npm - pentesting - Versions diffs - 0.72.10 → 0.73.1 - Mend

pentesting 0.72.10 → 0.73.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/README.md +31 -4
package/dist/agent-tool-COMG67ES.js +256 -0
package/dist/chunk-EUWDAGHZ.js +11710 -0
package/dist/{chunk-GHJPYI4S.js → chunk-YFDJI3GO.js} +11 -1
package/dist/{chunk-SLDFXMHL.js → chunk-ZQAVMACI.js} +882 -139
package/dist/main.js +1206 -13248
package/dist/{persistence-7FTYXIZY.js → persistence-SNUMO4WG.js} +2 -2
package/dist/{process-registry-CCAQVJ4Y.js → process-registry-GSHEX2LT.js} +3 -1
package/dist/prompts/base.md +1 -0
package/dist/prompts/llm/analyst-system.md +7 -0
package/dist/prompts/{orchestrator.md → main-agent.md} +31 -1
package/dist/prompts/strategist-system.md +27 -0
package/package.json +7 -3

package/README.md CHANGED Viewed

@@ -1,12 +1,12 @@
 <div align="center">
-<img src="https://api.iconify.design/game-icons:fizzing-flask.svg?color=%232496ED" width="80" height="80" alt="Pentesting Agent" />
+<img src="https://api.iconify.design/game-icons:fizzing-flask.svg?color=%23E63946" width="80" height="80" alt="Pentesting Agent" />
 # pentesting
 > **Autonomous Offensive Security AI Agent**
 [![npm](https://img.shields.io/badge/npm-pentesting-red)](https://www.npmjs.org/package/pentesting)
-[![docker](https://img.shields.io/badge/docker-pentesting-blue)](https://hub.docker.com/r/agnusdei1207/pentesting)
+[![docker](https://img.shields.io/badge/docker-pentesting-red)](https://hub.docker.com/r/agnusdei1207/pentesting)
 </div>
@@ -57,6 +57,8 @@ docker run -it --rm \
   agnusdei1207/pentesting
 ```
+Enable container Tor mode by adding `-e PENTEST_TOR=true` to the same `docker run` command.
 ### External Search API (Optional)
 For providers other than z.ai, or to use a dedicated search backend.
@@ -76,10 +78,35 @@ docker run -it --rm \
 | Variable | Required | Description |
 |----------|----------|-------------|
 | `PENTEST_API_KEY` | ✅ | LLM API key |
-| `PENTEST_BASE_URL` | ✅ | API endpoint (web search auto-enabled when URL contains `z.ai`) |
-| `PENTEST_MODEL` | ✅ | Model name (e.g. `glm-4.7`) |
+| `PENTEST_BASE_URL` | ❌ | Custom API endpoint (web search auto-enabled when URL contains `z.ai`) |
+| `PENTEST_MODEL` | ❌ | Model override (defaults depend on provider/runtime; examples use `glm-4.7`) |
 | `SEARCH_API_KEY` | ❌ | External search API key (not needed with z.ai) |
 | `SEARCH_API_URL` | ❌ | External search API URL (not needed with z.ai) |
+| `PENTEST_SCOPE_MODE` | ❌ | Scope mode override: `advisory` or `enforce` |
+| `PENTEST_APPROVAL_MODE` | ❌ | Approval mode override: `advisory` or `require_auto_approve` |
+| `PENTEST_TOR` | ❌ | Container-only Tor mode. When `true`, the Docker entrypoint starts Tor and launches the agent through `proxychains4` |
+Safety defaults:
+- Containerized runtime defaults to `PENTEST_SCOPE_MODE=advisory` and `PENTEST_APPROVAL_MODE=advisory`.
+- Non-container runtime defaults to `PENTEST_SCOPE_MODE=enforce` and `PENTEST_APPROVAL_MODE=require_auto_approve`.
+- Explicit env vars override those defaults.
+Tor notes:
+- Tor is supported only in the containerized runtime.
+- There is no in-app `/tor` toggle. Enable it at container startup with `-e PENTEST_TOR=true`.
+- Non-container runs ignore `PENTEST_TOR`, so local host execution stays on direct networking.
+### Developer Verification
+```bash
+npm run verify
+npm run verify:docker
+```
+- `npm run check` runs the full non-destructive verification flow.
+- `npm run check:clean` additionally performs `docker system prune -af --volumes` before the full check.
