swarmhack-cli 1.1.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +56 -23
  2. package/native/linux-x64/swarmhack +0 -0
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -2,13 +2,18 @@
2
2
 
3
3
  Neural swarm-based penetration testing framework.
4
4
 
5
- ## What's New in v0.2.0
6
-
7
- - **Runtime Modes**: Choose between `local` (direct execution) or `docker` (containerized) mode
8
- - **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with optimized JSON structure
9
- - **Prancer Portal Integration**: Secure authentication with Prancer Portal
10
- - **Bundled Configuration**: Default config file included - no manual setup required
11
- - **Multi-Platform Support**: Linux, macOS, and Windows binaries
5
+ ## What's New in v1.3.0
6
+
7
+ - **17 Exploit Agents**: SQLi, XSS, CMDI, CSRF, IDOR, AuthBypass, SSRF, LFI, SSTI, OpenRedirect, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling + WebCrawler
8
+ - **Recursive Swarm (ADR-004)**: Generation-based re-scanning with 6 trigger types — automatically re-scans with discovered credentials
9
+ - **Pre-flight Authentication**: 5 auth methods (FormBased, JWT, Cookie, JSON, Custom) via `--auth config.json`
10
+ - **Self-Learning Intelligence (ADR-005)**: SONA-backed payload learning, adaptive WAF evasion, rate limiting optimization
11
+ - **Semantic Deduplication**: Two-level dedup (canonical key + HNSW vector similarity) catches near-duplicate findings
12
+ - **Crown Jewel ML Matching**: Learns new crown jewel patterns beyond the 18 built-in regexes
13
+ - **Real HNSW Index**: Replaced HashMap stub with actual approximate nearest neighbor search
14
+ - **Checkpoint-on-Detection**: All 17 agents preserve findings before deep exploitation — no data loss on timeout
15
+ - **UTF-8 Safety**: Fixed byte-slicing panics across 20 files (28 sites)
16
+ - **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with generation lineage tracking
12
17
 
13
18
  ## Installation
14
19
 
@@ -157,17 +162,27 @@ docker run --rm \
157
162
  --customer "your-customer" --token "your-token"
158
163
  ```
159
164
 
160
- ## Available Agents
161
-
162
- | Agent | Description |
163
- |-------|-------------|
164
- | `crawler` | Web crawling and discovery |
165
- | `sqli` | SQL injection detection |
166
- | `xss` | Cross-site scripting |
167
- | `csrf` | CSRF vulnerabilities |
168
- | `idor` | Insecure direct object reference |
169
- | `auth_bypass` | Authentication bypass |
170
- | `cmdi` | Command injection |
165
+ ## Available Agents (17)
166
+
167
+ | Agent | CWE | Description |
168
+ |-------|-----|-------------|
169
+ | `crawler` | — | Web crawling, form discovery, WAF detection |
170
+ | `sqli` | CWE-89 | SQL injection (UNION, boolean, error, time-based) |
171
+ | `xss` | CWE-79 | Cross-site scripting (reflected, stored, DOM, blind) |
172
+ | `cmdi` | CWE-78 | Command injection with marker-based detection |
173
+ | `csrf` | CWE-352 | Cross-site request forgery |
174
+ | `idor` | CWE-639 | Insecure direct object reference |
175
+ | `auth_bypass` | CWE-287 | Authentication bypass |
176
+ | `ssrf` | CWE-918 | Server-side request forgery (IMDS probes) |
177
+ | `lfi` | CWE-22 | Local file inclusion / path traversal |
178
+ | `ssti` | CWE-1336 | Server-side template injection |
179
+ | `open_redirect` | CWE-601 | Open redirect |
180
+ | `cors` | CWE-942 | CORS misconfiguration |
181
+ | `jwt` | CWE-345 | JWT vulnerabilities (alg:none, confusion) |
182
+ | `xxe` | CWE-611 | XML external entity injection |
183
+ | `file_upload` | CWE-434 | File upload vulnerabilities |
184
+ | `deserialization` | CWE-502 | Insecure deserialization |
185
+ | `http_smuggling` | CWE-444 | HTTP request smuggling (CL.TE/TE.CL) |
171
186
 
172
187
  ## OCSF Reports
173
188
 
@@ -209,12 +224,30 @@ Get your token from [Prancer Portal](https://portal.prancer.io) → Settings →
209
224
 
210
225
  ## Changelog
211
226
 
227
+ ### v1.3.0
228
+ - ADR-005: Self-learning intelligence layer (SONA, WAF evasion learning, adaptive rate limiting)
229
+ - ADR-005: Semantic deduplication + crown jewel ML matching
230
+ - ADR-005: Real HNSW vector index (replaced HashMap stub)
231
+ - ADR-004: Recursive swarm architecture with 6 trigger types
232
+ - Pre-flight authentication (5 methods via --auth)
233
+ - Checkpoint-on-detection for all 17 agents
234
+ - UTF-8 safety fix (28 byte-slicing sites)
235
+ - 147 new tests across intelligence layer
236
+
237
+ ### v1.2.0
238
+ - ADR-004: Recursive swarm + auth config + tech debt remediation
239
+ - CI hardening (test gates, pipefail)
240
+ - Version bump and dependency cleanup
241
+
242
+ ### v1.1.0
243
+ - ADR-003: 10 new exploit agents (SSRF, LFI, SSTI, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling, OpenRedirect)
244
+ - ADR-001: Parallel agent execution (4x speedup)
245
+ - ADR-002: curl/nc deep exploitation
246
+
212
247
  ### v0.2.0
213
- - Added runtime mode selection (local/docker)
214
- - Added OCSF 1.1.0 report generation
215
- - Added Prancer Portal authentication
216
- - Bundled default configuration file
217
- - Multi-platform binary support
248
+ - Runtime mode selection (local/docker)
249
+ - OCSF 1.1.0 report generation
250
+ - Prancer Portal authentication
218
251
 
219
252
  ### v0.1.0
220
253
  - Initial release
package/native/linux-x64/swarmhack CHANGED
Binary file
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "swarmhack-cli",
3
- "version": "1.1.0",
3
+ "version": "1.4.0",
4
4
  "description": "SwarmHack - Neural swarm-based penetration testing framework",
5
5
  "author": "Prancer <support@prancer.io>",
6
6
  "license": "MIT",