bypass RCE"],
-    priority: "critical",
-    checks: ["Dynamic script execution"]
-  }
-};
-
 // src/shared/utils/knowledge/ctf/patterns.ts
 var FLAG_PATTERNS = {
   // Generic CTF flag formats
@@ -5998,119 +6307,6 @@ function detectFlags(output) {
   return Array.from(found);
 }
 
-// src/shared/utils/knowledge/vulns.ts
-var CHALLENGE_TYPE_SIGNALS = {
-  web: [
-    "http",
-    "https",
-    "nginx",
-    "apache",
-    "flask",
-    "express",
-    "php",
-    "node",
-    "django",
-    "rails",
-    "wordpress",
-    "login form",
-    "graphql",
-    "websocket",
-    "oauth",
-    "jwt",
-    "cookie",
-    "grpc"
-  ],
-  pwn: [
-    "buffer overflow",
-    "SUID",
-    "stack",
-    "heap",
-    "format string",
-    "ELF",
-    "binary",
-    "pwntools",
-    "libc",
-    "canary",
-    "NX",
-    "PIE",
-    "seccomp",
-    "shellcode",
-    "tcache",
-    "fastbin",
-    "house of"
-  ],
-  crypto: [
-    "RSA",
-    "AES",
-    "cipher",
-    "decrypt",
-    "encrypt",
-    "key",
-    "modulus",
-    "prime",
-    "hash",
-    "base64",
-    "XOR",
-    "padding oracle",
-    "elliptic curve",
-    "lattice",
-    "LLL",
-    "ECDSA",
-    "nonce"
-  ],
-  forensics: [
-    "pcap",
-    "memory dump",
-    "disk image",
-    "steganography",
-    "exif",
-    "binwalk",
-    "volatility",
-    "autopsy",
-    "file carving",
-    "wireshark",
-    "firmware",
-    "ext4",
-    "ntfs",
-    "registry"
-  ],
-  reversing: [
-    "reverse",
-    "disassemble",
-    "decompile",
-    "ghidra",
-    "ida",
-    "radare2",
-    "upx",
-    "packed",
-    "obfuscated",
-    "android",
-    "apk",
-    "angr",
-    "z3",
-    "frida",
-    "crackme",
-    "keygen",
-    "dnspy"
-  ],
-  misc: [
-    "OSINT",
-    "trivia",
-    "scripting",
-    "pyjail",
-    "sandbox escape",
-    "qr code",
-    "morse",
-    "braille",
-    "jail",
-    "rbash",
-    "restricted",
-    "seccomp",
-    "filter bypass",
-    "escape"
-  ]
-};
-
 // src/shared/utils/knowledge/owasp/history/2017.ts
 var OWASP_2017 = {
   A01: { name: "Injection", desc: "SQL, NoSQL, OS, and LDAP injection.", tools: ["sqlmap", "commix"] },
@@ -6410,94 +6606,30 @@ var SMB_PORTS = [
   SERVICE_PORTS.SMB_NETBIOS
 ];
 
-// src/shared/constants/scoring.ts
-var ATTACK_SCORING = {
-  /** Base score for all attack prioritization */
-  BASE_SCORE: 50,
-  /** Maximum possible score */
-  MAX_SCORE: 100,
-  /** Bonus for critical infrastructure services (SSH, RDP, DB, etc.) */
-  CRITICAL_SERVICE_BONUS: 20,
-  /** Bonus when service version is known (enables CVE lookup) */
-  VERSION_KNOWN_BONUS: 15,
-  /** Bonus when known critical CVE exists for the service version */
-  CRITICAL_CVE_BONUS: 30,
-  /** Bonus for sensitive services running without authentication */
-  NO_AUTH_BONUS: 25,
-  /** Bonus for plaintext HTTP on service ports (no HTTPS) */
-  PLAINTEXT_HTTP_BONUS: 10
-};
-
-// src/shared/utils/knowledge/planning/scoring.ts
-function calculateAttackPriority(findings) {
-  let score = ATTACK_SCORING.BASE_SCORE;
-  if (CRITICAL_SERVICE_PORTS.includes(findings.port)) {
-    score += ATTACK_SCORING.CRITICAL_SERVICE_BONUS;
-  }
-  if (findings.version) {
-    score += ATTACK_SCORING.VERSION_KNOWN_BONUS;
-    const key = `${findings.service.toLowerCase()}/${findings.version.split(".")[0]}`;
-    if (SERVICE_VULN_MAP[key]?.priority === "critical") {
-      score += ATTACK_SCORING.CRITICAL_CVE_BONUS;
-    }
-  }
-  if (!findings.hasAuth && NO_AUTH_CRITICAL_PORTS.includes(findings.port)) {
-    score += ATTACK_SCORING.NO_AUTH_BONUS;
-  }
-  if (PLAINTEXT_HTTP_PORTS.includes(findings.port) && !findings.isHttps) {
-    score += ATTACK_SCORING.PLAINTEXT_HTTP_BONUS;
-  }
-  return Math.min(score, ATTACK_SCORING.MAX_SCORE);
-}
-
 // src/shared/utils/knowledge/planning/recommendations.ts
-function getAttacksForService(service, port) {
-  const attacks = [];
+function getServiceContext(service, port) {
   const svc = service.toLowerCase();
+  const facts = [];
   if (WEB_SERVICE_PORTS.includes(port)) {
-    attacks.push(
-      "OWASP-A01: Directory brute force",
-      "OWASP-A03: SQLi testing",
-      "OWASP-A03: XSS testing",
-      "OWASP-A05: Header analysis",
-      "OWASP-A10: SSRF testing",
-      "OWASP-A06: Version fingerprinting"
-    );
+    if (port === 443 || port === 8443) facts.push("TLS/HTTPS");
+    if (port === 8080 || port === 8e3 || port === 8888) facts.push("Non-standard HTTP port \u2014 often dev/admin panels");
+    return { category: "web", facts };
   }
   if (port === SERVICE_PORTS.SSH || svc.includes("ssh")) {
-    attacks.push(
-      "SSH version scan",
-      "Brute force common credentials",
-      "SSH key enumeration",
-      "Check for weak algorithms"
-    );
+    if (port !== SERVICE_PORTS.SSH) facts.push(`Non-standard SSH port (${port})`);
+    return { category: "ssh", facts };
   }
-  if (SMB_PORTS.includes(port) || svc.includes("smb")) {
-    attacks.push(
-      "MS17-010 EternalBlue check",
-      "SMB enumeration",
-      "Null session test",
-      "Share enumeration"
-    );
+  if (SMB_PORTS.includes(port) || svc.includes("smb") || svc.includes("netbios")) {
+    return { category: "smb", facts };
   }
-  if (DATABASE_PORTS.includes(port) || svc.includes("sql") || svc.includes("mongo") || svc.includes("redis")) {
-    attacks.push(
-      "Default credential test",
-      "Unauthenticated access check",
-      "SQLi through web app",
-      "UDF injection",
-      "NoSQL injection"
-    );
+  if (DATABASE_PORTS.includes(port) || svc.includes("sql") || svc.includes("mongo") || svc.includes("redis") || svc.includes("postgres")) {
+    facts.push("Database service \u2014 check for unauthenticated access");
+    return { category: "database", facts };
   }
   if (port === SERVICE_PORTS.FTP || svc.includes("ftp")) {
-    attacks.push(
-      "Anonymous login test",
-      "Brute force credentials",
-      "VSFTPD backdoor check",
-      "Directory traversal"
-    );
+    return { category: "ftp", facts };
   }
-  return attacks;
+  return { category: "other", facts };
 }
 
 // src/shared/constants/prompts/paths.ts
@@ -6536,7 +6668,11 @@ var TECHNIQUE_FILES = {
   REVERSING: "reversing",
   FORENSICS: "forensics",
   PWN: "pwn",
-  SHELLS: "shells"
+  SHELLS: "shells",
+  /** Multi-hop pivoting and tunneling (2차 — Hard/Insane support) */
+  PIVOTING: "pivoting",
+  /** Enterprise internal network: AD Forest, Cloud pivoting, SCCM, persistence (4차 — DEF CON/Enterprise) */
+  ENTERPRISE_PENTEST: "enterprise-pentest"
 };
 var PROMPT_CONFIG = {
   ENCODING: "utf-8"
@@ -6598,7 +6734,7 @@ var TYPE_TECHNIQUE_MAP = {
   forensics: [TECHNIQUE_FILES.FORENSICS, TECHNIQUE_FILES.REVERSING, TECHNIQUE_FILES.CRYPTO],
   reversing: [TECHNIQUE_FILES.REVERSING, TECHNIQUE_FILES.PWN],
   misc: [TECHNIQUE_FILES.SANDBOX_ESCAPE, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.FORENSICS],
-  network: [TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AD_ATTACK],
+  network: [TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AD_ATTACK, TECHNIQUE_FILES.PIVOTING],
   unknown: [TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.FILE_ATTACKS]
 };
 var TYPE_PHASE_PROMPT_MAP = {
@@ -6611,19 +6747,122 @@ var TYPE_PHASE_PROMPT_MAP = {
   network: "recon.md",
   unknown: "recon.md"
 };
-var TYPE_STRATEGY_MAP = {
-  web: "Web challenge detected. Priority: directory fuzzing \u2192 injection testing \u2192 authentication bypass \u2192 file upload \u2192 SSRF/SSTI. Check source code, cookies, JWT tokens.",
-  pwn: "Binary exploitation challenge. Priority: checksec \u2192 binary analysis \u2192 find vulnerability class \u2192 develop exploit. Tools: gdb, pwntools, radare2.",
-  crypto: "Cryptography challenge. Priority: identify algorithm \u2192 find weakness \u2192 write solver script. Check for weak keys, reused nonces, padding oracle, ECB mode.",
-  forensics: "Forensics challenge. Priority: file identification \u2192 extract data \u2192 analyze artifacts. Tools: binwalk, volatility, wireshark, exiftool, foremost.",
-  reversing: "Reverse engineering challenge. Priority: identify binary type \u2192 static analysis \u2192 dynamic analysis \u2192 extract flag/keygen. Tools: ghidra, radare2, ltrace, strace.",
-  misc: "Miscellaneous challenge. Priority: understand the puzzle \u2192 check for sandbox escape, scripting, OSINT, encoding. Think creatively.",
-  network: "Network/infrastructure challenge. Priority: service enumeration \u2192 version CVE search \u2192 exploit \u2192 privilege escalation \u2192 lateral movement.",
-  unknown: "Challenge type unclear. Run broad reconnaissance first, then adapt based on findings."
-};
 
 // src/shared/utils/knowledge/challenge/engine.ts
 var SECONDARY_TYPE_RATIO = 0.5;
+var WEB_PORT_PATTERN = /\b(80|443|8080|8443|3000|5000|8000)\b/;
+var INFRA_PORT_PATTERN = /\b(21|22|23|25|53|445|139|3389|5985)\b/;
+var CHALLENGE_TYPE_SIGNALS = {
+  web: [
+    "http",
+    "https",
+    "nginx",
+    "apache",
+    "flask",
+    "express",
+    "php",
+    "node",
+    "django",
+    "rails",
+    "wordpress",
+    "login form",
+    "graphql",
+    "websocket",
+    "oauth",
+    "jwt",
+    "cookie",
+    "grpc"
+  ],
+  pwn: [
+    "buffer overflow",
+    "SUID",
+    "stack",
+    "heap",
+    "format string",
+    "ELF",
+    "binary",
+    "pwntools",
+    "libc",
+    "canary",
+    "NX",
+    "PIE",
+    "seccomp",
+    "shellcode",
+    "tcache",
+    "fastbin",
+    "house of"
+  ],
+  crypto: [
+    "RSA",
+    "AES",
+    "cipher",
+    "decrypt",
+    "encrypt",
+    "key",
+    "modulus",
+    "prime",
+    "hash",
+    "base64",
+    "XOR",
+    "padding oracle",
+    "elliptic curve",
+    "lattice",
+    "LLL",
+    "ECDSA",
+    "nonce"
+  ],
+  forensics: [
+    "pcap",
+    "memory dump",
+    "disk image",
+    "steganography",
+    "exif",
+    "binwalk",
+    "volatility",
+    "autopsy",
+    "file carving",
+    "wireshark",
+    "firmware",
+    "ext4",
+    "ntfs",
+    "registry"
+  ],
+  reversing: [
+    "reverse",
+    "disassemble",
+    "decompile",
+    "ghidra",
+    "ida",
+    "radare2",
+    "upx",
+    "packed",
+    "obfuscated",
+    "android",
+    "apk",
+    "angr",
+    "z3",
+    "frida",
+    "crackme",
+    "keygen",
+    "dnspy"
+  ],
+  misc: [
+    "OSINT",
+    "trivia",
+    "scripting",
+    "pyjail",
+    "sandbox escape",
+    "qr code",
+    "morse",
+    "braille",
+    "jail",
+    "rbash",
+    "restricted",
+    "seccomp",
+    "filter bypass",
+    "escape"
+  ]
+};
 function analyzeChallenge(reconData) {
   if (!reconData || reconData.trim().length === 0) {
     return {
@@ -6632,8 +6871,7 @@ function analyzeChallenge(reconData) {
       confidence: 0,
       matchedSignals: [],
       recommendedTechniques: TYPE_TECHNIQUE_MAP.unknown,
-      recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP.unknown,
-      strategySuggestion: TYPE_STRATEGY_MAP.unknown
+      recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP.unknown
     };
   }
   const lowerData = reconData.toLowerCase();
@@ -6657,11 +6895,11 @@ function analyzeChallenge(reconData) {
       }
     }
   }
-  if (/\b(80|443|8080|8443|3000|5000|8000)\b/.test(reconData)) {
+  if (WEB_PORT_PATTERN.test(reconData)) {
     scores.web.score += 2;
     scores.web.signals.push("web-port");
   }
-  if (/\b(21|22|23|25|53|445|139|3389|5985)\b/.test(reconData)) {
+  if (INFRA_PORT_PATTERN.test(reconData)) {
     scores.network.score += 2;
     scores.network.signals.push("infra-port");
   }
@@ -6689,8 +6927,7 @@ function analyzeChallenge(reconData) {
     confidence,
     matchedSignals: primaryData.signals,
     recommendedTechniques: TYPE_TECHNIQUE_MAP[primaryType] || TYPE_TECHNIQUE_MAP.unknown,
-    recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP[primaryType] || TYPE_PHASE_PROMPT_MAP.unknown,
-    strategySuggestion: TYPE_STRATEGY_MAP[primaryType] || TYPE_STRATEGY_MAP.unknown
+    recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP[primaryType] || TYPE_PHASE_PROMPT_MAP.unknown
   };
 }
 
