swarmhack-cli 0.2.1 → 1.4.0

package/README.md

@@ -2,13 +2,18 @@
 
 Neural swarm-based penetration testing framework.
 
-## What's New in v0.2.0
-
-- **Runtime Modes**: Choose between `local` (direct execution) or `docker` (containerized) mode
-- **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with optimized JSON structure
-- **Prancer Portal Integration**: Secure authentication with Prancer Portal
-- **Bundled Configuration**: Default config file included - no manual setup required
-- **Multi-Platform Support**: Linux, macOS, and Windows binaries
+## What's New in v1.3.0
+
+- **17 Exploit Agents**: SQLi, XSS, CMDI, CSRF, IDOR, AuthBypass, SSRF, LFI, SSTI, OpenRedirect, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling + WebCrawler
+- **Recursive Swarm (ADR-004)**: Generation-based re-scanning with 6 trigger types — automatically re-scans with discovered credentials
+- **Pre-flight Authentication**: 5 auth methods (FormBased, JWT, Cookie, JSON, Custom) via `--auth config.json`
+- **Self-Learning Intelligence (ADR-005)**: SONA-backed payload learning, adaptive WAF evasion, rate limiting optimization
+- **Semantic Deduplication**: Two-level dedup (canonical key + HNSW vector similarity) catches near-duplicate findings
+- **Crown Jewel ML Matching**: Learns new crown jewel patterns beyond the 18 built-in regexes
+- **Real HNSW Index**: Replaced HashMap stub with actual approximate nearest neighbor search
+- **Checkpoint-on-Detection**: All 17 agents preserve findings before deep exploitation — no data loss on timeout
+- **UTF-8 Safety**: Fixed byte-slicing panics across 20 files (28 sites)
+- **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with generation lineage tracking
 
 ## Installation
 
@@ -157,17 +162,27 @@ docker run --rm \
   --customer "your-customer" --token "your-token"
 ```
 
-## Available Agents
-
-| Agent | Description |
-|-------|-------------|
-| `crawler` | Web crawling and discovery |
-| `sqli` | SQL injection detection |
-| `xss` | Cross-site scripting |
-| `csrf` | CSRF vulnerabilities |
-| `idor` | Insecure direct object reference |
-| `auth_bypass` | Authentication bypass |
-| `cmdi` | Command injection |
+## Available Agents (17)
+
+| Agent | CWE | Description |
+|-------|-----|-------------|
+| `crawler` | — | Web crawling, form discovery, WAF detection |
+| `sqli` | CWE-89 | SQL injection (UNION, boolean, error, time-based) |
+| `xss` | CWE-79 | Cross-site scripting (reflected, stored, DOM, blind) |
+| `cmdi` | CWE-78 | Command injection with marker-based detection |
+| `csrf` | CWE-352 | Cross-site request forgery |
+| `idor` | CWE-639 | Insecure direct object reference |
+| `auth_bypass` | CWE-287 | Authentication bypass |
+| `ssrf` | CWE-918 | Server-side request forgery (IMDS probes) |
+| `lfi` | CWE-22 | Local file inclusion / path traversal |
+| `ssti` | CWE-1336 | Server-side template injection |
+| `open_redirect` | CWE-601 | Open redirect |
+| `cors` | CWE-942 | CORS misconfiguration |
+| `jwt` | CWE-345 | JWT vulnerabilities (alg:none, confusion) |
+| `xxe` | CWE-611 | XML external entity injection |
+| `file_upload` | CWE-434 | File upload vulnerabilities |
+| `deserialization` | CWE-502 | Insecure deserialization |
+| `http_smuggling` | CWE-444 | HTTP request smuggling (CL.TE/TE.CL) |
 
 ## OCSF Reports
 
@@ -209,12 +224,30 @@ Get your token from [Prancer Portal](https://portal.prancer.io) → Settings →
 
 ## Changelog
 
+### v1.3.0
+- ADR-005: Self-learning intelligence layer (SONA, WAF evasion learning, adaptive rate limiting)
+- ADR-005: Semantic deduplication + crown jewel ML matching
+- ADR-005: Real HNSW vector index (replaced HashMap stub)
+- ADR-004: Recursive swarm architecture with 6 trigger types
+- Pre-flight authentication (5 methods via --auth)
+- Checkpoint-on-detection for all 17 agents
+- UTF-8 safety fix (28 byte-slicing sites)
+- 147 new tests across intelligence layer
+
+### v1.2.0
+- ADR-004: Recursive swarm + auth config + tech debt remediation
+- CI hardening (test gates, pipefail)
+- Version bump and dependency cleanup
+
+### v1.1.0
+- ADR-003: 10 new exploit agents (SSRF, LFI, SSTI, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling, OpenRedirect)
+- ADR-001: Parallel agent execution (4x speedup)
+- ADR-002: curl/nc deep exploitation
+
 ### v0.2.0
-- Added runtime mode selection (local/docker)
-- Added OCSF 1.1.0 report generation
-- Added Prancer Portal authentication
-- Bundled default configuration file
-- Multi-platform binary support
+- Runtime mode selection (local/docker)
+- OCSF 1.1.0 report generation
+- Prancer Portal authentication
 
 ### v0.1.0
 - Initial release

package/config/swarmhack.yaml

@@ -164,6 +164,47 @@ agents:
     max_depth: 3
     max_pages: 100  # ✅ ADR-001: 1000 → 100 for pentest mode (depth over breadth)
     requests_per_second: 10.0
+  # ADR-003: 10 new exploit agents
+  ssrf:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  lfi:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  ssti:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  open_redirect:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  cors:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  jwt:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  xxe:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  file_upload:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  deserialization:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  http_smuggling:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
 
 memory:
   agentdb:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "swarmhack-cli",
-  "version": "0.2.1",
+  "version": "1.4.0",
   "description": "SwarmHack - Neural swarm-based penetration testing framework",
   "author": "Prancer <support@prancer.io>",
   "license": "MIT",