PyPI - aiptx - Versions diffs - 2.0.2__py3-none-any.whl - Mend

aiptx 2.0.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of aiptx might be problematic. Click here for more details.

Files changed (165) hide show

aipt_v2/__init__.py +110 -0
aipt_v2/__main__.py +24 -0
aipt_v2/agents/AIPTxAgent/__init__.py +10 -0
aipt_v2/agents/AIPTxAgent/aiptx_agent.py +211 -0
aipt_v2/agents/__init__.py +24 -0
aipt_v2/agents/base.py +520 -0
aipt_v2/agents/ptt.py +406 -0
aipt_v2/agents/state.py +168 -0
aipt_v2/app.py +960 -0
aipt_v2/browser/__init__.py +31 -0
aipt_v2/browser/automation.py +458 -0
aipt_v2/browser/crawler.py +453 -0
aipt_v2/cli.py +321 -0
aipt_v2/compliance/__init__.py +71 -0
aipt_v2/compliance/compliance_report.py +449 -0
aipt_v2/compliance/framework_mapper.py +424 -0
aipt_v2/compliance/nist_mapping.py +345 -0
aipt_v2/compliance/owasp_mapping.py +330 -0
aipt_v2/compliance/pci_mapping.py +297 -0
aipt_v2/config.py +288 -0
aipt_v2/core/__init__.py +43 -0
aipt_v2/core/agent.py +630 -0
aipt_v2/core/llm.py +395 -0
aipt_v2/core/memory.py +305 -0
aipt_v2/core/ptt.py +329 -0
aipt_v2/database/__init__.py +14 -0
aipt_v2/database/models.py +232 -0
aipt_v2/database/repository.py +384 -0
aipt_v2/docker/__init__.py +23 -0
aipt_v2/docker/builder.py +260 -0
aipt_v2/docker/manager.py +222 -0
aipt_v2/docker/sandbox.py +371 -0
aipt_v2/evasion/__init__.py +58 -0
aipt_v2/evasion/request_obfuscator.py +272 -0
aipt_v2/evasion/tls_fingerprint.py +285 -0
aipt_v2/evasion/ua_rotator.py +301 -0
aipt_v2/evasion/waf_bypass.py +439 -0
aipt_v2/execution/__init__.py +23 -0
aipt_v2/execution/executor.py +302 -0
aipt_v2/execution/parser.py +544 -0
aipt_v2/execution/terminal.py +337 -0
aipt_v2/health.py +437 -0
aipt_v2/intelligence/__init__.py +85 -0
aipt_v2/intelligence/auth.py +520 -0
aipt_v2/intelligence/chaining.py +775 -0
aipt_v2/intelligence/cve_aipt.py +334 -0
aipt_v2/intelligence/cve_info.py +1111 -0
aipt_v2/intelligence/rag.py +239 -0
aipt_v2/intelligence/scope.py +442 -0
aipt_v2/intelligence/searchers/__init__.py +5 -0
aipt_v2/intelligence/searchers/exploitdb_searcher.py +523 -0
aipt_v2/intelligence/searchers/github_searcher.py +467 -0
aipt_v2/intelligence/searchers/google_searcher.py +281 -0
aipt_v2/intelligence/tools.json +443 -0
aipt_v2/intelligence/triage.py +670 -0
aipt_v2/interface/__init__.py +5 -0
aipt_v2/interface/cli.py +230 -0
aipt_v2/interface/main.py +501 -0
aipt_v2/interface/tui.py +1276 -0
aipt_v2/interface/utils.py +583 -0
aipt_v2/llm/__init__.py +39 -0
aipt_v2/llm/config.py +26 -0
aipt_v2/llm/llm.py +514 -0