@@ -6704,9 +6941,9 @@ function formatChallengeAnalysis(analysis) {
   if (analysis.secondaryTypes.length > 0) {
     lines.push(`Secondary: ${analysis.secondaryTypes.join(", ")}`);
   }
-  lines.push(`Signals: ${analysis.matchedSignals.join(", ")}`);
-  lines.push(`Strategy: ${analysis.strategySuggestion}`);
-  lines.push(`Focus techniques: ${analysis.recommendedTechniques.join(", ")}`);
+  lines.push(`Matched signals: ${analysis.matchedSignals.join(", ")}`);
+  lines.push(`Reference docs loaded: ${analysis.recommendedTechniques.join(", ")}`);
+  lines.push(`Use get_owasp_knowledge("${analysis.primaryType}") or web_search for current attack techniques.`);
   lines.push(`</challenge-analysis>`);
   return lines.join("\n");
 }
@@ -6775,7 +7012,11 @@ confidence score (0-100) \u2014 technical verification level:
     0 = Pure speculation, no actual test performed
 
 Omit confidence to let the system auto-calculate from evidence.
-Findings with confidence >= 80 appear as CONFIRMED in reports.`,
+Findings with confidence >= 80 appear as CONFIRMED in reports.
+
+basedOnFindingIds: If this finding is INFERRED from existing findings (not directly observed),
+provide the IDs of those findings. The system will automatically set inferenceDepth = max(ref.depth)+1.
+Example: you found SQLi evidence from a previous LFI finding \u2192 basedOnFindingIds: ["<lfi-finding-id>"]`,
   parameters: {
     title: { type: "string", description: 'Concise title (e.g., "Path Traversal via /download endpoint")' },
     severity: { type: "string", description: "Business impact severity: critical, high, medium, low, info" },
@@ -6783,7 +7024,8 @@ Findings with confidence >= 80 appear as CONFIRMED in reports.`,
     description: { type: "string", description: "What the vulnerability is, how you exploited it step-by-step, what access it gives, and the impact." },
     evidence: { type: "array", items: { type: "string" }, description: "Actual command outputs proving the finding. Copy real output here." },
     attackPattern: { type: "string", description: "MITRE ATT&CK tactic: initial_access, execution, persistence, privilege_escalation, defense_evasion, credential_access, discovery, lateral_movement, collection, exfiltration, command_and_control, impact" },
-    confidence: { type: "number", description: "Optional override (0-100). Omit to auto-calculate from evidence." }
+    confidence: { type: "number", description: "Optional override (0-100). Omit to auto-calculate from evidence." },
+    basedOnFindingIds: { type: "array", items: { type: "string" }, description: "IDs of existing findings this finding is inferred from. Triggers automatic inferenceDepth calculation. Omit for directly observed findings." }
   },
   required: ["title", "severity", "description", "evidence"],
   execute: async (p) => {
@@ -6793,6 +7035,7 @@ Findings with confidence >= 80 appear as CONFIRMED in reports.`,
     const affected = parseStringArray(p.affected);
     const description = parseString(p.description);
     const attackPattern = parseString(p.attackPattern);
+    const basedOnFindingIds = parseStringArray(p.basedOnFindingIds).filter(Boolean);
     const validation = validateFinding(evidence);
     const rawOverride = p.confidence;
     const confidence = typeof rawOverride === "number" && rawOverride >= 0 && rawOverride <= 100 ? Math.round(rawOverride) : validation.confidence;
@@ -6806,7 +7049,8 @@ Findings with confidence >= 80 appear as CONFIRMED in reports.`,
       evidence,
       remediation: "",
       foundAt: Date.now(),
-      ...attackPattern && isValidAttackTactic(attackPattern) ? { attackPattern } : {}
+      ...attackPattern && isValidAttackTactic(attackPattern) ? { attackPattern } : {},
+      ...basedOnFindingIds.length > 0 ? { basedOnFindingIds } : {}
     });
     const hasExploit = confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED;
     const target = affected[0] || DEFAULTS.UNKNOWN_SERVICE;
@@ -6967,6 +7211,7 @@ async function searchCVE(service, version) {
 
 // src/engine/web-search-providers/common.ts
 var SEARCH_TIMEOUT_MS = 15e3;
+var API_ERROR_PREVIEW = DISPLAY_LIMITS.API_ERROR_PREVIEW;
 
 // src/engine/web-search-providers/glm.ts
 function generateRequestId() {
@@ -7005,7 +7250,7 @@ async function searchWithGLM(query, apiKey, apiUrl) {
     } catch {
     }
     debugLog("search", "GLM response ERROR", { status: response.status, error: errorText });
-    return { success: false, output: "", error: `GLM Search API error ${response.status}: ${errorText.slice(0, 500)}` };
+    return { success: false, output: "", error: `GLM Search API error ${response.status}: ${errorText.slice(0, API_ERROR_PREVIEW)}` };
   }
   let data;
   try {
@@ -7056,7 +7301,7 @@ async function searchWithBrave(query, apiKey, apiUrl) {
     } catch {
     }
     debugLog("search", "Brave response ERROR", { status: response.status, error: errorText });
-    return { success: false, output: "", error: `Brave API error ${response.status}: ${errorText.slice(0, 500)}` };
+    return { success: false, output: "", error: `Brave API error ${response.status}: ${errorText.slice(0, API_ERROR_PREVIEW)}` };
   }
   let data;
   try {
@@ -7106,7 +7351,7 @@ async function searchWithSerper(query, apiKey, apiUrl) {
     } catch {
     }
     debugLog("search", "Serper response ERROR", { status: response.status, error: errorText });
-    return { success: false, output: "", error: `Serper API error ${response.status}: ${errorText.slice(0, 500)}` };
+    return { success: false, output: "", error: `Serper API error ${response.status}: ${errorText.slice(0, API_ERROR_PREVIEW)}` };
   }
   let data;
   try {
@@ -7153,7 +7398,7 @@ async function searchWithGenericApi(query, apiKey, apiUrl) {
       errorText = await response.text();
     } catch {
     }
-    return { success: false, output: "", error: `Search API error ${response.status}: ${errorText.slice(0, 500)}` };
+    return { success: false, output: "", error: `Search API error ${response.status}: ${errorText.slice(0, API_ERROR_PREVIEW)}` };
   }
   let data;
   try {
@@ -7180,7 +7425,11 @@ var BROWSER_LIMITS = {
   ADVISORY_WAIT_TIME: 2e3
 };
 var BROWSER_PATHS = {
-  TEMP_DIR_NAME: "pentest-browser"
+  TEMP_DIR_NAME: "pentest-browser",
+  /** §4 Session: Playwright storageState 저장 파일명 */
+  SESSION_FILE: "browser-session.json",
+  /** §4 Session: 추출된 Bearer/Cookie 헤더 저장 파일명 (curl/python 등 범용 도구용) */
+  AUTH_HEADERS_FILE: "auth-headers.json"
 };
 
 // src/shared/constants/browser/playwright.ts
@@ -7292,7 +7541,7 @@ function safeJsString(str) {
 
 // src/engine/tools/web-browser/scripts/runner.ts
 import { spawn as spawn6 } from "child_process";
-import { writeFileSync as writeFileSync6, unlinkSync as unlinkSync5 } from "fs";
+import { writeFileSync as writeFileSync6, unlinkSync as unlinkSync6 } from "fs";
 import { join as join7 } from "path";
 import { tmpdir as tmpdir2 } from "os";
 function runPlaywrightScript(script, timeout, scriptPrefix) {
@@ -7325,7 +7574,7 @@ function runPlaywrightScript(script, timeout, scriptPrefix) {
     child.stderr.on("data", (data) => stderr += data);
     child.on("close", (code) => {
       try {
-        unlinkSync5(scriptPath);
+        unlinkSync6(scriptPath);
       } catch {
       }
       if (code !== 0) {
@@ -7352,7 +7601,7 @@ function runPlaywrightScript(script, timeout, scriptPrefix) {
     });
     child.on("error", (err) => {
       try {
-        unlinkSync5(scriptPath);
+        unlinkSync6(scriptPath);
       } catch {
       }
       resolve({
@@ -7364,16 +7613,97 @@ function runPlaywrightScript(script, timeout, scriptPrefix) {
   });
 }
 
+// src/engine/tools/web-browser/scripts/snippets/auth-capture.ts
+function getNetworkAuthInterceptSnippet(varName = "_capturedHeaders") {
+  return `
+    // \xA7LLM-AUTONOMY: Network intercept \u2014 capture real auth headers from HTTP traffic.
+    // No hardcoded key names. Whatever the app sends, we record it.
+    const ${varName} = {};
+    await page.route('**', async (route) => {
+        const hdrs = route.request().headers();
+        if (hdrs['authorization']) ${varName}['Authorization'] = hdrs['authorization'];
+        if (hdrs['x-csrf-token']) ${varName}['x-csrf-token'] = hdrs['x-csrf-token'];
+        if (hdrs['x-api-key']) ${varName}['x-api-key'] = hdrs['x-api-key'];
+        if (hdrs['x-auth-token']) ${varName}['x-auth-token'] = hdrs['x-auth-token'];
+        await route.continue();
+    });
+`;
+}
+function getStorageAndAuthDumpSnippet(capturedVarName = "_capturedHeaders", safeSessionPath) {
+  return `
+        // \u2460 Network intercept: capture actual Authorization/Cookie headers sent during this session
+        // WHY: More reliable than guessing storage key names.
+        //      Whatever the app calls its token, we capture it from real HTTP traffic.
+        const _intercepted = ${capturedVarName} || {};
+
+        // \u2461 Full storage dump \u2192 LLM decides which value is the auth token
+        const _allStorage = await page.evaluate(() => {
+            const out = { localStorage: {}, sessionStorage: {} };
+            for (let i = 0; i < localStorage.length; i++) {
+                const k = localStorage.key(i);
+                if (k) out.localStorage[k] = localStorage.getItem(k);
+            }
+            for (let i = 0; i < sessionStorage.length; i++) {
+                const k = sessionStorage.key(i);
+                if (k) out.sessionStorage[k] = sessionStorage.getItem(k);
+            }
+            return out;
+        });
+
+        // \u2462 Cookies \u2014 full list including HttpOnly (server-side)
+        const _cookies = await context.cookies();
+        const _cookieHeader = _cookies.map(c => c.name + '=' + c.value).join('; ');
+
+        // \u2463 Build auth-headers.json:
+        //    Priority: intercepted network header > storage token-like values > cookies
+        const _authHeaders = {};
+
+        // Network-intercepted Authorization wins (most reliable)
+        if (_intercepted.Authorization) {
+            _authHeaders['Authorization'] = _intercepted.Authorization;
+        } else {
+            // Fallback: find any storage value that looks like a JWT/Bearer token
+            // Let LLM decide later by inspecting raw 'storage' field
+            const _allValues = [
+                ...Object.entries(_allStorage.localStorage),
+                ...Object.entries(_allStorage.sessionStorage)
+            ];
+            const _tokenEntry = _allValues.find(([, v]) =>
+                typeof v === 'string' && (v.startsWith('eyJ') || v.startsWith('Bearer '))
+            );
+            if (_tokenEntry) {
+                const _raw = _tokenEntry[1];
+                _authHeaders['Authorization'] = _raw.startsWith('Bearer ') ? _raw : 'Bearer ' + _raw;
+            }
+        }
+
+        if (_cookieHeader) _authHeaders['Cookie'] = _cookieHeader;
+        if (_intercepted['x-csrf-token']) _authHeaders['X-CSRF-Token'] = _intercepted['x-csrf-token'];
+        if (_intercepted['x-api-key']) _authHeaders['X-API-Key'] = _intercepted['x-api-key'];
+
+        // Raw storage dump for LLM to inspect (truncated per value)
+        _authHeaders['_storage'] = JSON.stringify({
+            ls: Object.fromEntries(Object.entries(_allStorage.localStorage).map(([k, v]) => [k, String(v).slice(0, 300)])),
+            ss: Object.fromEntries(Object.entries(_allStorage.sessionStorage).map(([k, v]) => [k, String(v).slice(0, 300)]))
+        });
+
+        const _authHeadersPath = ${safeSessionPath}.replace('${BROWSER_PATHS.SESSION_FILE}', '${BROWSER_PATHS.AUTH_HEADERS_FILE}');
+        fs.writeFileSync(_authHeadersPath, JSON.stringify(_authHeaders, null, 2), { mode: 0o600 });
+`;
+}
+
 // src/engine/tools/web-browser/scripts/builder.ts
-function buildBrowseScript(url, options, screenshotPath) {
+function buildBrowseScript(url, options, screenshotPath, sessionPath) {
   const safeUrl = safeJsString(url);
   const safeUserAgent = safeJsString(options.userAgent || BROWSER_CONFIG.DEFAULT_USER_AGENT);
   const safeScreenshotPath = screenshotPath ? safeJsString(screenshotPath) : "null";
   const safeExtraHeaders = JSON.stringify(options.extraHeaders || {});
   const playwrightPath = getPlaywrightPath();
   const safePlaywrightPath = safeJsString(playwrightPath);
+  const safeSessionPath = sessionPath ? safeJsString(sessionPath) : null;
   return `
 const { chromium } = require(${safePlaywrightPath});
+const fs = require('fs');
 
