pentesting 0.6.1 → 0.7.0

package/dist/{auto-update-23RX6SWZ.js → auto-update-NF5LOTTR.js}

@@ -8,8 +8,8 @@ import {
   readVersionCache,
   semverTuple,
   writeVersionCache
-} from "./chunk-6MCOPWPF.js";
-import "./chunk-6RVVWSNN.js";
+} from "./chunk-NHTHJVRJ.js";
+import "./chunk-FWXRDTSB.js";
 import "./chunk-3RG5ZIWI.js";
 export {
   checkForUpdate,

package/dist/{chunk-6RVVWSNN.js → chunk-FWXRDTSB.js}

@@ -109,6 +109,17 @@ var TOOL_NAME = {
   SUBFINDER: "subfinder",
   AMASS: "amass",
   DNSENUM: "dnsenum",
+  ZONE_TRANSFER: "zone_transfer",
+  // Service Enumeration
+  SNMP_WALK: "snmp_walk",
+  SNMP_CHECK: "snmp_check",
+  ONESIXTYONE: "onesixtyone",
+  FTP_ENUM: "ftp_enum",
+  FTP_ANON: "ftp_anon",
+  NBTSCAN: "nbtscan",
+  RPC_INFO: "rpc_info",
+  SHOWMOUNT: "showmount",
+  TELNET: "telnet",
   // Web Recon & Tech Identification
   WHATWEB: "whatweb",
   HTTPX: "httpx",
@@ -147,6 +158,7 @@ var TOOL_NAME = {
   BRUTEFORCE_LOGIN: "bruteforce_login",
   CRACK_HASH: "crack_hash",
   DUMP_CREDENTIALS: "dump_credentials",
+  HYDRA: "hydra",
   // Privilege Escalation
   CHECK_SUDO: "check_sudo",
   FIND_SUID: "find_suid",

package/dist/{chunk-6MCOPWPF.js → chunk-NHTHJVRJ.js}

@@ -1,7 +1,7 @@
 import {
   APP_NAME,
   APP_VERSION
-} from "./chunk-6RVVWSNN.js";
+} from "./chunk-FWXRDTSB.js";
 
 // src/core/update/auto-update.ts
 import { execSync } from "child_process";

