pentesting 0.7.43 → 0.7.45

package/README.md

@@ -189,19 +189,27 @@ Complete
 
 ---
 
-## 🤖 Built-in Agents
-
-| Agent | Specialty |
-|-------|-----------|
-| `target-explorer` | Network reconnaissance, service enumeration |
-| `exploit-researcher` | CVE research, exploit development |
-| `privesc-master` | Linux/Windows privilege escalation |
-| `web-hacker` | OWASP Top 10, SQLi, XSS, SSRF |
-| `crypto-solver` | Hash cracking, cipher analysis |
-| `forensics-analyst` | Memory forensics, file carving |
-| `reverse-engineer` | Binary analysis, exploit development |
-| `attack-architect` | Attack strategy planning |
-| `finding-reviewer` | Vulnerability validation |
+## 🤖 AI Agents
+
+Pentesting automatically switches between specialized AI agents based on the current attack phase:
+
+| Phase | Agent | What it does |
+|-------|-------|--------------|
+| Reconnaissance | **Recon Agent** | Discovers hosts, ports, services, subdomains |
+| Web Scanning | **Web Agent** | Tests for OWASP Top 10, SQLi, XSS, SSRF |
+| Exploitation | **Exploit Agent** | Researches CVEs, selects and runs exploits |
+| Privilege Escalation | **PrivEsc Agent** | Finds SUID, sudo misconfigs, kernel exploits |
+| Data Extraction | **Crypto Agent** | Cracks hashes, analyzes encryption |
+
+### How it works
+
+1. **You set a target** → Agent starts in Recon mode
+2. **Finds web services** → Automatically switches to Web Agent
+3. **Discovers vulnerability** → Switches to Exploit Agent
+4. **Gets shell access** → Switches to PrivEsc Agent
+5. **Finds password hashes** → Crypto Agent takes over
+
+> No manual agent switching needed. The system automatically picks the best agent for each situation.
 
 ---
 
@@ -220,44 +228,15 @@ Complete
 
 > **Note**: `ANTHROPIC_API_KEY` is also accepted as fallback for `PENTEST_API_KEY`.
 
----
-
-## 💻 Programmatic Usage
-
-```typescript
-import { AutonomousHackingAgent, AGENT_EVENT } from 'pentesting';
-
-const agent = new AutonomousHackingAgent(undefined, {
-    autoApprove: false,       // Require approval for dangerous tools
-    maxIterations: 100,       // Max loop iterations
-});
-
-// Multi-target setup
-agent.addTarget('example1.com');
-agent.addTarget('example2.com');
-agent.setTarget('example1.com');
 
-// Listen for events
-agent.on(AGENT_EVENT.FINDING, (finding) => {
-    console.log(`Found: ${finding.title} (${finding.severity})`);
-});
-
-agent.on(AGENT_EVENT.TARGET_SET, (target) => {
-    console.log(`Target set: ${target}`);
-});
+---
 
-agent.on(AGENT_EVENT.TOOL_CALL, ({ name, input }) => {
-    console.log(`Tool: ${name}`);
-});
+## 💻 For Developers
 
-// Start pentesting
-await agent.runAutonomous('Get root access');
-
-// Control execution
-agent.pause();    // Pause (ESC key equivalent)
-agent.resume();   // Resume
-agent.abort();    // Complete stop
-```
+Pentesting can be used as a library in your own projects. See [Architecture Docs](./docs/architecture.md) for:
+- API Reference
+- Event System
+- Custom Agent Integration
 
 ---
 
@@ -303,63 +282,39 @@ docker pull agnusdei1207/pentesting-tools:latest
 
 ## 🔌 MCP Integration
 
-Extend with additional MCP servers:
-
-```typescript
-const agent = new AutonomousHackingAgent();
-
-// Add filesystem access
-await agent.addMCPServer('filesystem', 'npx', [
-    '-y', '@modelcontextprotocol/server-filesystem', '/'
-]);
-
-// Add custom security tools
-await agent.addMCPServer('security-tools', 'docker', [
-    'exec', '-i', 'pentesting-tools', '/bin/bash'
-]);
-```
+Pentesting supports MCP (Model Context Protocol) for extending capabilities with additional tools and servers. See [Architecture Docs](./docs/architecture.md) for integration details.
 