 (async () => {
     const browser = await chromium.launch({
@@ -7381,21 +7711,30 @@ const { chromium } = require(${safePlaywrightPath});
         args: ['${PLAYWRIGHT_ARG.NO_SANDBOX}', '${PLAYWRIGHT_ARG.DISABLE_SETUID_SANDBOX}', ${JSON.stringify(getTorBrowserArgs()).slice(1, -1)}].filter(Boolean)
     });
 
-    const context = await browser.newContext({
+    // \xA74 Browser Session: load existing session if requested
+    const contextOptions = {
         userAgent: ${safeUserAgent},
         viewport: { width: ${options.viewport.width}, height: ${options.viewport.height} },
         extraHTTPHeaders: ${safeExtraHeaders}
-    });
+    };
+    ${safeSessionPath && options.useSession ? `
+    if (fs.existsSync(${safeSessionPath})) {
+        contextOptions.storageState = ${safeSessionPath};
+    }` : ""}
+
+    const context = await browser.newContext(contextOptions);
 
     const page = await context.newPage();
 
+    ${getNetworkAuthInterceptSnippet("_capturedHeaders")}
+
     try {
         await page.goto(${safeUrl}, { waitUntil: 'networkidle', timeout: ${options.timeout} });
 
         // Wait for dynamic content
         await page.waitForTimeout(${options.waitAfterLoad});
 
-        const result = {};
+        const result = { _interceptedAuth: _capturedHeaders };
 
         // Extract title
         result.title = await page.title();
@@ -7442,6 +7781,118 @@ const { chromium } = require(${safePlaywrightPath});
         // Take screenshot
         ${screenshotPath ? `await page.screenshot({ path: ${safeScreenshotPath}, fullPage: false });` : ""}
 
+        // \xA74 Browser Session: save state + capture auth headers (LLM-independent, no hardcoded keys)
+        ${safeSessionPath && options.saveSession ? `
+        await context.storageState({ path: ${safeSessionPath} });
+        result.sessionSaved = ${safeSessionPath};
+
+        ${getStorageAndAuthDumpSnippet("result._interceptedAuth", safeSessionPath)}
+        result.authHeadersSaved = _authHeadersPath;
+        result.authHeadersNote = 'auth-headers.json contains intercepted network headers + full storage dump. LLM should inspect _storage field for unlabeled tokens.';
+        ` : ""}
+
+        console.log(JSON.stringify(result));
+    } catch (error) {
+        console.log(JSON.stringify({ error: error.message }));
+    } finally {
+        await browser.close();
+    }
+})();
+`;
+}
+function buildFormScript(params) {
+  const { safeUrl, safeFormData, safePlaywrightPath, timeout, useSession, saveSession, safeSessionPath } = params;
+  return `
+const { chromium } = require(${safePlaywrightPath});
+const fs = require('fs');
+
+(async () => {
+    const browser = await chromium.launch({
+        headless: true,
+        args: ['${PLAYWRIGHT_ARG.NO_SANDBOX}', '${PLAYWRIGHT_ARG.DISABLE_SETUID_SANDBOX}', ${JSON.stringify(getTorBrowserArgs()).slice(1, -1)}].filter(Boolean)
+    });
+
+    // \xA74 Session: load existing session if requested
+    const contextOptions = {};
+    ${safeSessionPath && useSession ? `
+    if (fs.existsSync(${safeSessionPath})) {
+        contextOptions.storageState = ${safeSessionPath};
+    }` : ""}
+    const context = await browser.newContext(contextOptions);
+    const page = await context.newPage();
+
+    ${getNetworkAuthInterceptSnippet("_capturedHeaders")}
+
+    try {
+        await page.goto(${safeUrl}, { waitUntil: 'networkidle', timeout: ${timeout} });
+
+        // \xA7LLM-AUTONOMY: Semantic form field matching via Accessibility Tree + multiple strategies.
+        // No hardcoded CSS selector rules. Tries in priority order:
+        //   1. name/id attribute (exact)
+        //   2. aria-label / placeholder semantic match (case-insensitive)
+        //   3. input[type] semantic inference (username\u2192text, password\u2192password)
+        const formData = ${safeFormData};
+        for (const [fieldKey, fieldValue] of Object.entries(formData)) {
+            const lk = fieldKey.toLowerCase();
+
+            // Strategy 1: exact name/id/aria-label attribute
+            let el = await page.$(\`[name="\${fieldKey}"], #\${fieldKey}\`);
+
+            // Strategy 2: semantic aria-label or placeholder match
+            if (!el) {
+                el = await page.evaluateHandle((key) => {
+                    const inputs = [...document.querySelectorAll('input, textarea, select')];
+                    return inputs.find(i =>
+                        (i.getAttribute('aria-label') || '').toLowerCase().includes(key) ||
+                        (i.getAttribute('placeholder') || '').toLowerCase().includes(key) ||
+                        (i.getAttribute('name') || '').toLowerCase().includes(key) ||
+                        (i.getAttribute('id') || '').toLowerCase().includes(key)
+                    ) || null;
+                }, lk).then(h => h.asElement());
+            }
+
+            // Strategy 3: type-based inference (username/email/user \u2192 type=text/email, password \u2192 type=password)
+            if (!el) {
+                let inferredType = null;
+                if (['username', 'user', 'email', 'login'].includes(lk)) inferredType = ['text', 'email'];
+                if (['password', 'pass', 'pwd'].includes(lk)) inferredType = ['password'];
+                if (inferredType) {
+                    el = await page.$(\`input[type="\${inferredType[0]}"\${inferredType[1] ? \`, input[type="\${inferredType[1]}"\` : ''}]\`);
+                }
+            }
+
+            if (el) {
+                await el.fill(String(fieldValue));
+            }
+        }
+
+        // \xA7LLM-AUTONOMY: Submit via semantic search \u2014 finds any element that looks like a submit action.
+        const submitEl = await page.$([
+            'button[type="submit"]',
+            'input[type="submit"]',
+            '[role="button"][type="submit"]',
+            'button:has-text("Login"), button:has-text("Sign in"), button:has-text("Submit")',
+            'button:has-text("\uB85C\uADF8\uC778"), button:has-text("\uB85C\uADF8\uC778\uD558\uAE30")',
+        ].join(', ')).catch(() => null);
+
+        if (submitEl) {
+            await submitEl.click();
+            await page.waitForLoadState('networkidle').catch(() => {});
+        }
+
+        // \xA74 Session: save state + capture real auth headers (no hardcoded keys)
+        ${safeSessionPath && saveSession ? `
+        await context.storageState({ path: ${safeSessionPath} });
+
+        ${getStorageAndAuthDumpSnippet("_capturedHeaders", safeSessionPath)}
+        ` : ""}
+
+        const result = {
+            url: page.url(),
+            title: await page.title(),
+            ${safeSessionPath && saveSession ? `authHeadersSaved: ${safeSessionPath}.replace('${BROWSER_PATHS.SESSION_FILE}', '${BROWSER_PATHS.AUTH_HEADERS_FILE}'),` : ""}
+        };
+
         console.log(JSON.stringify(result));
     } catch (error) {
         console.log(JSON.stringify({ error: error.message }));
@@ -7493,12 +7944,27 @@ function formatBrowserOutput(data, options) {
       lines.push("");
     });
   }
+  if (data.authHeadersSaved) {
+    lines.push("## Session Saved");
+    lines.push(`- Playwright state : ${data.sessionSaved || BROWSER_PATHS.SESSION_FILE}`);
+    lines.push(`- Auth headers file: ${data.authHeadersSaved}`);
+    lines.push("");
+    lines.push(`**Next step** \u2014 use ${BROWSER_PATHS.AUTH_HEADERS_FILE} in run_cmd:`);
+    lines.push("```");
+    lines.push(`AUTH=${data.authHeadersSaved}`);
+    lines.push(`TOKEN=$(jq -r .Authorization $AUTH)`);
+    lines.push(`COOKIE=$(jq -r '.["Cookie"]' $AUTH)`);
+    lines.push(`curl -s -H "Authorization: $TOKEN" -H "Cookie: $COOKIE" http://TARGET/api/endpoint`);
+    lines.push("```");
+    lines.push("");
+  }
   return lines.join("\n");
 }
 
 // src/engine/tools/web-browser/browse.ts
 import { join as join8 } from "path";
 import { tmpdir as tmpdir3 } from "os";
+import { mkdirSync as mkdirSync2 } from "fs";
 async function browseUrl(url, options = {}) {
   try {
     const browserOptions = { ...DEFAULT_BROWSER_OPTIONS, ...options };
@@ -7514,7 +7980,12 @@ async function browseUrl(url, options = {}) {
       }
     }
     const screenshotPath = browserOptions.screenshot ? join8(tmpdir3(), BROWSER_PATHS.TEMP_DIR_NAME, `screenshot-${Date.now()}.png`) : void 0;
-    const script = buildBrowseScript(url, browserOptions, screenshotPath);
+    let sessionPath;
+    if (browserOptions.saveSession || browserOptions.useSession) {
+      mkdirSync2(WORKSPACE.TMP, { recursive: true });
+      sessionPath = join8(WORKSPACE.TMP, BROWSER_PATHS.SESSION_FILE);
+    }
+    const script = buildBrowseScript(url, browserOptions, screenshotPath, sessionPath);
     const result = await runPlaywrightScript(script, browserOptions.timeout, "browse");
     if (!result.success) {
       return {
@@ -7547,6 +8018,8 @@ async function browseUrl(url, options = {}) {
 }
 
 // src/engine/tools/web-browser/form.ts
+import { mkdirSync as mkdirSync3 } from "fs";
+import { join as join9 } from "path";
 async function fillAndSubmitForm(url, formData, options = {}) {
   try {
     const browserOptions = { ...DEFAULT_BROWSER_OPTIONS, ...options };
@@ -7554,49 +8027,21 @@ async function fillAndSubmitForm(url, formData, options = {}) {
     const safeFormData = JSON.stringify(formData);
     const playwrightPath = getPlaywrightPath();
     const safePlaywrightPath = safeJsString(playwrightPath);
-    const script = `
-const { chromium } = require(${safePlaywrightPath});
-
-(async () => {
-    const browser = await chromium.launch({
-        headless: true,
-        args: ['--no-sandbox', '--disable-setuid-sandbox', ${JSON.stringify(getTorBrowserArgs()).slice(1, -1)}].filter(Boolean)
+    let sessionPath;
+    if (browserOptions.useSession || browserOptions.saveSession) {
+      mkdirSync3(WORKSPACE.TMP, { recursive: true });
+      sessionPath = join9(WORKSPACE.TMP, BROWSER_PATHS.SESSION_FILE);
+    }
+    const safeSessionPath = sessionPath ? safeJsString(sessionPath) : null;
+    const script = buildFormScript({
+      safeUrl,
+      safeFormData,
+      safePlaywrightPath,
+      timeout: browserOptions.timeout,
+      useSession: !!browserOptions.useSession,
+      saveSession: !!browserOptions.saveSession,
+      safeSessionPath
     });
-    const page = await browser.newPage();
-
-    try {
-        await page.goto(${safeUrl}, { waitUntil: 'networkidle', timeout: ${browserOptions.timeout} });
-
-        // Fill form fields
-        const formData = ${safeFormData};
-        for (const [name, value] of Object.entries(formData)) {
-            const input = await page.$(\`[name="\${name}"], #\${name}, .\${name}\`);
-            if (input) {
-                await input.fill(value);
-            }
-        }
-
-        // Submit form
-        const submitBtn = await page.$('button[type="submit"], input[type="submit"], [type="submit"]');
-        if (submitBtn) {
-            await submitBtn.click();
-            await page.waitForLoadState('networkidle');
-        }
-
-        const result = {
-            url: page.url(),
-            title: await page.title(),
-            content: await page.content()
-        };
-
-        console.log(JSON.stringify(result));
-    } catch (error) {
-        console.log(JSON.stringify({ error: error.message }));
-    } finally {
-        await browser.close();
-    }
-})();
-`;
     const result = await runPlaywrightScript(script, browserOptions.timeout, "form");
     if (!result.success) {
       return {
@@ -7607,10 +8052,33 @@ const { chromium } = require(${safePlaywrightPath});
     }
     if (result.parsedData) {
       const data = result.parsedData;
+      let output = `Form submitted. Current URL: ${data.url}
+Title: ${data.title}`;
+      if (data.authHeadersSaved) {
+        output += `
+
+## Session Saved`;
+        output += `
+- Auth headers: ${data.authHeadersSaved}`;
+        output += `
+
+Usage in run_cmd:`;
+        output += `
+\`\`\``;
+        output += `
+AUTH=${data.authHeadersSaved}`;
+        output += `
+TOKEN=$(jq -r .Authorization $AUTH)`;
+        output += `
+COOKIE=$(jq -r '.["Cookie"]' $AUTH)`;
+        output += `
+curl -s -H "Authorization: $TOKEN" -H "Cookie: $COOKIE" http://TARGET/api/endpoint`;
+        output += `
+\`\`\``;
+      }
       return {
         success: true,
-        output: `Form submitted. Current URL: ${data.url}
-Title: ${data.title}`,
+        output,
         extractedData: result.parsedData
       };
     }
@@ -7707,7 +8175,7 @@ async function searchWithZai(query) {
       errorText = await response.text();
     } catch {
     }
-    lastError = `z.ai web search API error ${response.status}: ${errorText.slice(0, 500)}`;
+    lastError = `z.ai web search API error ${response.status}: ${errorText.slice(0, DISPLAY_LIMITS.API_ERROR_PREVIEW)}`;
     debugLog("search", "z.ai web search ERROR", { attempt, status: response.status, error: errorText });
     if (!isTransientHttpError(response.status)) {
       break;
@@ -7730,6 +8198,8 @@ var SEARCH_API_KEY_REQUIRED = `SEARCH_API_KEY is required for web search. Set it
   # Or Serper (Google)
   export SEARCH_API_KEY=your_serper_key
   export SEARCH_API_URL=https://google.serper.dev/search`;
+var MAX_SEARCH_ATTEMPTS = 2;
+var SEARCH_RETRY_WAIT_MS = 2e3;
 async function webSearch(query) {
   debugLog("search", "webSearch START", { query });
   if (isZaiProvider()) {
@@ -7751,7 +8221,7 @@ async function webSearch(query) {
     };
   }
   let lastError = "";
-  for (let attempt = 0; attempt < 2; attempt++) {
+  for (let attempt = 0; attempt < MAX_SEARCH_ATTEMPTS; attempt++) {
     try {
       if (apiUrl.includes(SEARCH_URL_PATTERN.GLM) || apiUrl.includes(SEARCH_URL_PATTERN.ZHIPU)) {
         debugLog("search", `Using GLM search (attempt ${attempt + 1})`);
@@ -7771,13 +8241,13 @@ async function webSearch(query) {
       debugLog("search", `webSearch attempt ${attempt + 1} ERROR`, { error: lastError });
       const isTransient = /timeout|ECONNRESET|ENOTFOUND|429|5\d{2}|rate.?limit|temporarily/i.test(lastError);
       if (attempt === 0 && isTransient) {
-        await new Promise((r) => setTimeout(r, 2e3));
+        await new Promise((r) => setTimeout(r, SEARCH_RETRY_WAIT_MS));
         continue;
       }
     }
   }
   const fallbackGuidance = [
-    `Search failed after 2 attempts: ${lastError}`,
+    `Search failed after ${MAX_SEARCH_ATTEMPTS} attempts: ${lastError}`,
     "",
     "FALLBACK \u2014 Use browse_url on these sources directly:",
     `  browse_url("https://book.hacktricks.wiki/en/network-services-pentesting/") \u2014 for service-specific attacks`,
@@ -7911,7 +8381,7 @@ function createDomain(def) {
 }
 
