npm - pentesting - Versions diffs - 0.7.32 → 0.7.33 - Mend

pentesting 0.7.32 → 0.7.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +53 -18
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -35,26 +35,61 @@ pentesting
 ---
-## ✨ Features
+## 🧠 Philosophy: Think Like a Hacker
+**Pentesting is not a brute-force tool.** It's an intelligent agent that thinks strategically.
+### Strategic Decision Framework
+Every action is evaluated using:
+```
+Value = (Probability × CVSS Impact) / Time Cost
+```
+The agent only executes actions with **confidence >50%**. Below that, it finds a better approach.
+### Self-Reflection Before Every Action
+Before running any tool, the agent asks:
+- "What exactly am I trying to learn?"
+- "Is this the FASTEST way to get that information?"
+- "Have I already tried this? What happened?"
+- "Is there a simpler approach?"
+### Mandatory Fallback Strategy
+When a tool fails, the agent immediately tries alternatives:
+| Task | Primary | Fallback 1 | Fallback 2 |
+|------|---------|------------|------------|
+| Subdomain | subfinder | ffuf | amass |
+| Directory | gobuster | ffuf | dirsearch |
+| Port Scan | rustscan | nmap | masscan |
+---
+## 🔥 Why Pentesting?
+| Feature | Traditional Tools | Pentesting Agent |
+|---------|-------------------|------------------|
+| Decision Making | Manual | AI-driven with confidence scoring |
+| Tool Selection | You choose | Auto-selects based on context |
+| Failure Handling | You retry | Auto-fallback to alternatives |
+| Attack Planning | Manual prioritization | CVSS-based priority matrix |
+| Context Awareness | None | Remembers all findings |
+| Reporting | Manual | Auto-generated findings |
+---
+## ✨ Core Capabilities
-### Core Capabilities
-- **Intelligent Agent**: Self-reflection and decision framework (inspired by Claude Code)
-- **Confidence Scoring**: Only acts on actions with >50% success probability
 - **10-Phase Attack Workflow**: Recon → Scan → Enum → Vuln Analysis → Exploitation → PrivEsc → Pivot → Persist → Exfil → Report
-- **Auto Docker Management**: Automatically pulls and starts `pentesting-tools` container
-- **Multi-Target Attack**: Register multiple targets and attack them sequentially
-- **Real-time Feedback**: See thinking process, tool calls, and results live
-- **ESC Interrupt**: Stop execution anytime with ESC key
-- **Rainbow Spinner**: Visual feedback with cycling colors
-### v0.7.16 New Features
-- **Self-Reflection**: Agent asks "Is this the fastest way?" before every action
-- **Decision Framework**: Value = (Probability × Impact) / Time Cost
-- **Concrete Tool Commands**: Exact ffuf, nmap, hydra syntax with wordlist paths
-- **Auto Docker**: Container starts automatically when tools are missing
-- **Thinking Display**: See `[thinking]` and `[reasoning]` messages
-- **Token Label**: Status bar shows `3k tok` instead of just `3k`
-- **Approval Fix**: "Approve always" now works correctly (no repeat prompts)
+- **Auto Docker Management**: Pulls and starts tool container automatically
+- **Multi-Target Attack**: Attack multiple targets sequentially
+- **Real-time Feedback**: See thinking process, tool calls, results live
+- **Session Persistence**: Save/resume attack sessions
+- **Context Compaction**: Automatic history summarization
 ---

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.7.32",
+  "version": "0.7.33",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/index.js",