swarmhack-cli 1.1.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +75 -22
  2. package/config/swarmhack.yaml +24 -0
  3. package/native/linux-x64/swarmhack +0 -0
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -2,13 +2,16 @@
2
2
 
3
3
  Neural swarm-based penetration testing framework.
4
4
 
5
- ## What's New in v0.2.0
5
+ ## What's New in v1.5.0
6
6
 
7
- - **Runtime Modes**: Choose between `local` (direct execution) or `docker` (containerized) mode
8
- - **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with optimized JSON structure
9
- - **Prancer Portal Integration**: Secure authentication with Prancer Portal
10
- - **Bundled Configuration**: Default config file included - no manual setup required
11
- - **Multi-Platform Support**: Linux, macOS, and Windows binaries
7
+ - **23 Exploit Agents**: Full OWASP Top 10 coverage with 6 new agents (SessionFixation, DangerousMethods, DefaultCredentials, PrivilegeEscalation, MassAssignment, VulnerableComponents)
8
+ - **Intelligence Bus**: 7 typed intel categories shared across all 23 agents (TargetProfile, WafProfile, CredentialIntel, NetworkIntel, FileSystemIntel, AuthStateIntel, ExploitPathIntel)
9
+ - **Runtime Vulnerability Chaining**: Credentials/sessions from SQLi/AuthBypass automatically feed IDOR/PrivEsc/CSRF agents in a live chaining phase
10
+ - **VulnerableComponents Agent (OWASP A06)**: 30 built-in CVE entries fingerprints server versions from headers and matches against known vulnerabilities
11
+ - **CVSS Score Fix**: Severity scores now correctly computed (was always 0.0 due to case mismatch)
12
+ - **Performance**: SwarmHackConfig wrapped in Arc — eliminates deep clones on every agent spawn
13
+ - **Agent Pool**: Increased to 25 concurrent slots for 23 agent types
14
+ - **Live Validated**: 16 findings across 3 targets (demo.testfire.net, ginandjuice.shop, testasp.vulnweb.com) with 0 false positives
12
15
 