 // src/engine/tools/pentest-intel-tools/web-tools.ts
-var webSearchTool = {
+var createWebSearchTool = (dynamicTechniques) => ({
   name: TOOL_NAMES.WEB_SEARCH,
   description: `Search the web for information. Use this to:
 - Find CVE details and exploit code
@@ -7934,31 +8404,56 @@ Returns search results with links and summaries.`,
   execute: async (p) => {
     const query = p.query;
     const useBrowser = p.use_browser;
+    let result;
     if (useBrowser) {
-      const result = await webSearchWithBrowser(query, "google");
-      return { success: result.success, output: result.output, error: result.error };
+      const r = await webSearchWithBrowser(query, "google");
+      result = { success: r.success, output: r.output, error: r.error };
+    } else {
+      result = await webSearch(query);
     }
-    return webSearch(query);
+    if (result.success && result.output) {
+      dynamicTechniques.learnFromSearchResult(query, result.output);
+    }
+    return result;
   }
-};
+});
 var browseUrlTool = {
   name: TOOL_NAMES.BROWSE_URL,
   description: `Navigate to a URL using a headless browser (Playwright).
 Use this for:
 - Browsing JavaScript-heavy websites
 - Extracting links, forms, and content
-- Viewing security advisories
-- Accessing documentation pages
-- Analyzing web application structure
-- Discovering web attack surface (forms, inputs, API endpoints)
-
-Can extract forms and inputs for security testing.`,
+- Viewing security advisories, accessing documentation pages
+- Analyzing web application structure and attack surface
+- Multi-step OAuth/JWT flows requiring session continuity
+
+Session persistence (save_session: true saves TWO files):
+  1. .pentesting/workspace/browser-session.json \u2192 Playwright storageState (for use_session)
+  2. .pentesting/workspace/auth-headers.json    \u2192 Extracted Bearer token + Cookie header
+
+auth-headers.json format:
+  { "Authorization": "Bearer eyJ...", "Cookie": "session=abc; csrf=xyz" }
+
+Usage in run_cmd after save_session:
+  AUTH_FILE=.pentesting/workspace/auth-headers.json
+  TOKEN=$(jq -r .Authorization $AUTH_FILE)
+  COOKIE=$(jq -r '.["Cookie"]' $AUTH_FILE)
+  curl -H "Authorization: $TOKEN" -H "Cookie: $COOKIE" http://target/api/admin
+  sqlmap -u "http://target/api" --headers="Authorization: $TOKEN"
+  python3 -c "import json,requests; h=json.load(open('$AUTH_FILE')); r=requests.get('...', headers=h); print(r.text)"
+
+Example full OAuth attack flow:
+  1. browse_url(login_url, {save_session: true})      # login \u2192 saves both files
+  2. browse_url(protected, {use_session: true})        # browser tool with session
+  3. run_cmd "curl -H \\"Authorization: $(jq -r .Authorization .pentesting/workspace/auth-headers.json)\\" http://target/api/admin"  # curl with Bearer`,
   parameters: {
     url: { type: "string", description: "URL to browse" },
     extract_forms: { type: "boolean", description: "Extract form information (inputs, actions, methods)" },
     extract_links: { type: "boolean", description: "Extract all links from the page" },
     screenshot: { type: "boolean", description: "Take a screenshot of the page" },
-    extra_headers: { type: "object", description: "Custom HTTP headers", additionalProperties: { type: "string" } }
+    extra_headers: { type: "object", description: "Custom HTTP headers", additionalProperties: { type: "string" } },
+    save_session: { type: "boolean", description: "Save browser session (cookies, localStorage) to disk after navigation" },
+    use_session: { type: "boolean", description: "Load previously saved browser session before navigation" }
   },
   required: ["url"],
   execute: async (p) => {
@@ -7967,7 +8462,9 @@ Can extract forms and inputs for security testing.`,
       extractForms: p.extract_forms,
       extractLinks: p.extract_links,
       screenshot: p.screenshot,
-      extraHeaders: p.extra_headers
+      extraHeaders: p.extra_headers,
+      saveSession: p.save_session,
+      useSession: p.use_session
     });
     return { success: result.success, output: result.output, error: result.error };
   }
@@ -7978,15 +8475,21 @@ var fillFormTool = {
 - Testing form-based authentication
 - Submitting search forms
 - Testing for form injection vulnerabilities
-- Automated form interaction`,
+- Automated form interaction
+- OAuth/authentication flows (use save_session/use_session to persist session)`,
   parameters: {
     url: { type: "string", description: "URL containing the form" },
-    fields: { type: "object", description: "Form field names and values to fill", additionalProperties: { type: "string" } }
+    fields: { type: "object", description: "Form field names and values to fill", additionalProperties: { type: "string" } },
+    save_session: { type: "boolean", description: "Save browser session after form submission (useful after login)" },
+    use_session: { type: "boolean", description: "Load previously saved session before navigating (use after browse_url login)" }
   },
   required: ["url", "fields"],
   execute: async (p) => {
     const url = ensureUrlProtocol(p.url);
-    const result = await fillAndSubmitForm(url, p.fields);
+    const result = await fillAndSubmitForm(url, p.fields, {
+      saveSession: p.save_session,
+      useSession: p.use_session
+    });
     return { success: result.success, output: result.output, error: result.error };
   }
 };
@@ -8121,10 +8624,10 @@ For CVEs not in this list, use web_search to find them.`
 };
 
 // src/engine/tools/pentest-intel-tools/index.ts
-var createIntelTools = () => [
+var createIntelTools = (dynamicTechniques) => [
   nmapTool,
   searchCveTool,
-  webSearchTool,
+  createWebSearchTool(dynamicTechniques),
   browseUrlTool,
   fillFormTool,
   getOwaspTool,
@@ -8476,28 +8979,28 @@ function getContextRecommendations(context, variantCount) {
   recs.push(`Generated ${variantCount} variants for context: ${context}`);
   switch (context) {
     case PAYLOAD_CONTEXT.URL_PARAM:
-      recs.push("If all URL encoding fails: try HTTP Parameter Pollution (send same param twice)");
-      recs.push("Try switching GET -> POST or changing Content-Type");
-      recs.push("Check if WebSocket endpoint exists (often unfiltered)");
+      recs.push("bypass-hint: HTTP Parameter Pollution (same param twice) often unfiltered");
+      recs.push("bypass-hint: GET\u2192POST or Content-Type change may bypass client-side filters");
+      recs.push("bypass-hint: WebSocket endpoints are often unfiltered");
       break;
     case PAYLOAD_CONTEXT.SQL_STRING:
     case PAYLOAD_CONTEXT.SQL_NUMERIC:
-      recs.push("If inline comments fail: try MySQL version comments /*!50000SELECT*/");
-      recs.push("Try time-based blind if error/union payloads are blocked");
-      recs.push("Use sqlmap with --tamper scripts for automated bypass");
+      recs.push("bypass-hint: MySQL version comments /*!50000SELECT*/ bypass pattern-match filters");
+      recs.push("bypass-hint: Time-based blind works when error/union paths are blocked");
+      recs.push("bypass-hint: sqlmap --tamper scripts for automated WAF bypass");
       break;
     case PAYLOAD_CONTEXT.HTML_BODY:
-      recs.push("If common XSS tags blocked: try SVG, MathML, mutation XSS");
-      recs.push("Check CSP header -- it determines what JS execution is possible");
-      recs.push("Try DOM-based XSS via document.location, innerHTML, postMessage");
+      recs.push("bypass-hint: SVG/MathML/mutation XSS when common tags are blocked");
+      recs.push("bypass-hint: CSP header determines what JS execution paths exist");
+      recs.push("bypass-hint: DOM-based XSS via document.location, innerHTML, postMessage");
       break;
     case PAYLOAD_CONTEXT.SHELL_CMD:
-      recs.push("Use ${IFS} for space, quotes for keyword bypass, base64 for full obfuscation");
-      recs.push("Try: echo PAYLOAD_BASE64 | base64 -d | sh");
-      recs.push("Variable concatenation: a=c;b=at;$a$b /etc/passwd");
+      recs.push("bypass-hint: ${IFS} for space, quotes for keyword bypass");
+      recs.push("bypass-hint: base64 encoding for full payload obfuscation");
+      recs.push("bypass-hint: variable concatenation: a=c;b=at;$a$b /etc/passwd");
       break;
   }
-  recs.push("If all variants fail: web_search for latest bypass techniques for this specific filter type");
+  recs.push('If all variants fail: web_search("bypass <filter-type> <context> site:hacktricks.xyz") for current techniques.');
   return recs;
 }
 
@@ -8655,7 +9158,7 @@ ${variantList}
 
 // src/engine/tools/pentest-attack-tools/wordlists-tool.ts
 import { existsSync as existsSync10, statSync as statSync2, readdirSync as readdirSync2 } from "fs";
-import { join as join9 } from "path";
+import { join as join10 } from "path";
 var CATEGORY_KEYWORDS = {
   passwords: ["password", "rockyou"],
   usernames: ["user"],
@@ -8742,7 +9245,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
       }
       for (const entry of entries) {
         if (entry.name.startsWith(".") || SKIP_DIRS.has(entry.name)) continue;
-        const fullPath = join9(dirPath, entry.name);
+        const fullPath = join10(dirPath, entry.name);
         if (entry.isDirectory()) {
           scanDir(fullPath, maxDepth, depth + 1);
           continue;
@@ -8795,7 +9298,7 @@ var createAttackTools = () => [
 var createPentestTools = (state, events) => [
   ...createStateTools(state, events),
   ...createTargetTools(state),
-  ...createIntelTools(),
+  ...createIntelTools(state.dynamicTechniques),
   ...createAttackTools()
 ];
 
@@ -9660,7 +10163,7 @@ Returns recommendations on process status, port conflicts, long-running tasks, e
 ];
 
 // src/domains/registry.ts
-import { join as join10, dirname as dirname3 } from "path";
+import { join as join11, dirname as dirname3 } from "path";
 import { fileURLToPath } from "url";
 