aipt_v2/llm/memory.py +214 -0
aipt_v2/llm/request_queue.py +89 -0
aipt_v2/llm/utils.py +89 -0
aipt_v2/models/__init__.py +15 -0
aipt_v2/models/findings.py +295 -0
aipt_v2/models/phase_result.py +224 -0
aipt_v2/models/scan_config.py +207 -0
aipt_v2/monitoring/grafana/dashboards/aipt-dashboard.json +355 -0
aipt_v2/monitoring/grafana/dashboards/default.yml +17 -0
aipt_v2/monitoring/grafana/datasources/prometheus.yml +17 -0
aipt_v2/monitoring/prometheus.yml +60 -0
aipt_v2/orchestration/__init__.py +52 -0
aipt_v2/orchestration/pipeline.py +398 -0
aipt_v2/orchestration/progress.py +300 -0
aipt_v2/orchestration/scheduler.py +296 -0
aipt_v2/orchestrator.py +2284 -0
aipt_v2/payloads/__init__.py +27 -0
aipt_v2/payloads/cmdi.py +150 -0
aipt_v2/payloads/sqli.py +263 -0
aipt_v2/payloads/ssrf.py +204 -0
aipt_v2/payloads/templates.py +222 -0
aipt_v2/payloads/traversal.py +166 -0
aipt_v2/payloads/xss.py +204 -0
aipt_v2/prompts/__init__.py +60 -0
aipt_v2/proxy/__init__.py +29 -0
aipt_v2/proxy/history.py +352 -0
aipt_v2/proxy/interceptor.py +452 -0
aipt_v2/recon/__init__.py +44 -0
aipt_v2/recon/dns.py +241 -0
aipt_v2/recon/osint.py +367 -0
aipt_v2/recon/subdomain.py +372 -0
aipt_v2/recon/tech_detect.py +311 -0
aipt_v2/reports/__init__.py +17 -0
aipt_v2/reports/generator.py +313 -0
aipt_v2/reports/html_report.py +378 -0
aipt_v2/runtime/__init__.py +44 -0
aipt_v2/runtime/base.py +30 -0
aipt_v2/runtime/docker.py +401 -0
aipt_v2/runtime/local.py +346 -0
aipt_v2/runtime/tool_server.py +205 -0
aipt_v2/scanners/__init__.py +28 -0
aipt_v2/scanners/base.py +273 -0
aipt_v2/scanners/nikto.py +244 -0
aipt_v2/scanners/nmap.py +402 -0
aipt_v2/scanners/nuclei.py +273 -0
aipt_v2/scanners/web.py +454 -0
aipt_v2/scripts/security_audit.py +366 -0
aipt_v2/telemetry/__init__.py +7 -0
aipt_v2/telemetry/tracer.py +347 -0
aipt_v2/terminal/__init__.py +28 -0
aipt_v2/terminal/executor.py +400 -0
aipt_v2/terminal/sandbox.py +350 -0
aipt_v2/tools/__init__.py +44 -0
aipt_v2/tools/active_directory/__init__.py +78 -0
aipt_v2/tools/active_directory/ad_config.py +238 -0
aipt_v2/tools/active_directory/bloodhound_wrapper.py +447 -0
aipt_v2/tools/active_directory/kerberos_attacks.py +430 -0
aipt_v2/tools/active_directory/ldap_enum.py +533 -0
aipt_v2/tools/active_directory/smb_attacks.py +505 -0
aipt_v2/tools/agents_graph/__init__.py +19 -0
aipt_v2/tools/agents_graph/agents_graph_actions.py +69 -0
aipt_v2/tools/api_security/__init__.py +76 -0
aipt_v2/tools/api_security/api_discovery.py +608 -0
aipt_v2/tools/api_security/graphql_scanner.py +622 -0
