npm - pentesting - Versions diffs - 0.73.3 → 0.73.5 - Mend

pentesting 0.73.3 → 0.73.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md +121 -0
package/dist/{agent-tool-JEFUBDZE.js → agent-tool-6JOB2JB6.js} +3 -3
package/dist/{chunk-UB7RW6LM.js → chunk-EIPVHHPI.js} +194 -63
package/dist/chunk-I52SWXYV.js +1122 -0
package/dist/{chunk-BKWCGMSV.js → chunk-ULP6TF2X.js} +46 -11
package/dist/main.js +1635 -1005
package/dist/{persistence-2WKQHGOL.js → persistence-EFKMGPYS.js} +2 -2
package/dist/{process-registry-QIW7ZIUT.js → process-registry-BI7BKPHN.js} +1 -1
package/package.json +3 -4
package/dist/chunk-GLO6TOJN.js +0 -333

package/README.md CHANGED Viewed

@@ -120,3 +120,124 @@ we don't stop until the flag is captured.
 <br/>
 </div>
+---
+## Research References
+This section collects representative papers matched to the design themes reflected in `pentesting`.
+It is an inference-based reconstruction from topic overlap, not a verbatim personal reading log.
+### Mapping
+- Offensive security agent papers inform the autonomous pentest workflow.
+- Planner-executor and heterogeneous collaboration papers inform task decomposition and coordination.
+- Multi-agent orchestration papers inform role separation, delegation, and control topology.
+- Benchmark and evaluation papers inform capability framing and validation strategy.
+### Offensive Security Agents
+1. [PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing](https://www.usenix.org/conference/usenixsecurity24/presentation/deng)
+   USENIX Security 2024
+   Relevance: autonomous pentest loop and operator-assist workflow.
+2. [D-CIPHER: Dynamic Collaborative Intelligent Agents with Planning and Heterogeneous Execution for Enhanced Reasoning in Offensive Security](https://arxiv.org/abs/2502.10931)
+   arXiv 2025
+   Relevance: collaborative offensive agents, planning, and heterogeneous execution roles.
+3. [Towards Automated Software Security Testing: Augmenting Penetration Testing through LLMs](https://conf.researchr.org/room/ssbse-2023/fse-2023-venue-golden-gate-c1)
+   ESEC/FSE 2023
+   Relevance: LLM-augmented penetration testing as a software engineering workflow.
+4. [LLMs as Hackers: Autonomous Linux Privilege Escalation Attacks](https://arxiv.org/abs/2310.11409)
+   arXiv 2023
+   Relevance: offensive autonomy in post-exploitation and privilege escalation.
+5. [Can LLMs Hack Enterprise Networks? Autonomous Assumed Breach Penetration-Testing Active Directory Networks](https://arxiv.org/abs/2502.04227)
+   arXiv 2025
+   Relevance: enterprise network movement and AD-focused agent behavior.
+6. [LLM Agents can Autonomously Hack Websites](https://arxiv.org/abs/2402.06664)
+   arXiv 2024
+   Relevance: web exploitation agents and end-to-end task execution.
+7. [LLM Agents can Autonomously Exploit One-day Vulnerabilities](https://arxiv.org/abs/2404.08144)
+   arXiv 2024
+   Relevance: exploit execution against known-vulnerability targets.
+8. [Teams of LLM Agents can Exploit Zero-Day Vulnerabilities](https://arxiv.org/abs/2406.01637)
+   arXiv 2024
+   Relevance: multi-agent offensive workflows for harder vulnerability exploitation.
+9. [AutoPentester: An LLM Agent-based Framework for Automated Pentesting](https://arxiv.org/abs/2510.05605)
+   arXiv 2025
+   Relevance: explicit automated pentesting framework alignment.
+### Benchmarks and Cyber Evaluation
+10. [AutoPenBench: A Vulnerability Testing Benchmark for Generative Agents](https://aclanthology.org/2025.emnlp-industry.114/)
+    EMNLP Industry 2025
+    Relevance: benchmark framing for generative vulnerability-testing agents.
+11. [Training Language Model Agents to Find Vulnerabilities with CTF-Dojo](https://arxiv.org/abs/2508.18370)