 // src/domains/network/tools.ts
@@ -10072,73 +10575,73 @@ var DOMAINS = {
     id: SERVICE_CATEGORIES.NETWORK,
     name: "Network Infrastructure",
     description: "Vulnerability scanning, port mapping, and network service exploitation.",
-    promptPath: join10(__dirname, "network/prompt.md")
+    promptPath: join11(__dirname, "network/prompt.md")
   },
   [SERVICE_CATEGORIES.WEB]: {
     id: SERVICE_CATEGORIES.WEB,
     name: "Web Application",
     description: "Web app security testing, injection attacks, and auth bypass.",
-    promptPath: join10(__dirname, "web/prompt.md")
+    promptPath: join11(__dirname, "web/prompt.md")
   },
   [SERVICE_CATEGORIES.DATABASE]: {
     id: SERVICE_CATEGORIES.DATABASE,
     name: "Database Security",
     description: "SQL injection, database enumeration, and data extraction.",
-    promptPath: join10(__dirname, "database/prompt.md")
+    promptPath: join11(__dirname, "database/prompt.md")
   },
   [SERVICE_CATEGORIES.AD]: {
     id: SERVICE_CATEGORIES.AD,
     name: "Active Directory",
     description: "Kerberos, LDAP, and Windows domain privilege escalation.",
-    promptPath: join10(__dirname, "ad/prompt.md")
+    promptPath: join11(__dirname, "ad/prompt.md")
   },
   [SERVICE_CATEGORIES.EMAIL]: {
     id: SERVICE_CATEGORIES.EMAIL,
     name: "Email Services",
     description: "SMTP, IMAP, POP3 security and user enumeration.",
-    promptPath: join10(__dirname, "email/prompt.md")
+    promptPath: join11(__dirname, "email/prompt.md")
   },
   [SERVICE_CATEGORIES.REMOTE_ACCESS]: {
     id: SERVICE_CATEGORIES.REMOTE_ACCESS,
     name: "Remote Access",
     description: "SSH, RDP, VNC and other remote control protocols.",
-    promptPath: join10(__dirname, "remote-access/prompt.md")
+    promptPath: join11(__dirname, "remote-access/prompt.md")
   },
   [SERVICE_CATEGORIES.FILE_SHARING]: {
     id: SERVICE_CATEGORIES.FILE_SHARING,
     name: "File Sharing",
     description: "SMB, NFS, FTP and shared resource security.",
-    promptPath: join10(__dirname, "file-sharing/prompt.md")
+    promptPath: join11(__dirname, "file-sharing/prompt.md")
   },
   [SERVICE_CATEGORIES.CLOUD]: {
     id: SERVICE_CATEGORIES.CLOUD,
     name: "Cloud Infrastructure",
     description: "AWS, Azure, and GCP security and misconfiguration.",
-    promptPath: join10(__dirname, "cloud/prompt.md")
+    promptPath: join11(__dirname, "cloud/prompt.md")
   },
   [SERVICE_CATEGORIES.CONTAINER]: {
     id: SERVICE_CATEGORIES.CONTAINER,
     name: "Container Systems",
     description: "Docker and Kubernetes security testing.",
-    promptPath: join10(__dirname, "container/prompt.md")
+    promptPath: join11(__dirname, "container/prompt.md")
   },
   [SERVICE_CATEGORIES.API]: {
     id: SERVICE_CATEGORIES.API,
     name: "API Security",
     description: "REST, GraphQL, and SOAP API security testing.",
-    promptPath: join10(__dirname, "api/prompt.md")
+    promptPath: join11(__dirname, "api/prompt.md")
   },
   [SERVICE_CATEGORIES.WIRELESS]: {
     id: SERVICE_CATEGORIES.WIRELESS,
     name: "Wireless Networks",
     description: "WiFi and Bluetooth security testing.",
-    promptPath: join10(__dirname, "wireless/prompt.md")
+    promptPath: join11(__dirname, "wireless/prompt.md")
   },
   [SERVICE_CATEGORIES.ICS]: {
     id: SERVICE_CATEGORIES.ICS,
     name: "Industrial Systems",
     description: "Critical infrastructure - Modbus, DNP3, ENIP.",
-    promptPath: join10(__dirname, "ics/prompt.md")
+    promptPath: join11(__dirname, "ics/prompt.md")
   }
 };
 function loadAllDomainTools() {
@@ -10400,8 +10903,8 @@ function formatBinaryAnalysis(info) {
     `Protections: Canary=${info.canary ?? "?"} NX=${info.nx ?? "?"} PIE=${info.pie ?? "?"} RELRO=${info.relro ?? "?"}`,
     `Stripped: ${info.stripped ?? "?"} | Static: ${info.staticallyLinked ?? "?"}`,
     "",
-    "EXPLOIT SUGGESTIONS:",
-    ...suggestions.map((s) => `  \u2192 ${s}`),
+    "\xA73 BINARY FEASIBILITY FACTS (what is technically possible given protections, NOT a prescribed attack plan):",
+    ...suggestions.map((s) => `  fact: ${s}`),
     "</binary-analysis>"
   ];
   return lines.join("\n");
@@ -10981,11 +11484,11 @@ function safeParseJson(jsonString) {
 function stripThinkTags(text, existingReasoning) {
   let cleanText = text;
   let extractedReasoning = existingReasoning;
-  cleanText = cleanText.replace(/lte;think&gt;([\s\S]*?)&lt;\/think&gt;/gi, (_match, inner) => {
+  cleanText = cleanText.replace(/<think>([\s\S]*?)<\/think>/gi, (_match, inner) => {
     extractedReasoning += inner;
     return "";
   });
-  cleanText = cleanText.replace(/&lt;\/?think&gt;/gi, "");
+  cleanText = cleanText.replace(/<\/?think>/gi, "");
   return { cleanText, extractedReasoning };
 }
 
@@ -11220,49 +11723,8 @@ var LLMClient = class {
     context.getTotalChars = () => totalChars;
     context.currentBlockRef = currentBlockRef;
     context.toolCallsMap = toolCallsMap;
-    const reader = response.body?.getReader();
-    if (!reader) throw new Error("Response body is not readable");
-    const decoder = new TextDecoder();
-    let buffer = "";
-    try {
-      while (true) {
-        if (callbacks?.abortSignal?.aborted) {
-          wasAborted = true;
-          break;
-        }
-        const { done, value } = await reader.read();
-        if (done) break;
-        buffer += decoder.decode(value, { stream: true });
-        const lines = buffer.split("\n");
-        buffer = lines.pop() || "";
-        for (const line of lines) {
-          if (line.startsWith("data: ")) {
-            const data = line.slice(6);
-            if (data.trim() === "[DONE]") continue;
-            try {
-              const event = JSON.parse(data);
-              processStreamEvent(event, requestId, context);
-            } catch {
-            }
-          }
-        }
-      }
-    } finally {
-      reader.releaseLock();
-    }
-    const toolCalls = [];
-    for (const [id, toolCall] of toolCallsMap) {
-      if (toolCall._pendingJson) {
-        const parseResult = safeParseJson(toolCall._pendingJson);
-        if (parseResult.success) {
-          toolCall.input = parseResult.data;
-        } else {
-          toolCall.input = { _parse_error: parseResult.error, _raw_json: toolCall._pendingJson.slice(0, DISPLAY_LIMITS.RAW_JSON_ERROR_PREVIEW) };
-        }
-        delete toolCall._pendingJson;
-      }
-      toolCalls.push({ id: toolCall.id, name: toolCall.name, input: toolCall.input });
-    }
+    wasAborted = await readSSEStream(response, requestId, context, callbacks?.abortSignal);
+    const toolCalls = resolveToolCalls(toolCallsMap);
     const stripped = stripThinkTags(fullContent, fullReasoning);
     return {
       content: stripped.cleanText,
@@ -11274,6 +11736,55 @@ var LLMClient = class {
     };
   }
 };
+async function readSSEStream(response, requestId, context, abortSignal) {
+  const reader = response.body?.getReader();
+  if (!reader) throw new Error("Response body is not readable");
+  const decoder = new TextDecoder();
+  let buffer = "";
+  let wasAborted = false;
+  try {
+    while (true) {
+      if (abortSignal?.aborted) {
+        wasAborted = true;
+        break;
+      }
+      const { done, value } = await reader.read();
+      if (done) break;
+      buffer += decoder.decode(value, { stream: true });
+      const lines = buffer.split("\n");
+      buffer = lines.pop() || "";
+      for (const line of lines) {
+        if (!line.startsWith("data: ")) continue;
+        const data = line.slice(6);
+        if (data.trim() === "[DONE]") continue;
+        try {
+          const event = JSON.parse(data);
+          processStreamEvent(event, requestId, context);
+        } catch {
+        }
+      }
+    }
+  } finally {
+    reader.releaseLock();
+  }
+  return wasAborted;
+}
+function resolveToolCalls(toolCallsMap) {
+  const toolCalls = [];
+  for (const [, toolCall] of toolCallsMap) {
+    if (toolCall._pendingJson) {
+      const parseResult = safeParseJson(toolCall._pendingJson);
+      if (parseResult.success) {
+        toolCall.input = parseResult.data;
+      } else {
+        toolCall.input = { _parse_error: parseResult.error, _raw_json: toolCall._pendingJson.slice(0, DISPLAY_LIMITS.RAW_JSON_ERROR_PREVIEW) };
+      }
+      delete toolCall._pendingJson;
+    }
+    toolCalls.push({ id: toolCall.id, name: toolCall.name, input: toolCall.input });
+  }
+  return toolCalls;
+}
 
 // src/engine/llm-client/factory.ts
 var llmInstance = null;
@@ -11313,7 +11824,7 @@ function handleLoopError(error, messages, progress, iteration, consecutiveLLMErr
     );
   }
   const unexpectedMsg = error instanceof Error ? error.message : String(error);
-  events.emit({
+  events?.emit({
     type: EVENT_TYPES.ERROR,
     timestamp: Date.now(),
     data: { message: `Unexpected error: ${unexpectedMsg}`, phase: getPhase(), isRecoverable: true }
@@ -11324,7 +11835,7 @@ Continue your task.` });
 }
 function handleLLMError(error, messages, progress, iteration, consecutiveLLMErrors, maxConsecutiveLLMErrors, events, getPhase) {
   const errorInfo = error.errorInfo;
-  events.emit({
+  events?.emit({
     type: EVENT_TYPES.ERROR,
     timestamp: Date.now(),
     data: {
@@ -11382,19 +11893,13 @@ function buildDeadlockNudge(phase, targetCount, findingCount) {
     [PHASES.WEB]: `WEB: Enumerate attack surface. Test every input.`
   };
   const direction = phaseDirection[phase] || phaseDirection[PHASES.RECON];
-  return `\u26A1 DEADLOCK: ${AGENT_LIMITS.MAX_CONSECUTIVE_IDLE} turns with ZERO tool calls.
+  return `\u26A1 DEADLOCK DETECTED: ${AGENT_LIMITS.MAX_CONSECUTIVE_IDLE} consecutive turns with zero tool calls.
 Phase: ${phase} | Targets: ${targetCount} | Findings: ${findingCount}
 
 ${direction}
 
-PICK ANY \u2014 do whatever fits best (no order, all are valid):
-\u2022 Brute-force with wordlists (hydra/hashcat/ffuf + rockyou/seclists)
-\u2022 web_search for techniques
-\u2022 Try a completely different approach
-\u2022 Probe for unknown vulns
-\u2022 ask_user for hints
-
-ACT NOW \u2014 EXECUTE.`;
+Determine the highest-impact action available to you right now and execute it immediately.
+Do not explain your reasoning \u2014 call a tool.`;
 }
 
 // src/agents/core-agent/event-emitters.ts
@@ -11631,9 +12136,12 @@ function enrichToolErrorContext(ctx) {
   } else if (isPermissionError(errorLower)) {
     lines.push(`Fix: Insufficient permissions for this operation.`);
     lines.push(`Actions: (1) Try with sudo if appropriate, (2) Use a different approach, or (3) Check if the target path/resource is correct.`);
-  } else if (isConnectionError(errorLower)) {
-    lines.push(`Fix: Cannot reach the target service.`);
-    lines.push(`Actions: (1) Verify the target host/port is correct, (2) Check if the service is running, (3) Try a different port or protocol.`);
+  } else if (isTimeoutError(errorLower)) {
+    lines.push(`Fix: Connection timed out \u2014 service may be slow, filtered by firewall, or rate-limiting.`);
+    lines.push(`Actions: (1) Increase timeout flag (--timeout, -w, --connect-timeout), (2) Try -Pn if nmap (ICMP blocked), (3) Try a slower scan rate, (4) Verify target is alive via other method.`);
+  } else if (isConnectionRefusedError(errorLower)) {
+    lines.push(`Fix: Connection refused \u2014 port is actively closed or service not running.`);
+    lines.push(`Actions: (1) Verify the exact port number, (2) Check if service requires different protocol (TCP vs UDP), (3) Try alternative ports, (4) The service may have crashed \u2014 check via a different scan.`);
   } else if (isInvalidInputError(errorLower)) {
     lines.push(`Fix: The input format is incorrect.`);
     lines.push(`Actions: (1) Check the input format and fix it, (2) Use web_search to find the correct syntax, or (3) Try a simpler input.`);
@@ -11654,8 +12162,11 @@ function isNotFoundError(e) {
 function isPermissionError(e) {
   return e.includes("permission denied") || e.includes("access denied") || e.includes("eacces");
 }
-function isConnectionError(e) {
-  return e.includes("connection refused") || e.includes("econnrefused") || e.includes("connection reset") || e.includes("timeout");
+function isTimeoutError(e) {
+  return e.includes("timeout") || e.includes("timed out") || e.includes("etimedout");
+}
+function isConnectionRefusedError(e) {
+  return e.includes("connection refused") || e.includes("econnrefused") || e.includes("connection reset");
 }
 function isInvalidInputError(e) {
   return e.includes("invalid") || e.includes("malformed") || e.includes("syntax error");
@@ -11761,40 +12272,32 @@ function stripAnsi(text) {
 function normalizeLine(line) {
   return line.replace(/\d+/g, "N").replace(/0x[a-f0-9]+/gi, "H").replace(/\s+/g, " ").trim().toLowerCase();
 }
+function flushDuplicates(result, lastLine, count) {
+  if (count <= 0) return;
+  if (count <= MAX_DUPLICATE_DISPLAY) {
+    for (let i = 0; i < count; i++) result.push(lastLine);
+  } else {
+    result.push(`  ... (${count} similar lines collapsed)`);
+  }
+}
 function filterAndDedup(lines) {
   const result = [];
   let lastLine = "";
   let consecutiveDupes = 0;
   for (const line of lines) {
     const trimmed = line.trim();
-    if (NOISE_PATTERNS.some((p) => p.test(trimmed))) {
-      continue;
-    }
+    if (NOISE_PATTERNS.some((p) => p.test(trimmed))) continue;
     const normalized = normalizeLine(trimmed);
     if (normalized === normalizeLine(lastLine)) {
       consecutiveDupes++;
       continue;
     }
-    if (consecutiveDupes > 0) {
-      if (consecutiveDupes <= MAX_DUPLICATE_DISPLAY) {
-        for (let i = 0; i < consecutiveDupes; i++) {
-          result.push(lastLine);
-        }
-      } else {
-        result.push(`  ... (${consecutiveDupes} similar lines collapsed)`);
-      }
-      consecutiveDupes = 0;
-    }
+    flushDuplicates(result, lastLine, consecutiveDupes);
+    consecutiveDupes = 0;
     result.push(line);
     lastLine = trimmed;
   }
-  if (consecutiveDupes > MAX_DUPLICATE_DISPLAY) {
-    result.push(`  ... (${consecutiveDupes} similar lines collapsed)`);
-  } else {
-    for (let i = 0; i < consecutiveDupes; i++) {
-      result.push(lastLine);
-    }
-  }
+  flushDuplicates(result, lastLine, consecutiveDupes);
   return result;
 }
 function structuralPreprocess(output) {
@@ -11924,6 +12427,14 @@ function parseAnalystMemo(response) {
     ].filter(Boolean).join(" | ")
   };
 }
+function extractHypothesizedReason(failureLine) {
+  const match = failureLine.match(/\[(FILTERED|WRONG_VECTOR|AUTH_REQUIRED|TOOL_ERROR|TIMEOUT|PATCHED)\]/);
+  if (!match) return void 0;
+  const type = match[1];
+  const parts = failureLine.split("\u2192");
+  const description = parts[1]?.trim().split("\u2192")[0]?.trim();
+  return description ? `${type} \u2014 ${description}` : type;
+}
 