 ---

package/dist/agent-tool-COMG67ES.js ADDED Viewed

@@ -0,0 +1,256 @@
+import {
+  CategorizedToolRegistry,
+  CoreAgent,
+  createContextExtractor,
+  getLLMClient
+} from "./chunk-EUWDAGHZ.js";
+import {
+  AGENT_ROLES,
+  EVENT_TYPES,
+  LLM_ROLES,
+  TOOL_NAMES
+} from "./chunk-ZQAVMACI.js";
+import {
+  getActiveProcessSummary
+} from "./chunk-YFDJI3GO.js";
+// src/engine/agent-tool/completion-box.ts
+function createCompletionBox() {
+  return { done: false, result: null };
+}
+// src/engine/agent-tool/task-complete.ts
+function createTaskCompleteTool(completion) {
+  return {
+    name: TOOL_NAMES.TASK_COMPLETE,
+    description: `Signal task completion. Call this when the delegated task is done.
+Include all findings and loot discovered during the task.
+Use status: 'success' if goal achieved, 'partial' if partially done, 'failed' if blocked.`,
+    parameters: {
+      status: {
+        type: "string",
+        enum: ["success", "partial", "failed"],
+        description: "Task completion status"
+      },
+      summary: {
+        type: "string",
+        description: "What was accomplished (or why it failed)"
+      },
+      tried: {
+        type: "array",
+        items: { type: "string" },
+        description: "Approaches attempted during the task"
+      },
+      findings: {
+        type: "array",
+        items: { type: "string" },
+        description: "Security findings discovered (summary for main loop)"
+      },
+      loot: {
+        type: "array",
+        items: { type: "string" },
+        description: "Credentials, flags, or sensitive data obtained"
+      },
+      sessions: {
+        type: "array",
+        items: { type: "string" },
+        description: "Active session IDs established during the task"
+      },
+      suggested_next: {
+        type: "string",
+        description: "Recommended next action for the main agent"
+      }
+    },
+    required: ["status", "summary"],
+    execute: async (params) => {
+      const result = {
+        status: params["status"] ?? "partial",
+        summary: params["summary"] ?? "",
+        tried: params["tried"] ?? [],
+        findings: params["findings"] ?? [],
+        loot: params["loot"] ?? [],
+        sessions: params["sessions"] ?? [],
+        suggestedNext: params["suggested_next"] ?? ""
+      };
+      completion.done = true;
+      completion.result = result;
+      return {
+        success: true,
+        output: [
+          "[TASK_COMPLETE]",
+          `[Status] ${result.status}`,
+          `[Summary] ${result.summary}`
+        ].join("\n")
+      };
+    }
+  };
+}
+// src/engine/agent-tool/agent-registry.ts
+var AgentRegistry = class extends CategorizedToolRegistry {
+  constructor(state, scopeGuard, approvalGate, events, completion) {
+    super(state, scopeGuard, approvalGate, events);
+    const taskCompleteTool = createTaskCompleteTool(completion);
+    this.tools.set(taskCompleteTool.name, taskCompleteTool);
+  }
+  initializeRegistry() {
+    super.initializeRegistry();
+    this.tools.delete(TOOL_NAMES.RUN_TASK);
+    this.tools.delete(TOOL_NAMES.ASK_USER);
+  }
+};
+// src/engine/agent-tool/agent-runner.ts
+var MAX_AGENT_TOOL_ITERATIONS = 30;
+var COMPRESS_EVERY_N_STEPS = 5;
+var MAX_COMPRESS_FAILURES = 3;
+var AgentRunner = class extends CoreAgent {
+  completion;
+  contextExtractor;
+  stepCount = 0;
+  consecutiveCompressFailures = 0;
+  constructor(state, events, registry, completion) {
+    super(AGENT_ROLES.AGENT_TOOL, state, events, registry, MAX_AGENT_TOOL_ITERATIONS);
+    this.completion = completion;
+    this.contextExtractor = createContextExtractor(getLLMClient());
+  }
+  /**
+   * CoreAgent.step() 오버라이드
+   *
+   * 추가 동작 (super.step() 이후):
+   *   1. completion.done 확인 → task_complete 호출됐으면 즉시 완료 신호
+   *   2. COMPRESS_EVERY_N_STEPS마다 ContextExtractor 호출
+   */
+  async step(iteration, messages, systemPrompt, progress) {
+    const result = await super.step(iteration, messages, systemPrompt, progress);
+    if (this.completion.done) {
+      return {
+        output: JSON.stringify(this.completion.result),
+        toolsExecuted: result.toolsExecuted,
+        isCompleted: true
+      };
+    }
+    this.stepCount++;
+    if (this.stepCount % COMPRESS_EVERY_N_STEPS === 0) {
+      await this.compressContext(messages);
+    }
+    return result;
+  }
+  /**
+   * ContextExtractor를 사용해 messages[]를 1개 session-context로 압축.