aipt_v2/tools/api_security/jwt_analyzer.py +577 -0
aipt_v2/tools/api_security/openapi_fuzzer.py +761 -0
aipt_v2/tools/browser/__init__.py +5 -0
aipt_v2/tools/browser/browser_actions.py +238 -0
aipt_v2/tools/browser/browser_instance.py +535 -0
aipt_v2/tools/browser/tab_manager.py +344 -0
aipt_v2/tools/cloud/__init__.py +70 -0
aipt_v2/tools/cloud/cloud_config.py +273 -0
aipt_v2/tools/cloud/cloud_scanner.py +639 -0
aipt_v2/tools/cloud/prowler_tool.py +571 -0
aipt_v2/tools/cloud/scoutsuite_tool.py +359 -0
aipt_v2/tools/executor.py +307 -0
aipt_v2/tools/parser.py +408 -0
aipt_v2/tools/proxy/__init__.py +5 -0
aipt_v2/tools/proxy/proxy_actions.py +103 -0
aipt_v2/tools/proxy/proxy_manager.py +789 -0
aipt_v2/tools/registry.py +196 -0
aipt_v2/tools/scanners/__init__.py +343 -0
aipt_v2/tools/scanners/acunetix_tool.py +712 -0
aipt_v2/tools/scanners/burp_tool.py +631 -0
aipt_v2/tools/scanners/config.py +156 -0
aipt_v2/tools/scanners/nessus_tool.py +588 -0
aipt_v2/tools/scanners/zap_tool.py +612 -0
aipt_v2/tools/terminal/__init__.py +5 -0
aipt_v2/tools/terminal/terminal_actions.py +37 -0
aipt_v2/tools/terminal/terminal_manager.py +153 -0
aipt_v2/tools/terminal/terminal_session.py +449 -0
aipt_v2/tools/tool_processing.py +108 -0
aipt_v2/utils/__init__.py +17 -0
aipt_v2/utils/logging.py +201 -0
aipt_v2/utils/model_manager.py +187 -0
aipt_v2/utils/searchers/__init__.py +269 -0
aiptx-2.0.2.dist-info/METADATA +324 -0
aiptx-2.0.2.dist-info/RECORD +165 -0
aiptx-2.0.2.dist-info/WHEEL +5 -0
aiptx-2.0.2.dist-info/entry_points.txt +7 -0
aiptx-2.0.2.dist-info/licenses/LICENSE +21 -0
aiptx-2.0.2.dist-info/top_level.txt +1 -0

aipt_v2/tools/parser.py ADDED Viewed

@@ -0,0 +1,408 @@
+"""
+AIPT Output Parser - Extract structured data from tool outputs
+Uses regex patterns + LLM fallback for complex parsing.
+Supports:
+- nmap, masscan (port scanning)
+- gobuster, ffuf (directory enumeration)
+- nuclei (vulnerability scanning)
+- hydra (credential brute-forcing)
+- Custom patterns
+"""
+import re
+from typing import Optional
+from dataclasses import dataclass, field
+@dataclass
+class Finding:
+    """A structured finding from tool output"""
+    type: str  # port, service, vuln, credential, host, path
+    value: str
+    description: str
+    severity: str = "info"  # info, low, medium, high, critical
+    metadata: dict = field(default_factory=dict)
+class OutputParser:
+    """
+    Parse tool outputs into structured findings.
+    Uses regex patterns for known tools, with LLM fallback
+    for unstructured or unknown outputs.