 // src/shared/utils/context-digest/formatters.ts
 function formatAnalystDigest(digest, filePath, originalChars) {
@@ -12152,6 +12663,13 @@ function recordJournalMemo(call, result, digestedOutputForLLM, digestResult, tur
     }
     turnState.memo.nextSteps.push(...m.nextSteps);
     if (m.reflection) turnState.reflections.push(m.reflection);
+    if (!result.success && m.failures.length > 0) {
+      const command = String(call.input.command || call.input.url || call.input.query || JSON.stringify(call.input));
+      const hypothesizedReason = extractHypothesizedReason(m.failures[0]);
+      if (hypothesizedReason) {
+        state.workingMemory.updateLastFailureReason(command, hypothesizedReason);
+      }
+    }
   }
   if (digestResult?.memo?.credentials.length) {
     for (const cred of digestResult.memo.credentials) {
@@ -12183,7 +12701,9 @@ function recordJournalMemo(call, result, digestedOutputForLLM, digestResult, tur
           description,
           evidence,
           remediation: "",
-          foundAt: Date.now()
+          foundAt: Date.now(),
+          // SAUP §18: Analyst 해석 결과이므로 inferenceDepth=1 (직접 도구 관찰이 아님)
+          inferenceDepth: 1
         });
         state.attackGraph.addVulnerability(title, "auto-detected", digestResult.memo.attackValue === "HIGH" ? "high" : "medium", confidence >= CONFIDENCE_THRESHOLDS.CONFIRMED);
         existingSignatures.add(signature);
@@ -12551,32 +13071,36 @@ var CORE_KNOWLEDGE_FILES = [
   // Active Directory / infrastructure attack methodology
 ];
 var PHASE_TECHNIQUE_MAP = {
-  [PHASES.RECON]: [TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.CRYPTO],
-  [PHASES.VULN_ANALYSIS]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.REVERSING],
-  [PHASES.EXPLOIT]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.PWN, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.SANDBOX_ESCAPE, TECHNIQUE_FILES.REVERSING],
-  [PHASES.POST_EXPLOIT]: [TECHNIQUE_FILES.PRIVESC, TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.SANDBOX_ESCAPE, TECHNIQUE_FILES.FORENSICS],
+  // RECON: 서비스 파악 + 기본 크레덴셜/익명 접근 초기 탐색
+  [PHASES.RECON]: [TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.AUTH_ACCESS],
+  // VULN_ANALYSIS: 인증 우회가 가장 흔한 취약점 클래스 — auth-access 필수
+  [PHASES.VULN_ANALYSIS]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.REVERSING],
+  // EXPLOIT: JWT/OAuth/세션 우회 + 바이너리 + 인젝션 전체
+  [PHASES.EXPLOIT]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.PWN, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.SANDBOX_ESCAPE, TECHNIQUE_FILES.REVERSING],
+  [PHASES.POST_EXPLOIT]: [TECHNIQUE_FILES.PRIVESC, TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.SANDBOX_ESCAPE, TECHNIQUE_FILES.FORENSICS, TECHNIQUE_FILES.PIVOTING, TECHNIQUE_FILES.ENTERPRISE_PENTEST],
   [PHASES.PRIV_ESC]: [TECHNIQUE_FILES.PRIVESC, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.PWN, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.SANDBOX_ESCAPE],
-  [PHASES.LATERAL]: [TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AD_ATTACK, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.NETWORK_SVC],
-  [PHASES.PERSISTENCE]: [TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.PRIVESC, TECHNIQUE_FILES.LATERAL],
+  [PHASES.LATERAL]: [TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.AD_ATTACK, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.CONTAINER_ESCAPE, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.PIVOTING, TECHNIQUE_FILES.ENTERPRISE_PENTEST],
+  [PHASES.PERSISTENCE]: [TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.PRIVESC, TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.ENTERPRISE_PENTEST],
   [PHASES.EXFIL]: [TECHNIQUE_FILES.LATERAL, TECHNIQUE_FILES.NETWORK_SVC, TECHNIQUE_FILES.FORENSICS],
-  [PHASES.WEB]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.SHELLS],
+  // WEB: 인젝션 + 인증 + 파일 + 쉘 + 네트워크 서비스 (내부 Redis/MySQL 연결 가능)
+  [PHASES.WEB]: [TECHNIQUE_FILES.INJECTION, TECHNIQUE_FILES.FILE_ATTACKS, TECHNIQUE_FILES.AUTH_ACCESS, TECHNIQUE_FILES.CRYPTO, TECHNIQUE_FILES.SHELLS, TECHNIQUE_FILES.NETWORK_SVC],
   [PHASES.REPORT]: []
   // Report phase: no attack techniques needed
 };
 
 // src/agents/prompt-builder/prompt-loader.ts
 import { readFileSync as readFileSync7, existsSync as existsSync11 } from "fs";
-import { join as join11, dirname as dirname4 } from "path";
+import { join as join12, dirname as dirname4 } from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
 var __dirname2 = dirname4(fileURLToPath2(import.meta.url));
-var PROMPTS_DIR = join11(__dirname2, "../prompts");
-var TECHNIQUES_DIR = join11(PROMPTS_DIR, PROMPT_PATHS.TECHNIQUES_DIR);
+var PROMPTS_DIR = join12(__dirname2, "../prompts");
+var TECHNIQUES_DIR = join12(PROMPTS_DIR, PROMPT_PATHS.TECHNIQUES_DIR);
 function loadPromptFile(filename) {
-  const path2 = join11(PROMPTS_DIR, filename);
+  const path2 = join12(PROMPTS_DIR, filename);
   return existsSync11(path2) ? readFileSync7(path2, PROMPT_CONFIG.ENCODING) : "";
 }
 function loadTechniqueFile(techniqueName) {
-  const filePath = join11(TECHNIQUES_DIR, `${techniqueName}.md`);
+  const filePath = join12(TECHNIQUES_DIR, `${techniqueName}.md`);
   try {
     if (!existsSync11(filePath)) return "";
     return readFileSync7(filePath, PROMPT_CONFIG.ENCODING);
@@ -12680,7 +13204,19 @@ function buildPersistentMemoryFragment(state) {
       if (port.service) services.push(port.service);
     }
   }
-  return state.persistentMemory.toPrompt(services);
+  const result = state.persistentMemory.toPrompt(services);
+  flowLog("\u2461Main", "\u2190", "PersistentMemory", result ? `${result.length}B` : "EMPTY");
+  return result;
+}
+function buildEpistemicCheckFragment(state) {
+  if (!state.lastReflection) {
+    flowLog("\u2461Main", "\u2190", "lastReflection (epistemic-check)", "EMPTY \u2014 \xA718 layer skipped");
+    return "";
+  }
+  flowLog("\u2461Main", "\u2190", "lastReflection (epistemic-check)", `${state.lastReflection.length}B \u2705`);
+  return `<epistemic-check>
+${state.lastReflection}
+</epistemic-check>`;
 }
 
 // src/agents/prompt-builder/fragments/intelligence.ts
@@ -12698,31 +13234,26 @@ function buildAttackIntelligenceFragment(state) {
   const lines = [];
   for (const target of targets) {
     for (const port of target.ports) {
-      const attacks = getAttacksForService(port.service || "", port.port);
-      if (attacks.length === 0) continue;
-      const priority = calculateAttackPriority({
-        service: port.service || "",
-        version: port.version,
-        port: port.port
-      });
-      lines.push(`[${target.ip}:${port.port}] ${port.service || "unknown"} (priority: ${priority}/100)`);
-      attacks.forEach((a) => lines.push(`  - ${a}`));
+      const ctx = getServiceContext(port.service || "", port.port);
+      const factStr = ctx.facts.length > 0 ? ` [${ctx.facts.join("; ")}]` : "";
+      const versionStr = port.version ? ` v${port.version}` : "";
+      lines.push(`${target.ip}:${port.port}  ${port.service || "unknown"}${versionStr}  category=${ctx.category}${factStr}`);
     }
   }
   if (lines.length === 0) return "";
-  return `<attack-intelligence>
-Bootstrap attack suggestions (try these first, adapt if they fail):
+  return `<service-inventory>
+Discovered services \u2014 use get_owasp_knowledge, web_search, or get_web_attack_surface for attack ideas:
 ${lines.join("\n")}
-</attack-intelligence>`;
+</service-inventory>`;
 }
 
 // src/shared/utils/journal/reader.ts
 import { readFileSync as readFileSync8, existsSync as existsSync13 } from "fs";
-import { join as join13 } from "path";
+import { join as join14 } from "path";
 
 // src/shared/utils/journal/rotation.ts
 import { existsSync as existsSync12, readdirSync as readdirSync3, statSync as statSync3, rmSync as rmSync2 } from "fs";
-import { join as join12 } from "path";
+import { join as join13 } from "path";
 function parseTurnNumbers(turnsDir) {
   if (!existsSync12(turnsDir)) return [];
   return readdirSync3(turnsDir).filter((e) => e.startsWith(TURN_FOLDER_PREFIX) && /^\d+$/.test(e.slice(TURN_FOLDER_PREFIX.length))).map((e) => Number(e.slice(TURN_FOLDER_PREFIX.length)));
@@ -12731,12 +13262,12 @@ function rotateTurnRecords() {
   try {
     const turnsDir = WORKSPACE.TURNS;
     if (!existsSync12(turnsDir)) return;
-    const turnDirs = parseTurnNumbers(turnsDir).map((n) => `${TURN_FOLDER_PREFIX}${n}`).filter((e) => statSync3(join12(turnsDir, e)).isDirectory()).sort((a, b) => Number(a.slice(TURN_FOLDER_PREFIX.length)) - Number(b.slice(TURN_FOLDER_PREFIX.length)));
+    const turnDirs = parseTurnNumbers(turnsDir).map((n) => `${TURN_FOLDER_PREFIX}${n}`).filter((e) => statSync3(join13(turnsDir, e)).isDirectory()).sort((a, b) => Number(a.slice(TURN_FOLDER_PREFIX.length)) - Number(b.slice(TURN_FOLDER_PREFIX.length)));
     if (turnDirs.length > MEMORY_LIMITS.MAX_TURN_ENTRIES) {
       const dirsToDel = turnDirs.slice(0, turnDirs.length - MEMORY_LIMITS.MAX_TURN_ENTRIES);
       for (const dir of dirsToDel) {
         try {
-          rmSync2(join12(turnsDir, dir), { recursive: true, force: true });
+          rmSync2(join13(turnsDir, dir), { recursive: true, force: true });
         } catch {
         }
       }
@@ -12755,7 +13286,7 @@ function readJournalSummary() {
     const turnsDir = WORKSPACE.TURNS;
     const turnDirs = parseTurnNumbers(turnsDir).sort((a, b) => b - a);
     for (const turn of turnDirs) {
-      const summaryPath = join13(WORKSPACE.turnPath(turn), TURN_FILES.SUMMARY);
+      const summaryPath = join14(WORKSPACE.turnPath(turn), TURN_FILES.SUMMARY);
       if (existsSync13(summaryPath)) {
         return readFileSync8(summaryPath, "utf-8");
       }
@@ -12772,7 +13303,7 @@ function getRecentEntries(count = MEMORY_LIMITS.MAX_TURN_ENTRIES) {
     const entries = [];
     for (const turn of turnDirs) {
       try {
-        const filePath = join13(WORKSPACE.turnPath(turn), TURN_FILES.STRUCTURED);
+        const filePath = join14(WORKSPACE.turnPath(turn), TURN_FILES.STRUCTURED);
         if (existsSync13(filePath)) {
           const raw = readFileSync8(filePath, "utf-8");
           entries.push(JSON.parse(raw));
@@ -12798,7 +13329,7 @@ function getNextTurnNumber() {
 
 // src/shared/utils/journal/summary.ts
 import { writeFileSync as writeFileSync9 } from "fs";
-import { join as join14 } from "path";
+import { join as join15 } from "path";
 
 // src/shared/utils/journal/summary-collector.ts
 function collectSummaryBuckets(entries) {
@@ -12903,7 +13434,7 @@ function regenerateJournalSummary() {
     const turnDir = WORKSPACE.turnPath(latestTurn);
     ensureDirExists(turnDir);
     const summary = buildSummaryFromEntries(entries);
-    const summaryPath = join14(turnDir, TURN_FILES.SUMMARY);
+    const summaryPath = join15(turnDir, TURN_FILES.SUMMARY);
     writeFileSync9(summaryPath, summary, "utf-8");
     debugLog("general", "Journal summary regenerated", {
       entries: entries.length,
@@ -13042,7 +13573,7 @@ var PromptBuilder = class {
    * 4. Phase-relevant techniques — only attack techniques for current phase (~4-8K tok)
    * 5. Scope constraints
    * 6. Current state (targets, findings, loot, active processes)
-   * 7. TODO list
+   * 7. Todo list
    * 8. Time awareness + adaptive strategy (#8)
    * 9. Challenge analysis (#2: Auto-Prompter)
    * 10. Attack graph (#6: recommended attack chains)
@@ -13070,6 +13601,8 @@ var PromptBuilder = class {
       buildAttackGraphFragment(this.state),
       buildAttackIntelligenceFragment(this.state),
       buildWorkingMemoryFragment(this.state),
+      // §18: Reflector 자기인식 결과 주입 (turn N-1 → turn N)
+      buildEpistemicCheckFragment(this.state),
       buildEpisodicMemoryFragment(this.state),
       buildDynamicTechniquesFragment(this.state),
       buildPersistentMemoryFragment(this.state),
@@ -13216,12 +13749,21 @@ var REFLECTOR_SYSTEM_PROMPT = `You are a tactical reviewer for a penetration tes
 Review ALL actions from this turn \u2014 successes AND failures.
 