package/dist/index.js

@@ -15,7 +15,7 @@ import {
   PHASE_STATUS,
   THOUGHT_TYPE,
   TOOL_NAME
-} from "./chunk-6RVVWSNN.js";
+} from "./chunk-FWXRDTSB.js";
 import {
   __require
 } from "./chunk-3RG5ZIWI.js";
@@ -365,6 +365,225 @@ Use for:
     }
   }
 ];
+var SERVICE_TOOLS = [
+  {
+    name: TOOL_NAME.ZONE_TRANSFER,
+    description: `DNS Zone Transfer (AXFR) - Extract all DNS records from a nameserver.
+
+PORT: 53/TCP
+
+USAGE:
+- dig axfr @ns.target.com target.com
+- host -l target.com ns.target.com
+- dnsrecon -d target.com -t axfr
+
+REVEALS: All subdomains, A records, MX, NS, TXT records`,
+    input_schema: {
+      type: "object",
+      properties: {
+        domain: { type: "string", description: "Target domain" },
+        nameserver: { type: "string", description: "Nameserver to query" }
+      },
+      required: ["domain", "nameserver"]
+    }
+  },
+  {
+    name: TOOL_NAME.SNMP_WALK,
+    description: `SNMP enumeration - Walk through SNMP MIB tree.
+
+PORT: 161/UDP
+
+COMMON COMMUNITY STRINGS: public, private, manager, cisco
+
+USAGE:
+- snmpwalk -v1 -c public target
+- snmpwalk -v2c -c public target
+- snmpbulkwalk -v2c -c public target
+
+EXTRACTS: Users, Processes, Network config, Installed software, ARP table`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        community: { type: "string", description: "Community string (default: public)" },
+        version: { type: "string", enum: ["1", "2c", "3"], description: "SNMP version" },
+        oid: { type: "string", description: "OID to walk (default: all)" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.SNMP_CHECK,
+    description: `snmp-check - Enumerate SNMP devices for information.
+
+Extracts: System info, User accounts, Network info, Routing, TCP/UDP connections`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        community: { type: "string", description: "Community string" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.ONESIXTYONE,
+    description: `onesixtyone - Fast SNMP community string bruteforcer.
+
+PORT: 161/UDP
+
+USAGE: onesixtyone -c community_list.txt target`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP/range" },
+        wordlist: { type: "string", description: "Community strings wordlist" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.FTP_ENUM,
+    description: `FTP enumeration and testing.
+
+PORT: 21/TCP
+
+CHECKS:
+- Version detection (nmap -sV -p21)
+- Anonymous login
+- User enumeration
+- Known vulnerabilities`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        username: { type: "string", description: "Username to test" },
+        password: { type: "string", description: "Password to test" },
+        check_anon: { type: "boolean", description: "Check anonymous login" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.FTP_ANON,
+    description: `Test FTP anonymous login and list files.
+
+USAGE: ftp -n target << EOF
+user anonymous anonymous@
+ls -la
+bye
+EOF`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        download: { type: "string", description: "File to download" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.NBTSCAN,
+    description: `NetBIOS enumeration - Scan for NetBIOS name information.
+
+PORTS: 137-139/TCP,UDP
+
+EXTRACTS: Computer names, Workgroup/Domain, MAC addresses, Logged-in users
+
+USAGE: nbtscan -r target/24`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP/range" },
+        verbose: { type: "boolean", description: "Verbose output" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.RPC_INFO,
+    description: `RPC enumeration - Query RPC services.
+
+PORT: 111/TCP,UDP (portmapper), 135/TCP (Windows)
+
+USAGE:
+- rpcinfo -p target
+- rpcdump.py target
+
+REVEALS: Available RPC services and their ports`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.SHOWMOUNT,
+    description: `NFS enumeration - Show NFS exports.
+
+PORT: 2049/TCP,UDP (NFS), 111 (portmapper)
+
+USAGE: showmount -e target
+
+MOUNT: mount -t nfs target:/share /mnt/nfs`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        all: { type: "boolean", description: "Show all info (-a)" }
+      },
+      required: ["target"]
+    }
+  },
+  {
+    name: TOOL_NAME.TELNET,
+    description: `Telnet connection - Banner grab and service interaction.
+
+USAGE for banner grab: echo "quit" | timeout 5 telnet target port`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP" },
+        port: { type: "number", description: "Port number" }
+      },
+      required: ["target", "port"]
+    }
+  },
+  {
+    name: TOOL_NAME.HYDRA,
+    description: `Hydra - Fast network logon cracker.
+
+PROTOCOLS: ssh, ftp, telnet, http-get, http-post, smb, rdp, mysql, mssql, vnc, etc.
+
+USAGE:
+- hydra -l user -P wordlist.txt target ssh
+- hydra -L users.txt -p password target ftp
+- hydra -l admin -P rockyou.txt target http-post-form "/login:user=^USER^&pass=^PASS^:F=failed"
+
+OPTIONS:
+- -t 4: Number of parallel tasks
+- -V: Verbose
+- -f: Exit after first found
+- -s PORT: Specify port`,
+    input_schema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Target IP/hostname" },
+        protocol: { type: "string", description: "Protocol (ssh, ftp, http-post-form, etc.)" },
+        username: { type: "string", description: "Username or -L for file" },
