swarmhack-cli 1.4.0 → 1.5.0

package/README.md

@@ -2,18 +2,16 @@
 
 Neural swarm-based penetration testing framework.
 
-## What's New in v1.3.0
-
-- **17 Exploit Agents**: SQLi, XSS, CMDI, CSRF, IDOR, AuthBypass, SSRF, LFI, SSTI, OpenRedirect, CORS, JWT, XXE, FileUpload, Deserialization, HTTPSmuggling + WebCrawler
-- **Recursive Swarm (ADR-004)**: Generation-based re-scanning with 6 trigger types — automatically re-scans with discovered credentials
-- **Pre-flight Authentication**: 5 auth methods (FormBased, JWT, Cookie, JSON, Custom) via `--auth config.json`
-- **Self-Learning Intelligence (ADR-005)**: SONA-backed payload learning, adaptive WAF evasion, rate limiting optimization
-- **Semantic Deduplication**: Two-level dedup (canonical key + HNSW vector similarity) catches near-duplicate findings
-- **Crown Jewel ML Matching**: Learns new crown jewel patterns beyond the 18 built-in regexes
-- **Real HNSW Index**: Replaced HashMap stub with actual approximate nearest neighbor search
-- **Checkpoint-on-Detection**: All 17 agents preserve findings before deep exploitation — no data loss on timeout
-- **UTF-8 Safety**: Fixed byte-slicing panics across 20 files (28 sites)
-- **OCSF 1.1.0 Reports**: Industry-standard vulnerability reports with generation lineage tracking
+## What's New in v1.5.0
+
+- **23 Exploit Agents**: Full OWASP Top 10 coverage with 6 new agents (SessionFixation, DangerousMethods, DefaultCredentials, PrivilegeEscalation, MassAssignment, VulnerableComponents)
+- **Intelligence Bus**: 7 typed intel categories shared across all 23 agents (TargetProfile, WafProfile, CredentialIntel, NetworkIntel, FileSystemIntel, AuthStateIntel, ExploitPathIntel)
+- **Runtime Vulnerability Chaining**: Credentials/sessions from SQLi/AuthBypass automatically feed IDOR/PrivEsc/CSRF agents in a live chaining phase
+- **VulnerableComponents Agent (OWASP A06)**: 30 built-in CVE entries — fingerprints server versions from headers and matches against known vulnerabilities
+- **CVSS Score Fix**: Severity scores now correctly computed (was always 0.0 due to case mismatch)
+- **Performance**: SwarmHackConfig wrapped in Arc — eliminates deep clones on every agent spawn
+- **Agent Pool**: Increased to 25 concurrent slots for 23 agent types
+- **Live Validated**: 16 findings across 3 targets (demo.testfire.net, ginandjuice.shop, testasp.vulnweb.com) with 0 false positives
 
 ## Installation
 
@@ -162,7 +160,7 @@ docker run --rm \
   --customer "your-customer" --token "your-token"
 ```
 
-## Available Agents (17)
+## Available Agents (23)
 
 | Agent | CWE | Description |
 |-------|-----|-------------|
@@ -183,6 +181,12 @@ docker run --rm \
 | `file_upload` | CWE-434 | File upload vulnerabilities |
 | `deserialization` | CWE-502 | Insecure deserialization |
 | `http_smuggling` | CWE-444 | HTTP request smuggling (CL.TE/TE.CL) |
+| `session_fixation` | CWE-384 | Session fixation and invalidation testing |
+| `dangerous_methods` | CWE-16 | Dangerous HTTP methods (TRACE/XST, PUT upload) |
+| `default_credentials` | CWE-798 | Default credential scanning (20 pairs) |
+| `privilege_escalation` | CWE-862 | Function-level access control testing |
+| `mass_assignment` | CWE-915 | Mass assignment / parameter injection |
+| `vulnerable_components` | CWE-1035 | Version fingerprinting + CVE lookup (30 CVEs) |
 
 ## OCSF Reports
 
@@ -224,6 +228,22 @@ Get your token from [Prancer Portal](https://portal.prancer.io) → Settings →
 
 ## Changelog
 
+### v1.5.0
+- ADR-006: OWASP Top 10 full coverage — 6 new agents (SessionFixation, DangerousMethods, DefaultCredentials, PrivilegeEscalation, MassAssignment, VulnerableComponents)
+- Intelligence Bus: 7 typed intel categories shared across all 23 agents
+- Runtime vulnerability chaining: credentials/sessions feed consumer agents live
+- VulnerableComponents agent (OWASP A06): 30 built-in CVE entries
+- CVSS score fix (was always 0.0), GOAP precondition key unification
+- SwarmHackConfig wrapped in Arc (performance), agent pool 20→25
+- Live validated: 16 findings, 67 crown jewels, 0 false positives across 3 targets
+
+### v1.4.0
+- Hybrid execution mode (Kill Chain + AEL amplification)
+- SPA false positive elimination
+- Auth crawling and OCSF auth tracking
+- Common endpoint discovery (107 paths)
+- Version bump and CI adjustments
+
 ### v1.3.0
 - ADR-005: Self-learning intelligence layer (SONA, WAF evasion learning, adaptive rate limiting)
 - ADR-005: Semantic deduplication + crown jewel ML matching

package/config/swarmhack.yaml

@@ -205,6 +205,30 @@ agents:
     enabled: true
     max_candidates: 5
     pentest_mode: true
+  session_fixation:
+    enabled: true
+    max_candidates: 3
+    pentest_mode: true
+  dangerous_methods:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  default_credentials:
+    enabled: true
+    max_candidates: 3
+    pentest_mode: true
+  privilege_escalation:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  mass_assignment:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
+  vulnerable_components:
+    enabled: true
+    max_candidates: 5
+    pentest_mode: true
 
 memory:
   agentdb:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "swarmhack-cli",
-  "version": "1.4.0",
+  "version": "1.5.0",
   "description": "SwarmHack - Neural swarm-based penetration testing framework",
   "author": "Prancer <support@prancer.io>",
   "license": "MIT",