 1. ASSESSMENT: What did this turn accomplish? Rate: HIGH / MED / LOW / NONE.
-2. SUCCESSES: What worked? Can this pattern be replicated elsewhere?
+2. SUCCESSES: What worked? Can this pattern be replicated on other services/endpoints?
 3. FAILURES: What failed? Is this a repeated pattern? If so \u2192 STOP this approach.
-4. BLIND SPOTS: What was missed or overlooked?
-5. NEXT PRIORITY: Single most valuable next action.
+4. BLIND SPOTS \u2014 answer each explicitly:
+   a) What services/ports/endpoints have been DISCOVERED but NOT YET attacked?
+   b) What credentials or tokens have been found but NOT yet sprayed on other services?
+   c) Is there a SIMPLER explanation for the current behavior? (misconfiguration vs. complex vuln)
+   d) Are we drilling too deep on one surface while ignoring others?
+   e) Could a short custom script (Python/bash) accomplish what tool attempts have failed to do?
+   f) Is there any finding from a PREVIOUS turn that was noted but never followed up on?
+   g) What would an experienced human tester try RIGHT NOW that hasn't been attempted?
+5. NEXT PRIORITY: Single most valuable next action with concrete reasoning.
+6. EPISTEMIC CHECK (\xA718): Are any current findings marked \u26A0\uFE0F unverified-chain or depth\u22652?
+   If yes \u2192 recommend direct verification (whoami, curl, targeted payload) BEFORE chaining further attacks on those findings.
 
-3-5 lines. Every word must be actionable.`;
+`;
 var Reflector = class extends AuxiliaryLLMBase {
   constructor(llm) {
     super(llm, {
@@ -13242,7 +13784,7 @@ var Reflector = class extends AuxiliaryLLMBase {
       success: true
     };
   }
-  createFailureOutput(reason) {
+  createFailureOutput(_reason) {
     return {
       reflection: "",
       success: false
@@ -13277,13 +13819,13 @@ var SummaryRegenerator = class extends AuxiliaryLLMBase {
   }
   formatInput(input) {
     if (input.existingSummary) {
-      return `\uAE30\uC874 \uC694\uC57D:
+      return `Previous summary:
 ${input.existingSummary}
 
-\uC774\uBC88 \uD134:
+Current turn:
 ${input.turnData}`;
     } else {
-      return `\uCCAB \uD134 \uB370\uC774\uD130:
+      return `First turn data:
 ${input.turnData}`;
     }
   }
@@ -13304,6 +13846,56 @@ function createSummaryRegenerator(llm) {
   return new SummaryRegenerator(llm);
 }
 
+// src/engine/auxiliary-llm/playbook-synthesizer.ts
+var PLAYBOOK_SYNTHESIZER_SYSTEM_PROMPT = `You are a penetration testing knowledge distiller.
+Given the steps of a successful attack chain, write ONE concise sentence (\u2264120 characters) capturing the REUSABLE PATTERN.
+
+Rules:
+- Abstract away specific IPs, ports, file paths \u2014 keep service names and techniques
+- Use \u2192 to separate attack steps (e.g. "LFI \u2192 log poisoning \u2192 RCE via PHP session file")
+- Focus on WHAT worked, not WHO or WHEN
+- If the chain is trivial (e.g. single nmap scan), respond with: SKIP
+- No preamble, no explanation \u2014 just the one-line pattern or SKIP`;
+var PlaybookSynthesizer = class extends AuxiliaryLLMBase {
+  constructor(llm) {
+    super(llm, {
+      systemPrompt: PLAYBOOK_SYNTHESIZER_SYSTEM_PROMPT,
+      logErrors: true
+    });
+  }
+  formatInput(input) {
+    const nodeLines = input.succeededNodes.map((n) => `  [${n.type}] ${n.label}${n.technique ? ` (technique: ${n.technique})` : ""}`).join("\n");
+    const edgeActions = input.succeededEdges.map((e) => e.action).filter(Boolean).slice(0, 8);
+    const lines = [
+      `SERVICE PROFILE: ${input.serviceProfile || "unknown"}`,
+      "",
+      "SUCCEEDED ATTACK NODES:",
+      nodeLines || "  (none)"
+    ];
+    if (edgeActions.length > 0) {
+      lines.push("", "ATTACK ACTIONS (edges):", ...edgeActions.map((a) => `  \u2192 ${a}`));
+    }
+    if (input.existingChainSummary) {
+      lines.push("", `EXISTING SUMMARY (regex-based, for reference): ${input.existingChainSummary}`);
+    }
+    return lines.join("\n");
+  }
+  parseOutput(response) {
+    const trimmed = response.trim();
+    if (trimmed.toUpperCase() === "SKIP" || trimmed.length === 0) {
+      return { playbookSummary: "", success: false };
+    }
+    const summary = trimmed.length > 120 ? trimmed.slice(0, 117) + "..." : trimmed;
+    return { playbookSummary: summary, success: true };
+  }
+  createFailureOutput(_reason) {
+    return { playbookSummary: "", success: false };
+  }
+};
+function createPlaybookSynthesizer(llm) {
+  return new PlaybookSynthesizer(llm);
+}
+
 // src/agents/strategist/constants.ts
 var CACHE_TTL_MS = 3 * 60 * 1e3;
 var STALL_TURNS_THRESHOLD = 2;
@@ -13370,6 +13962,9 @@ function buildInput(state) {
     sections.push("");
     sections.push("## Failed Attempts (DO NOT REPEAT THESE)");
     sections.push(failures);
+    flowLog("\u2460Strategist", "\u2190", "WorkingMemory", `${failures.length}B`);
+  } else {
+    flowLog("\u2460Strategist", "\u2190", "WorkingMemory", "EMPTY");
   }
   try {
     const journalSummary = readJournalSummary();
@@ -13377,6 +13972,9 @@ function buildInput(state) {
       sections.push("");
       sections.push("## Session Journal (past turns summary)");
       sections.push(journalSummary);
+      flowLog("\u2460Strategist", "\u2190", "summary.md", `${journalSummary.length}B \u2705`);
+    } else {
+      flowLog("\u2460Strategist", "\u2190", "summary.md", "EMPTY \u26A0\uFE0F");
     }
   } catch {
   }
@@ -13385,6 +13983,7 @@ function buildInput(state) {
     sections.push("");
     sections.push("## Attack Graph");
     sections.push(graph);
+    flowLog("\u2460Strategist", "\u2190", "AttackGraph", `${graph.length}B`);
   }
   const timeline = state.episodicMemory.toPrompt();
   if (timeline) {
@@ -13404,8 +14003,9 @@ function buildInput(state) {
   const analysis = state.getChallengeAnalysis();
   if (analysis && analysis.primaryType !== "unknown") {
     sections.push("");
-    sections.push(`## Challenge Type: ${analysis.primaryType.toUpperCase()} (${(analysis.confidence * 100).toFixed(0)}%)`);
-    sections.push(analysis.strategySuggestion);
+    sections.push(`## Challenge Type`);
+    sections.push(`${analysis.primaryType.toUpperCase()} (confidence: ${(analysis.confidence * 100).toFixed(0)}%)`);
+    sections.push(`Use get_owasp_knowledge("${analysis.primaryType}") to determine your attack approach.`);
   }
   return sections.join("\n");
 }
@@ -13428,10 +14028,10 @@ function formatForPrompt(directive, isStale = false) {
 
 // src/agents/strategist/prompt-loader.ts
 import { readFileSync as readFileSync9, existsSync as existsSync14 } from "fs";
-import { join as join15, dirname as dirname5 } from "path";
+import { join as join16, dirname as dirname5 } from "path";
 import { fileURLToPath as fileURLToPath3 } from "url";
 var __dirname3 = dirname5(fileURLToPath3(import.meta.url));
-var STRATEGIST_PROMPT_PATH = join15(__dirname3, "../prompts", "strategist-system.md");
+var STRATEGIST_PROMPT_PATH = join16(__dirname3, "../prompts", "strategist-system.md");
 function loadSystemPrompt() {
   try {
     if (existsSync14(STRATEGIST_PROMPT_PATH)) {
@@ -13832,7 +14432,7 @@ async function processReflection(toolJournal, memo14, phase, reflector) {
 
 // src/agents/main-agent/turn-recorder.ts
 import { writeFileSync as writeFileSync10, existsSync as existsSync15, readFileSync as readFileSync10 } from "fs";
-import { join as join16 } from "path";
+import { join as join17 } from "path";
 async function recordTurn(context) {
   const { turnCounter, phase, toolJournal, memo: memo14, reflections, summaryRegenerator } = context;
   if (toolJournal.length === 0) {
@@ -13847,14 +14447,16 @@ async function recordTurn(context) {
       memo: memo14,
       reflection: reflections.length > 0 ? reflections.join(" | ") : memo14.nextSteps.join("; ")
     };
-    await createTurnArchive(turnCounter, entry, toolJournal, memo14, phase, reflections);
-    await regenerateSummary(turnCounter, summaryRegenerator, entry, toolJournal, memo14, phase, reflections);
+    const entryCtx = { entry, journalTools: toolJournal, memo: memo14, phase, reflections };
+    await createTurnArchive(turnCounter, entryCtx);
+    await regenerateSummary(turnCounter, summaryRegenerator, entryCtx);
     rotateTurnRecords();
   } catch {
   }
   return turnCounter + 1;
 }
-async function createTurnArchive(turnCounter, entry, journalTools, memo14, phase, reflections) {
+async function createTurnArchive(turnCounter, ctx) {
+  const { entry, journalTools, memo: memo14, phase } = ctx;
   try {
     const turnDir = WORKSPACE.turnPath(turnCounter);
     const toolsDir = WORKSPACE.turnToolsPath(turnCounter);
@@ -13868,8 +14470,8 @@ async function createTurnArchive(turnCounter, entry, journalTools, memo14, phase
       memo: memo14,
       reflection: entry.reflection
     });
-    writeFileSync10(join16(turnDir, TURN_FILES.RECORD), turnContent, "utf-8");
-    writeFileSync10(join16(turnDir, TURN_FILES.STRUCTURED), JSON.stringify(entry, null, 2), "utf-8");
+    writeFileSync10(join17(turnDir, TURN_FILES.RECORD), turnContent, "utf-8");
+    writeFileSync10(join17(turnDir, TURN_FILES.STRUCTURED), JSON.stringify(entry, null, 2), "utf-8");
     writeAnalystFile(turnDir, memo14);
   } catch {
   }
@@ -13883,17 +14485,24 @@ function writeAnalystFile(turnDir, memo14) {
   if (memo14.suspicions.length > 0) memoLines.push("## Suspicious", ...memo14.suspicions.map((s) => `- ${s}`), "");
   if (memo14.nextSteps.length > 0) memoLines.push("## Next Steps", ...memo14.nextSteps.map((n) => `- ${n}`), "");
   if (memoLines.length > 0) {
-    writeFileSync10(join16(turnDir, TURN_FILES.ANALYST), memoLines.join("\n"), "utf-8");
+    writeFileSync10(join17(turnDir, TURN_FILES.ANALYST), memoLines.join("\n"), "utf-8");
+    flowLog(
+      "\u2462Analyst",
+      "\u2192",
+      `archive/turn-${turnDir.split("/").pop()}/analyst.md`,
+      `findings:${memo14.keyFindings.length} creds:${memo14.credentials.length} vectors:${memo14.attackVectors.length} failures:${memo14.failures.length}`
+    );
   }
 }
-async function regenerateSummary(turnCounter, summaryRegenerator, entry, journalTools, memo14, phase, reflections) {
+async function regenerateSummary(turnCounter, summaryRegenerator, ctx) {
+  const { entry, journalTools, memo: memo14, phase } = ctx;
   try {
     const turnDir = WORKSPACE.turnPath(turnCounter);
-    const summaryPath = join16(turnDir, TURN_FILES.SUMMARY);
+    const summaryPath = join17(turnDir, TURN_FILES.SUMMARY);
     const prevTurn = turnCounter - 1;
     let existingSummary = null;
     if (prevTurn >= 1) {
-      const prevSummaryPath = join16(WORKSPACE.turnPath(prevTurn), TURN_FILES.SUMMARY);
+      const prevSummaryPath = join17(WORKSPACE.turnPath(prevTurn), TURN_FILES.SUMMARY);
       if (existsSync15(prevSummaryPath)) {
         existingSummary = readFileSync10(prevSummaryPath, "utf-8");
       }
@@ -13913,6 +14522,9 @@ async function regenerateSummary(turnCounter, summaryRegenerator, entry, journal
     if (summaryResult.success && summaryResult.summary) {
       ensureDirExists(turnDir);
       writeFileSync10(summaryPath, summaryResult.summary, "utf-8");
+      flowLog("\u2465SummaryRegen", "\u2192", "summary.md", `${summaryResult.summary.length}B \u2192 turn:${turnCounter}`);
+    } else {
+      flowLog("\u2465SummaryRegen", "\u2192", "summary.md", "SKIPPED (empty result)");
     }
   } catch {
     regenerateJournalSummary();
@@ -13942,6 +14554,38 @@ var session = {
   load: (state) => loadState(state)
 };
 