+        password: { type: "string", description: "Password or -P for wordlist" },
+        userlist: { type: "string", description: "Username wordlist file" },
+        passlist: { type: "string", description: "Password wordlist file" },
+        port: { type: "number", description: "Target port" },
+        threads: { type: "number", description: "Parallel tasks (default: 16)" },
+        extra: { type: "string", description: "Extra options (e.g., http form data)" }
+      },
+      required: ["target", "protocol"]
+    }
+  }
+];
 var WINDOWS_TOOLS = [
   {
     name: TOOL_NAME.NETCAT,
@@ -1061,6 +1280,7 @@ var REPORT_TOOLS = [
 var ALL_TOOLS = [
   ...SYSTEM_TOOLS,
   ...NETWORK_TOOLS,
+  ...SERVICE_TOOLS,
   ...WINDOWS_TOOLS,
   ...WEB_TOOLS,
   ...EXPLOIT_TOOLS,
@@ -1282,6 +1502,40 @@ async function executeToolCall(toolName, input) {
       case "reverse_shell":
         result = await executeReverseShell(input);
         break;
+      // Service Enumeration Tools
+      case "zone_transfer":
+        result = await executeZoneTransfer(input);
+        break;
+      case "snmp_walk":
+        result = await executeSnmpWalk(input);
+        break;
+      case "snmp_check":
+        result = await executeSnmpCheck(input);
+        break;
+      case "onesixtyone":
+        result = await executeOnesixtyone(input);
+        break;
+      case "ftp_enum":
+        result = await executeFtpEnum(input);
+        break;
+      case "ftp_anon":
+        result = await executeFtpAnon(input);
+        break;
+      case "nbtscan":
+        result = await executeNbtscan(input);
+        break;
+      case "rpc_info":
+        result = await executeRpcInfo(input);
+        break;
+      case "showmount":
+        result = await executeShowmount(input);
+        break;
+      case "telnet":
+        result = await executeTelnet(input);
+        break;
+      case "hydra":
+        result = await executeHydra(input);
+        break;
       // report
       case "report_finding":
         result = await reportFinding(input);
@@ -1933,6 +2187,98 @@ Listener: nc -lvnp ${lport}`,
     duration: 0
   };
 }
+async function executeZoneTransfer(input) {
+  const { domain, nameserver } = input;
+  return executeBash(`dig axfr @${nameserver} ${domain}`, { timeout: 6e4 });
+}
+async function executeSnmpWalk(input) {
+  const { target, community = "public", version = "2c", oid } = input;
+  let cmd = `snmpwalk -v${version} -c "${community}" ${target}`;
+  if (oid) cmd += ` ${oid}`;
+  return executeBash(cmd, { timeout: 12e4 });
+}
+async function executeSnmpCheck(input) {
+  const { target, community = "public" } = input;
+  return executeBash(`snmp-check -c "${community}" ${target}`, { timeout: 12e4 });
+}
+async function executeOnesixtyone(input) {
+  const { target, wordlist } = input;
+  const wl = wordlist || "/usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt";
+  return executeBash(`onesixtyone -c "${wl}" ${target}`, { timeout: 12e4 });
+}
+async function executeFtpEnum(input) {
+  const { target, username, password, check_anon } = input;
+  const commands = [];
+  commands.push(`nmap -sV -p21 --script=ftp-anon,ftp-bounce,ftp-syst ${target}`);
+  if (check_anon) {
+    commands.push(`echo -e "open ${target}\\nuser anonymous anonymous@\\nls\\nbye" | ftp -n 2>/dev/null || echo "Anonymous login failed"`);
+  }
+  if (username && password) {
+    commands.push(`echo -e "open ${target}\\nuser ${username} ${password}\\nls\\nbye" | ftp -n 2>/dev/null`);
+  }
+  return executeBash(commands.join(' && echo "---" && '), { timeout: 6e4 });
+}
+async function executeFtpAnon(input) {
+  const { target, download } = input;
+  let cmd = `ftp -n ${target} << 'EOF'
+user anonymous anonymous@
+binary
+ls -la
+`;
+  if (download) {
+    cmd += `get ${download}
+`;
+  }
+  cmd += `bye
+EOF`;
+  return executeBash(cmd, { timeout: 6e4 });
+}
+async function executeNbtscan(input) {
+  const { target, verbose } = input;
+  let cmd = "nbtscan";
+  if (verbose) cmd += " -v";
+  cmd += ` -r ${target}`;
+  return executeBash(cmd, { timeout: 6e4 });
+}
+async function executeRpcInfo(input) {
+  const { target } = input;
+  return executeBash(`rpcinfo -p ${target}`, { timeout: 3e4 });
+}
+async function executeShowmount(input) {
+  const { target, all } = input;
+  let cmd = "showmount";
+  if (all) {
+    cmd += " -a";
+  } else {
+    cmd += " -e";
+  }
+  cmd += ` ${target}`;
+  return executeBash(cmd, { timeout: 3e4 });
+}
+async function executeTelnet(input) {
+  const { target, port } = input;
+  return executeBash(`echo "quit" | timeout 10 telnet ${target} ${port} 2>&1 || true`, { timeout: 15e3 });
+}
+async function executeHydra(input) {
+  const { target, protocol, username, password, userlist, passlist, port, threads = 16, extra } = input;
+  let cmd = "hydra";
+  if (threads) cmd += ` -t ${threads}`;
+  if (port) cmd += ` -s ${port}`;
+  if (userlist) {
+    cmd += ` -L "${userlist}"`;
+  } else if (username) {
+    cmd += ` -l "${username}"`;
+  }
+  if (passlist) {
+    cmd += ` -P "${passlist}"`;
+  } else if (password) {
+    cmd += ` -p "${password}"`;
+  }
+  cmd += ` ${target} ${protocol}`;
+  if (extra) cmd += ` "${extra}"`;
+  cmd += " -V -f";
+  return executeBash(cmd, { timeout: 6e5 });
+}
 