+   *
+   * WHY: 실패 시 무시 (try/catch). CoreAgent의 trimMessagesIfNeeded(50)이
+   * 최후 안전망이므로 압축 실패가 치명적이지 않다.
+   * WHY (failure tracking): 연속 실패가 MAX_COMPRESS_FAILURES 초과 시 경고 emit.
+   * sub-agent가 초기 task를 잃어버릴 위험을 TUI에 노출해 사용자가 인지할 수 있게 한다.
+   */
+  async compressContext(messages) {
+    try {
+      const result = await this.contextExtractor.execute({ messages });
+      if (result.success && result.extractedContext) {
+        messages.length = 0;
+        messages.push({
+          role: LLM_ROLES.USER,
+          content: `<session-context>
+${result.extractedContext}
+</session-context>`
+        });
+        this.consecutiveCompressFailures = 0;
+      }
+    } catch {
+      this.consecutiveCompressFailures++;
+      if (this.consecutiveCompressFailures === MAX_COMPRESS_FAILURES) {
+        this.events.emit({
+          type: EVENT_TYPES.NOTIFICATION,
+          timestamp: Date.now(),
+          data: {
+            title: "Sub-Agent Context Warning",
+            message: `Context compression failed ${this.consecutiveCompressFailures}x in a row. Sub-agent may lose task direction. Consider reducing task scope.`,
+            level: "warning"
+          }
+        });
+      }
+    }
+  }
+};
+// src/engine/agent-tool/agent-prompt.ts
+function buildAgentPrompt(input) {
+  const parts = [
+    "You are an autonomous execution agent. Complete the delegated task using available tools.",
+    "",
+    `## Task
+${input.task}`
+  ];
+  if (input.target) {
+    parts.push(`
+## Target
+${input.target}`);
+  }
+  if (input.context) {
+    parts.push(`
+## Context
+${input.context}`);
+  }
+  const activeProcesses = getActiveProcessSummary();
+  if (activeProcesses) {
+    parts.push(`
+## Active Background Processes
+${activeProcesses}`);
+  }
+  parts.push(`
+## Rules
+- Do NOT call ask_user. You are autonomous. Make your best judgment.
+- Call task_complete when the task is done (status: success, partial, or failed).
+- Record findings with add_finding, loot with add_loot as you discover them.
+- If you hit 3 consecutive failures on the same approach, switch vectors or declare failed.
+- Be decisive \u2014 do not loop indefinitely on the same approach.`);
+  return parts.join("\n");
+}
+// src/engine/agent-tool/agent-tool.ts
+var TIMEOUT_RESULT = {
+  status: "failed",
+  summary: `Agent-tool timed out: max ${MAX_AGENT_TOOL_ITERATIONS} iterations reached without task_complete.`,
+  tried: [],
+  findings: [],
+  loot: [],
+  sessions: [],
+  suggestedNext: "Break the task into smaller sub-tasks and retry."
+};
+var AgentTool = class {
+  constructor(state, events, scopeGuard, approvalGate) {
+    this.state = state;
+    this.events = events;
+    this.scopeGuard = scopeGuard;
+    this.approvalGate = approvalGate;
+  }
+  async execute(input) {
+    const completion = createCompletionBox();
+    const registry = new AgentRegistry(
+      this.state,
+      this.scopeGuard,
+      this.approvalGate,
+      this.events,
+      completion
+    );
+    const runner = new AgentRunner(
+      this.state,
+      this.events,
+      registry,
+      completion
+    );
+    const prompt = buildAgentPrompt(input);
+    const loopResult = await runner.run(input.task, prompt);
+    if (completion.done && completion.result) {
+      return completion.result;
+    }
+    return {
+      ...TIMEOUT_RESULT,
+      tried: [`Reached ${loopResult.iterations} iterations without calling task_complete`]
+    };
+  }
+};
+export {
+  AgentTool
+};