+    arXiv 2025
+    Relevance: CTF-grounded vulnerability discovery and training/eval setup.
+12. [Cybench: A Framework for Evaluating Cybersecurity Capabilities and Risks of Language Models](https://arxiv.org/abs/2408.08926)
+    arXiv 2024
+    Relevance: evaluation of cybersecurity capability and misuse risk.
+13. [CyberGym: Evaluating AI Agents' Cybersecurity Capabilities with Real-World Vulnerabilities at Scale](https://arxiv.org/abs/2506.02548)
+    arXiv 2025
+    Relevance: large-scale realistic vulnerability evaluation.
+14. [CyberSecEval 2: A Wide-Ranging Cybersecurity Evaluation Suite for Large Language Models](https://arxiv.org/abs/2404.13161)
+    arXiv 2024
+    Relevance: broad cyber eval framing and safety measurement.
+15. [When LLMs Meet Cybersecurity: A Systematic Literature Review](https://arxiv.org/abs/2405.03644)
+    arXiv 2024
+    Relevance: survey grounding across offensive and defensive use cases.
+16. [Large Language Models in Cybersecurity: State-of-the-Art](https://arxiv.org/abs/2402.00891)
+    arXiv 2024
+    Relevance: landscape overview for positioning the project.
+### Multi-Agent Collaboration and Orchestration
+17. [A Survey on Large Language Model based Autonomous Agents](https://arxiv.org/abs/2308.11432)
+    arXiv 2023
+    Relevance: agent architecture baseline and terminology.
+18. [Large Language Model based Multi-Agents: A Survey of Progress and Challenges](https://arxiv.org/abs/2402.01680)
+    arXiv 2024
+    Relevance: multi-agent coordination patterns and failure modes.
+19. [AutoGen: Enabling Next-Gen LLM Applications via Multi-Agent Conversation](https://arxiv.org/abs/2308.08155)
+    arXiv 2023
+    Relevance: role-based dialogue and tool-using multi-agent orchestration.
+20. [MetaGPT: Meta Programming for A Multi-Agent Collaborative Framework](https://arxiv.org/abs/2308.00352)
+    arXiv 2023
+    Relevance: structured role decomposition and pipeline-style collaboration.
+21. [ChatDev: Communicative Agents for Software Development](https://aclanthology.org/2024.acl-long.810/)
+    ACL 2024
+    Relevance: communication protocol and software-task role separation.
+22. [CAMEL: Communicative Agents for "Mind" Exploration of Large Language Model Society](https://arxiv.org/abs/2303.17760)
+    arXiv 2023
+    Relevance: agent role prompting and cooperative interaction patterns.
+23. [AgentVerse: Facilitating Multi-Agent Collaboration and Exploring Emergent Behaviors](https://arxiv.org/abs/2308.10848)
+    arXiv 2023
+    Relevance: multi-agent environment framing and emergent collaboration.
+24. [Scaling Large-Language-Model-based Multi-Agent Collaboration](https://arxiv.org/abs/2406.07155)
+    arXiv 2024
+    Relevance: scale behavior and coordination bottlenecks.
+25. [Multi-Agent Collaboration via Evolving Orchestration](https://arxiv.org/abs/2505.19591)
+    arXiv 2025
+    Relevance: orchestration policy evolution and adaptive coordination.

package/dist/{agent-tool-JEFUBDZE.js → agent-tool-6JOB2JB6.js} RENAMED Viewed

@@ -5,7 +5,7 @@ import {
   createContextExtractor,
   getLLMClient,
   getShellSupervisorLifecycleSnapshot
-} from "./chunk-BKWCGMSV.js";
+} from "./chunk-ULP6TF2X.js";
 import {
   AGENT_ROLES,
   EVENT_TYPES,
@@ -13,14 +13,14 @@ import {
   TOOL_NAMES,
   getProcessOutput,
   listBackgroundProcesses
-} from "./chunk-UB7RW6LM.js";
+} from "./chunk-EIPVHHPI.js";
 import {
   DETECTION_PATTERNS,
   PROCESS_EVENTS,
   PROCESS_ROLES,
   getActiveProcessSummary,
   getProcessEventLog
-} from "./chunk-GLO6TOJN.js";
+} from "./chunk-I52SWXYV.js";
 // src/engine/agent-tool/completion-box.ts
 function createCompletionBox() {