 // src/core/hooks/hook-executor.ts
 import { spawn as spawn2 } from "child_process";
@@ -2313,6 +2659,7 @@ var LOW_RISK_TOOLS = [
   "nslookup",
   "whois",
   "dnsenum",
+  "zone_transfer",
   "curl",
   "wget",
   "httpx",
@@ -2336,6 +2683,14 @@ var LOW_RISK_TOOLS = [
   "nc",
   "telnet",
   "ftp",
+  "ftp_enum",
+  "ftp_anon",
+  "snmp_walk",
+  "snmp_check",
+  "onesixtyone",
+  "nbtscan",
+  "rpc_info",
+  "showmount",
   "read_file",
   "list_directory",
   "cat",
@@ -6052,7 +6407,7 @@ var App = ({ autoApprove = false, target }) => {
         setCheckpointCount(contextManagerRef.current?.getCheckpoints().length || 0);
       }
     });
-    import("./auto-update-23RX6SWZ.js").then(({ checkForUpdateAsync, formatUpdateNotification }) => {
+    import("./auto-update-NF5LOTTR.js").then(({ checkForUpdateAsync, formatUpdateNotification }) => {
       checkForUpdateAsync().then((result) => {
         if (result.hasUpdate) {
           const notification = formatUpdateNotification(result);
@@ -6646,7 +7001,7 @@ ${list}`);
           return;
         case "update":
           try {
-            const { checkForUpdate, formatUpdateNotification, doUpdate } = await import("./update-6I3E5PSP.js");
+            const { checkForUpdate, formatUpdateNotification, doUpdate } = await import("./update-WBBD5QMK.js");
             const result = checkForUpdate(true);
             if (result.hasUpdate) {
               const notification = formatUpdateNotification(result);

package/dist/{update-6I3E5PSP.js → update-WBBD5QMK.js}

@@ -8,8 +8,8 @@ import {
   readVersionCache,
   semverTuple,
   writeVersionCache
-} from "./chunk-6MCOPWPF.js";
-import "./chunk-6RVVWSNN.js";
+} from "./chunk-NHTHJVRJ.js";
+import "./chunk-FWXRDTSB.js";
 import "./chunk-3RG5ZIWI.js";
 export {
   checkForUpdate,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.6.1",
+  "version": "0.7.0",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/index.js",