+// src/agents/main-agent/playbook-handler.ts
+async function synthesizeAndSavePlaybook(state, synthesizer) {
+  try {
+    const nodes = state.attackGraph.getAllNodes();
+    const edges = state.attackGraph.getAllEdges();
+    const succeededNodes = nodes.filter((n) => n.status === NODE_STATUS.SUCCEEDED).map((n) => ({ label: n.label, type: n.type, technique: n.technique }));
+    const succeededEdges = edges.filter((e) => e.status === EDGE_STATUS.SUCCEEDED).map((e) => ({ action: e.action }));
+    if (succeededNodes.length < 2) return;
+    const serviceProfile = nodes.filter((n) => n.type === NODE_TYPE.SERVICE && n.status === NODE_STATUS.SUCCEEDED).map((n) => n.label.replace(/^service:/i, "").replace(/\b\d{1,3}(\.\d{1,3}){3}(:\d+)?\b/g, "").trim()).filter(Boolean).join(" + ") || "unknown";
+    const nodeMap = new Map(nodes.map((n) => [n.id, n]));
+    const existingChain = extractSuccessfulChain(nodeMap, edges);
+    const existingChainSummary = existingChain?.chainSummary ?? "";
+    const result = await synthesizer.execute({
+      succeededNodes,
+      succeededEdges,
+      serviceProfile,
+      existingChainSummary
+    });
+    if (result.success && result.playbookSummary) {
+      const toolsUsed = [...new Set(
+        succeededNodes.map((n) => n.technique?.split(" ")[0]).filter(Boolean)
+      )];
+      state.persistentMemory.recordExploitChain(
+        serviceProfile,
+        result.playbookSummary,
+        toolsUsed
+      );
+    }
+  } catch {
+  }
+}
+
 // src/agents/main-agent/core.ts
 var MainAgent = class extends CoreAgent {
   promptBuilder;
@@ -13954,6 +14598,7 @@ var MainAgent = class extends CoreAgent {
   contextExtractor;
   reflector;
   summaryRegenerator;
+  playbookSynthesizer;
   constructor(state, events, toolRegistry, approvalGate, scopeGuard) {
     super(AGENT_ROLES.ORCHESTRATOR, state, events, toolRegistry);
     this.approvalGate = approvalGate;
@@ -13964,6 +14609,7 @@ var MainAgent = class extends CoreAgent {
     this.contextExtractor = createContextExtractor(this.llm);
     this.reflector = createReflector(this.llm);
     this.summaryRegenerator = createSummaryRegenerator(this.llm);
+    this.playbookSynthesizer = createPlaybookSynthesizer(this.llm);
   }
   async execute(userInput) {
     this.userInput = userInput;
@@ -13992,6 +14638,7 @@ var MainAgent = class extends CoreAgent {
         messages.push({ role: "user", content: userMessage });
       }
     }
+    const flagsBefore = this.state.getFlags().length;
     const dynamicPrompt = await this.getCurrentPrompt();
     const result = await super.step(iteration, messages, dynamicPrompt, progress);
     const turnToolJournal = this.getTurnToolJournal();
@@ -13999,7 +14646,19 @@ var MainAgent = class extends CoreAgent {
     const turnReflections = [];
     await processContextExtraction(messages, this.contextExtractor);
     const reflection = await processReflection(turnToolJournal, turnMemo, this.state.getPhase(), this.reflector);
-    if (reflection) turnReflections.push(reflection);
+    if (reflection) {
+      turnReflections.push(reflection);
+      this.state.lastReflection = reflection;
+      flowLog("\u2464Reflector", "\u2192", "lastReflection (RAM)", `${reflection.length}B \u2192 next-turn \u2461Main`);
+    } else if (turnToolJournal.length > 0) {
+      this.state.lastReflection = null;
+      flowLog("\u2464Reflector", "\u2192", "lastReflection (RAM)", "CLEARED (no reflection)");
+    }
+    const flagsAfter = this.state.getFlags().length;
+    if (flagsAfter > flagsBefore) {
+      flowLog("\u2466PlaybookSynth", "\u2192", "PersistentMemory", `flag captured (${flagsAfter - flagsBefore} new)`);
+      await synthesizeAndSavePlaybook(this.state, this.playbookSynthesizer);
+    }
     this.turnCounter = await recordTurn({
       turnCounter: this.turnCounter,
       phase: this.state.getPhase(),
@@ -14979,48 +15638,30 @@ var formatServiceLabel = (target, port) => {
 var formatFindingsWithFlags = (findings, flags) => {
   const findingsOutput = formatFindings(findings);
   const flagsOutput = formatFlags(flags);
-  if (flagsOutput) {
-    return `${findingsOutput}
+  if (flagsOutput) return `${findingsOutput}
 ${flagsOutput}`;
-  }
   return findingsOutput;
 };
-var formatGraphWithSummary = (state, findings, flags) => {
+function formatHostSection(targets, hostNodes, hostCount, w) {
   const lines = [];
-  const w = getBoxWidth();
-  const innerDash = w - 2;
-  const targets = state.getAllTargets();
-  const graphStats = state.attackGraph.getStats();
-  const allNodes = state.attackGraph.getAllNodes();
-  const hostNodes = allNodes.filter((n) => n.type === NODE_TYPE.HOST);
-  const serviceNodes = allNodes.filter((n) => n.type === NODE_TYPE.SERVICE);
-  const vulnNodes = allNodes.filter((n) => n.type === NODE_TYPE.VULNERABILITY);
-  const hostCount = hostNodes.length || targets.length;
-  const serviceCount = serviceNodes.length || targets.reduce((sum, t) => sum + t.ports.length, 0);
-  const vulnCount = findings.length;
-  const topTitle = "\u2500\u2500\u2500 Attack Graph ";
-  lines.push(`\u250C${topTitle}${"\u2500".repeat(Math.max(0, innerDash - topTitle.length))}\u2510`);
-  lines.push(boxLine(`\u{1F5A5} ${hostCount}  \u26A0 ${vulnCount}  \u2699 ${serviceCount}`, w));
-  lines.push(boxLine("", w));
   lines.push(boxLine(`\u{1F5A5} HOST (${hostCount})`, w));
   if (targets.length > 0) {
     for (const t of targets.slice(0, 5)) {
       lines.push(boxLine(`  \u25CB ${formatTargetLine(t)}`, w));
     }
-    if (targets.length > 5) {
-      lines.push(boxLine(`  ... and ${targets.length - 5} more hosts`, w));
-    }
+    if (targets.length > 5) lines.push(boxLine(`  ... and ${targets.length - 5} more hosts`, w));
   } else if (hostNodes.length > 0) {
     for (const node of hostNodes.slice(0, 5)) {
       lines.push(boxLine(`  \u25CB ${node.label}`, w));
     }
-    if (hostNodes.length > 5) {
-      lines.push(boxLine(`  ... and ${hostNodes.length - 5} more hosts`, w));
-    }
+    if (hostNodes.length > 5) lines.push(boxLine(`  ... and ${hostNodes.length - 5} more hosts`, w));
   } else {
     lines.push(boxLine("  (no hosts discovered)", w));
   }
-  lines.push(boxLine("", w));
+  return lines;
+}
+function formatVulnSection(findings, vulnNodes, vulnCount, w) {
+  const lines = [];
   lines.push(boxLine(`\u26A0 VULNERABILITY (${vulnCount})`, w));
   if (findings.length > 0) {
     const sortedFindings = [...findings].sort((a, b) => b.confidence - a.confidence).slice(0, 5);
@@ -15030,52 +15671,88 @@ var formatGraphWithSummary = (state, findings, flags) => {
       lines.push(boxLine(`  \u25CB ${icon} ${f.title.slice(0, 60)}${f.title.length > 60 ? "..." : ""}`, w));
       lines.push(boxLine(`      ${confLabel(f.confidence).toUpperCase()} \u2502 ${f.severity.toUpperCase()}${cat}`, w));
     }
-    if (findings.length > 5) {
-      lines.push(boxLine(`  ... and ${findings.length - 5} more findings`, w));
+    if (findings.length > 5) lines.push(boxLine(`  ... and ${findings.length - 5} more findings`, w));
+    const cveFindings = findings.filter((f) => f.title.includes("CVE"));
+    if (cveFindings.length > 0) {
+      const cveList = cveFindings.slice(0, 3).map((f) => f.title.match(/CVE-\d{4}-\d+/)?.[0] ?? f.title).join(", ");
+      const suffix = cveFindings.length > 3 ? ` (+${cveFindings.length - 3} more)` : "";
+      lines.push(boxLine(`  \u25CB CVE found: ${cveList}${suffix}`, w));
     }
   } else if (vulnNodes.length > 0) {
     for (const node of vulnNodes.slice(0, 5)) {
       lines.push(boxLine(`  \u25CB ${node.label}`, w));
     }
-    if (vulnNodes.length > 5) {
-      lines.push(boxLine(`  ... and ${vulnNodes.length - 5} more`, w));
-    }
+    if (vulnNodes.length > 5) lines.push(boxLine(`  ... and ${vulnNodes.length - 5} more`, w));
   } else {
     lines.push(boxLine("  (no vulnerabilities found)", w));
   }
-  const cveFindings = findings.filter((f) => f.title.includes("CVE"));
-  if (cveFindings.length > 0) {
-    const cveList = cveFindings.slice(0, 3).map((f) => f.title.match(/CVE-\d{4}-\d+/)?.[0] ?? f.title).join(", ");
-    const suffix = cveFindings.length > 3 ? ` (+${cveFindings.length - 3} more)` : "";
-    lines.push(boxLine(`  \u25CB CVE found: ${cveList}${suffix}`, w));
-  }
-  lines.push(boxLine("", w));
+  return lines;
+}
+function formatServiceSection(targets, serviceNodes, serviceCount, w) {
+  const lines = [];
+  const MAX_SHOW = 5;
   lines.push(boxLine(`\u2699 SERVICE (${serviceCount})`, w));
   if (targets.length > 0) {
-    let shownServices = 0;
-    const maxShow = 5;
-    for (const t of targets) {
+    let shown = 0;
+    outer: for (const t of targets) {
       for (const p of t.ports) {
-        if (shownServices >= maxShow) break;
+        if (shown >= MAX_SHOW) break outer;
         lines.push(boxLine(`  \u25CB ${formatServiceLabel(t, p)}`, w));
-        shownServices++;
+        shown++;
       }
-      if (shownServices >= maxShow) break;
     }
     const totalServices = targets.reduce((sum, t) => sum + t.ports.length, 0);
-    if (totalServices > maxShow) {
-      lines.push(boxLine(`  ... and ${totalServices - maxShow} more services`, w));
-    }
+    if (totalServices > MAX_SHOW) lines.push(boxLine(`  ... and ${totalServices - MAX_SHOW} more services`, w));
   } else if (serviceNodes.length > 0) {
-    for (const node of serviceNodes.slice(0, 5)) {
+    for (const node of serviceNodes.slice(0, MAX_SHOW)) {
       lines.push(boxLine(`  \u25CB ${node.label}`, w));
     }
-    if (serviceNodes.length > 5) {
-      lines.push(boxLine(`  ... and ${serviceNodes.length - 5} more`, w));
-    }
+    if (serviceNodes.length > MAX_SHOW) lines.push(boxLine(`  ... and ${serviceNodes.length - MAX_SHOW} more`, w));
   } else {
     lines.push(boxLine("  (no services discovered)", w));
   }
+  return lines;
+}
+function formatADSection(adNodes, w) {
+  if (adNodes.length === 0) return [];
+  const lines = [];
+  lines.push(boxLine(`\u{1F3F0} ACTIVE DIRECTORY (${adNodes.length})`, w));
+  for (const node of adNodes.slice(0, 5)) {
+    const typeLabel = node.type === "domain" ? "DOMAIN" : node.type === "user-account" ? "USER" : node.type === "gpo" ? "GPO" : node.type === "acl" ? "ACL" : node.type === "certificate-template" ? "CERT" : node.type.toUpperCase();
+    lines.push(boxLine(`  \u25CB [${typeLabel}] ${node.label}`, w));
+  }
+  if (adNodes.length > 5) lines.push(boxLine(`  ... and ${adNodes.length - 5} more AD objects`, w));
+  return lines;
+}
+var formatGraphWithSummary = (state, findings, flags) => {
+  const w = getBoxWidth();
+  const innerDash = w - 2;
+  const targets = state.getAllTargets();
+  const graphStats = state.attackGraph.getStats();
+  const allNodes = state.attackGraph.getAllNodes();
+  const AD_NODE_TYPES = [NODE_TYPE.DOMAIN, NODE_TYPE.USER_ACCOUNT, NODE_TYPE.GPO, NODE_TYPE.ACL, NODE_TYPE.CERTIFICATE_TEMPLATE];
+  const hostNodes = allNodes.filter((n) => n.type === NODE_TYPE.HOST);
+  const serviceNodes = allNodes.filter((n) => n.type === NODE_TYPE.SERVICE);
+  const vulnNodes = allNodes.filter((n) => n.type === NODE_TYPE.VULNERABILITY);
+  const adNodes = allNodes.filter((n) => AD_NODE_TYPES.includes(n.type));
+  const hostCount = hostNodes.length || targets.length;
+  const serviceCount = serviceNodes.length || targets.reduce((sum, t) => sum + t.ports.length, 0);
+  const vulnCount = findings.length;
+  const lines = [];
+  const topTitle = "\u2500\u2500\u2500 Attack Graph ";
+  lines.push(`\u250C${topTitle}${"\u2500".repeat(Math.max(0, innerDash - topTitle.length))}\u2510`);
+  lines.push(boxLine(`\u{1F5A5} ${hostCount}  \u26A0 ${vulnCount}  \u2699 ${serviceCount}`, w));
+  lines.push(boxLine("", w));
+  lines.push(...formatHostSection(targets, hostNodes, hostCount, w));
+  lines.push(boxLine("", w));
+  lines.push(...formatVulnSection(findings, vulnNodes, vulnCount, w));
+  lines.push(boxLine("", w));
+  lines.push(...formatServiceSection(targets, serviceNodes, serviceCount, w));
+  const adSection = formatADSection(adNodes, w);
+  if (adSection.length > 0) {
+    lines.push(boxLine("", w));
+    lines.push(...adSection);
+  }
   if (flags.length > 0) {
     lines.push(boxLine("", w));
     lines.push(boxLine(`\u{1F3F4} Captured: ${flags.length}`, w));