 ---
 
-## 🏗️ Architecture
+## 🏗️ How It Works
 
 ```
-┌─────────────────────────────────────────────────────────────────┐
-│                         TUI (app.tsx)                            │
-│  ┌──────────────┐ ┌──────────────┐ ┌──────────────────────────┐ │
-│  │ WireLogger   │ │ContextMgr   │ │ Multi-Target Handler     │ │
-│  │ (Recording)  │ │(Checkpoints)│ │ (add/list/rm/clear/all)  │ │
-│  └──────────────┘ └──────────────┘ └──────────────────────────┘ │
-│  ┌──────────────┐ ┌──────────────┐ ┌──────────────────────────┐ │
-│  │ KeyboardLstn │ │ ForceUpdate  │ │ SlashCommandRegistry     │ │
-│  │ (ESC/Ctrl+C) │ │ (UI Refresh) │ │ (Command Handling)       │ │
-│  └──────────────┘ └──────────────┘ └──────────────────────────┘ │
-└────────────────────────────┬────────────────────────────────────┘
-                             │ Events
-┌────────────────────────────▼────────────────────────────────────┐
-│              AutonomousHackingAgent (Core Engine)                │
-│  ┌──────────────┐ ┌──────────────┐ ┌──────────────┐             │
-│  │ HookExecutor │ │ MCPManager   │ │ApprovalMgr   │             │
-│  │ (Lifecycle)  │ │ (Extensions) │ │(Tool Safety) │             │
-│  └──────────────┘ └──────────────┘ └──────────────┘             │
-│  ┌──────────────┐ ┌──────────────┐ ┌──────────────┐             │
-│  │ TargetMgr    │ │ PauseMgr     │ │ContextMgr    │             │
-│  │ (Multi-Tgt)  │ │ (ESC/Abort)  │ │ (Compaction) │             │
-│  └──────────────┘ └──────────────┘ └──────────────┘             │
-│                                                                  │
-│  ┌────────────────────────────────────────────────────────────┐ │
-│  │            9 Built-in Specialized Agents                   │ │
-│  │  target-explorer • exploit-researcher • privesc-master     │ │
-│  │  web-hacker • crypto-solver • forensics-analyst            │ │
-│  │  reverse-engineer • attack-architect • finding-reviewer    │ │
-│  └────────────────────────────────────────────────────────────┘ │
-└────────────────────────────┬────────────────────────────────────┘
-                             │
-          ┌──────────────────┼──────────────────┐
-     ┌────▼────┐       ┌────▼────┐       ┌────▼────┐
-     │  Tool   │       │  Bash   │       │   MCP   │
-     │Executor │       │Commands │       │ Servers │
-     └─────────┘       └─────────┘       └─────────┘
+┌──────────────────────────────────────────────┐
+│              Your Terminal                    │
+│  ┌────────────────────────────────────────┐  │
+│  │  pentesting CLI (Interactive TUI)      │  │
+│  │  - Target management                   │  │
+│  │  - Session recording                   │  │
+│  │  - Real-time output                   │  │
+│  └────────────────────────────────────────┘  │
+└─────────────────────┬────────────────────────┘
+                      ▼
+┌──────────────────────────────────────────────┐
+│              AI Agent Core                    │
+│  ┌────────────────────────────────────────┐  │
+│  │  5 Specialized Agents (auto-switching) │  │
+│  │  Recon → Web → Exploit → PrivEsc → Crypto│
+│  └────────────────────────────────────────┘  │
+└─────────────────────┬────────────────────────┘
+                      ▼
+┌──────────────────────────────────────────────┐
+│              Tool Execution                   │
+│  ┌──────────┐  ┌──────────┐  ┌──────────┐   │
+│  │  Docker  │  │  Local   │  │   MCP    │   │
+│  │  (50+    │  │  Tools   │  │  Servers │   │
+│  │  tools)  │  │          │  │          │   │
+│  └──────────┘  └──────────┘  └──────────┘   │
+└──────────────────────────────────────────────┘
 ```
 
 ---
@@ -381,7 +336,6 @@ npm run build
 npm run dev
 ```
 
-## 📄 License
 ## Documentation
 
 - [Architecture](./docs/ARCHITECTURE.md) - System design and components
@@ -389,6 +343,6 @@ npm run dev
 
 ---
 
-## �📄 License
+## 📄 License
 
 MIT

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.7.43",
+  "version": "0.7.45",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/index.js",