13
16
  ## Installation
14
17
 
@@ -157,17 +160,33 @@ docker run --rm \
157
160
  --customer "your-customer" --token "your-token"
158
161
  ```
159
162
 
160
- ## Available Agents
161
-
162
- | Agent | Description |
163
- |-------|-------------|
164
- | `crawler` | Web crawling and discovery |
165
- | `sqli` | SQL injection detection |
166
- | `xss` | Cross-site scripting |
167
- | `csrf` | CSRF vulnerabilities |
168
- | `idor` | Insecure direct object reference |
169
- | `auth_bypass` | Authentication bypass |
170
- | `cmdi` | Command injection |
163
+ ## Available Agents (23)
164
+
165
+ | Agent | CWE | Description |
166
+ |-------|-----|-------------|
167
+ | `crawler` | — | Web crawling, form discovery, WAF detection |
168
+ | `sqli` | CWE-89 | SQL injection (UNION, boolean, error, time-based) |
169
+ | `xss` | CWE-79 | Cross-site scripting (reflected, stored, DOM, blind) |
170
+ | `cmdi` | CWE-78 | Command injection with marker-based detection |
171
+ | `csrf` | CWE-352 | Cross-site request forgery |
172
+ | `idor` | CWE-639 | Insecure direct object reference |
173
+ | `auth_bypass` | CWE-287 | Authentication bypass |
174
+ | `ssrf` | CWE-918 | Server-side request forgery (IMDS probes) |
175
+ | `lfi` | CWE-22 | Local file inclusion / path traversal |
176
+ | `ssti` | CWE-1336 | Server-side template injection |
177
+ | `open_redirect` | CWE-601 | Open redirect |
178
+ | `cors` | CWE-942 | CORS misconfiguration |
179
+ | `jwt` | CWE-345 | JWT vulnerabilities (alg:none, confusion) |
180
+ | `xxe` | CWE-611 | XML external entity injection |
181
+ | `file_upload` | CWE-434 | File upload vulnerabilities |
182
+ | `deserialization` | CWE-502 | Insecure deserialization |
183
+ | `http_smuggling` | CWE-444 | HTTP request smuggling (CL.TE/TE.CL) |
184
+ | `session_fixation` | CWE-384 | Session fixation and invalidation testing |
185
+ | `dangerous_methods` | CWE-16 | Dangerous HTTP methods (TRACE/XST, PUT upload) |
186
+ | `default_credentials` | CWE-798 | Default credential scanning (20 pairs) |
187
+ | `privilege_escalation` | CWE-862 | Function-level access control testing |
188
+ | `mass_assignment` | CWE-915 | Mass assignment / parameter injection |
189
+ | `vulnerable_components` | CWE-1035 | Version fingerprinting + CVE lookup (30 CVEs) |
171
190
 
172
191
  ## OCSF Reports
173
192
 
@@ -209,12 +228,46 @@ Get your token from [Prancer Portal](https://portal.prancer.io) → Settings →
209
228
 
210
229
  ## Changelog
211
230
 
231
+ ### v1.5.0
232
+ - ADR-006: OWASP Top 10 full coverage — 6 new agents (SessionFixation, DangerousMethods, DefaultCredentials, PrivilegeEscalation, MassAssignment, VulnerableComponents)
233
+ - Intelligence Bus: 7 typed intel categories shared across all 23 agents
234
+ - Runtime vulnerability chaining: credentials/sessions feed consumer agents live
235
+ - VulnerableComponents agent (OWASP A06): 30 built-in CVE entries
236
+ - CVSS score fix (was always 0.0), GOAP precondition key unification
237
+ - SwarmHackConfig wrapped in Arc (performance), agent pool 20→25
238
+ - Live validated: 16 findings, 67 crown jewels, 0 false positives across 3 targets
239
+
240
+ ### v1.4.0
241
+ - Hybrid execution mode (Kill Chain + AEL amplification)
242
+ - SPA false positive elimination
243
+ - Auth crawling and OCSF auth tracking
244
+ - Common endpoint discovery (107 paths)
245
+ - Version bump and CI adjustments
246
+
247
+ ### v1.3.0
248
+ - ADR-005: Self-learning intelligence layer (SONA, WAF evasion learning, adaptive rate limiting)
249
+ - ADR-005: Semantic deduplication + crown jewel ML matching
250
+ - ADR-005: Real HNSW vector index (replaced HashMap stub)
251
+ - ADR-004: Recursive swarm architecture with 6 trigger types
252
+ - Pre-flight authentication (5 methods via --auth)
253
+ - Checkpoint-on-detection for all 17 agents
254
+ - UTF-8 safety fix (28 byte-slicing sites)
255
+ - 147 new tests across intelligence layer
256
+
257
+ ### v1.2.0
258
+ - ADR-004: Recursive swarm + auth config + tech debt remediation
259
+ - CI hardening (test gates, pipefail)
260
+ - Version bump and dependency cleanup
261
+
262
+ ### v1.1.0
263
+ - ADR-003: 10 new exploit agents (SSRF, LFI, SSTI, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling, OpenRedirect)
264
+ - ADR-001: Parallel agent execution (4x speedup)
265
+ - ADR-002: curl/nc deep exploitation
266
+
212
267
  ### v0.2.0
213
- - Added runtime mode selection (local/docker)
214
- - Added OCSF 1.1.0 report generation
215
- - Added Prancer Portal authentication
216
- - Bundled default configuration file
217
- - Multi-platform binary support
268
+ - Runtime mode selection (local/docker)
269
+ - OCSF 1.1.0 report generation
270
+ - Prancer Portal authentication
218
271
 
219
272
  ### v0.1.0
220
273
  - Initial release
package/config/swarmhack.yaml CHANGED
@@ -205,6 +205,30 @@ agents:
205
205
  enabled: true
206
206
  max_candidates: 5
207
207
  pentest_mode: true
208
+ session_fixation:
209
+ enabled: true
210
+ max_candidates: 3
211
+ pentest_mode: true
212
+ dangerous_methods:
213
+ enabled: true
214
+ max_candidates: 5
215
+ pentest_mode: true
216
+ default_credentials:
217
+ enabled: true
218
+ max_candidates: 3
219
+ pentest_mode: true
220
+ privilege_escalation:
221
+ enabled: true
222
+ max_candidates: 5
223
+ pentest_mode: true
224
+ mass_assignment:
225
+ enabled: true
226
+ max_candidates: 5
227
+ pentest_mode: true
228
+ vulnerable_components:
229
+ enabled: true
230
+ max_candidates: 5
231
+ pentest_mode: true
208
232
 
209
233
  memory:
210
234
  agentdb:
package/native/linux-x64/swarmhack CHANGED
Binary file
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "swarmhack-cli",
3
- "version": "1.1.0",
3
+ "version": "1.5.0",
4
4
  "description": "SwarmHack - Neural swarm-based penetration testing framework",
5
5
  "author": "Prancer <support@prancer.io>",
6
6
  "license": "MIT",