+    """
+    # Regex patterns for common tools
+    PATTERNS = {
+        # nmap patterns
+        "nmap_port": re.compile(
+            r"(\d+)/(tcp|udp)\s+(\w+)\s+(\S+)(?:\s+(.*))?",
+            re.MULTILINE
+        ),
+        "nmap_host": re.compile(
+            r"Nmap scan report for\s+(\S+)(?:\s+\((\d+\.\d+\.\d+\.\d+)\))?",
+            re.MULTILINE
+        ),
+        # masscan patterns
+        "masscan_port": re.compile(
+            r"Discovered open port\s+(\d+)/(tcp|udp)\s+on\s+(\S+)",
+            re.MULTILINE
+        ),
+        # gobuster/ffuf patterns
+        "directory": re.compile(
+            r"(/\S+)\s+\(Status:\s*(\d+)\)",
+            re.MULTILINE
+        ),
+        "ffuf_result": re.compile(
+            r'"url":\s*"([^"]+)".*?"status":\s*(\d+)',
+            re.MULTILINE
+        ),
+        # nuclei patterns
+        "nuclei_vuln": re.compile(
+            r"\[([^\]]+)\]\s+\[([^\]]+)\]\s+\[([^\]]+)\]\s+(.+)",
+            re.MULTILINE
+        ),
+        # hydra patterns
+        "hydra_cred": re.compile(
+            r"\[(\d+)\]\[(\w+)\]\s+host:\s+(\S+)\s+login:\s+(\S+)\s+password:\s+(\S+)",
+            re.MULTILINE
+        ),
+        # generic patterns
+        "ip_address": re.compile(
+            r"\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b"
+        ),
+        "domain": re.compile(
+            r"\b([a-zA-Z0-9][-a-zA-Z0-9]*\.)+[a-zA-Z]{2,}\b"
+        ),
+        "email": re.compile(
+            r"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b"
+        ),
+        "hash_md5": re.compile(
+            r"\b[a-fA-F0-9]{32}\b"
+        ),
+        "hash_sha1": re.compile(
+            r"\b[a-fA-F0-9]{40}\b"
+        ),
+        "cve": re.compile(
+            r"CVE-\d{4}-\d{4,}",
+            re.IGNORECASE
+        ),
+    }
+    def __init__(self):
+        pass
+    def parse_nmap(self, output: str) -> list[Finding]:
+        """Parse nmap output - public wrapper"""
+        return self._parse_nmap(output)
+    def parse_masscan(self, output: str) -> list[Finding]:
+        """Parse masscan output - public wrapper"""
+        return self._parse_masscan(output)
+    def parse_directory(self, output: str) -> list[Finding]:
+        """Parse directory brute-force output - public wrapper"""
+        return self._parse_directory(output)
+    def parse_nuclei(self, output: str) -> list[Finding]:
+        """Parse nuclei output - public wrapper"""
+        return self._parse_nuclei(output)
+    def parse_hydra(self, output: str) -> list[Finding]:
+        """Parse hydra output - public wrapper"""
+        return self._parse_hydra(output)
+    def parse_generic(self, output: str) -> list[Finding]:
+        """Parse generic patterns from output - public wrapper"""
+        return self._parse_generic(output)
+    def parse(
+        self,
+        output: str,
+        tool_name: Optional[str] = None,
+    ) -> list[Finding]:
+        """
+        Parse tool output into structured findings.
+        Args:
+            output: Raw tool output
+            tool_name: Name of the tool (for tool-specific parsing)
+        Returns:
+            List of Finding objects
+        """
+        findings = []
+        if not output:
+            return findings
+        # Tool-specific parsing
+        if tool_name:
+            tool_findings = self._parse_tool_specific(output, tool_name.lower())
+            findings.extend(tool_findings)
+        # Generic pattern matching
+        generic_findings = self._parse_generic(output)
+        findings.extend(generic_findings)
+        # Deduplicate
+        findings = self._deduplicate(findings)
+        return findings
+    def _parse_tool_specific(self, output: str, tool_name: str) -> list[Finding]:
+        """Parse output based on known tool"""
+        findings = []
+        if tool_name in ["nmap", "nmap-scan"]:
+            findings.extend(self._parse_nmap(output))
+        elif tool_name == "masscan":
+            findings.extend(self._parse_masscan(output))
+        elif tool_name in ["gobuster", "ffuf", "dirb", "dirbuster"]:
+            findings.extend(self._parse_directory(output))
+        elif tool_name == "nuclei":
+            findings.extend(self._parse_nuclei(output))
+        elif tool_name == "hydra":
+            findings.extend(self._parse_hydra(output))
+        elif tool_name in ["nikto", "wpscan"]:
+            findings.extend(self._parse_vuln_scanner(output))
+        return findings
+    def _parse_nmap(self, output: str) -> list[Finding]:
+        """Parse nmap output"""
+        findings = []
+        # Parse hosts
+        for match in self.PATTERNS["nmap_host"].finditer(output):
+            hostname = match.group(1)
+            ip = match.group(2) or hostname
+            findings.append(Finding(
+                type="host",
+                value=ip,
+                description=f"Host discovered: {hostname} ({ip})",
+                metadata={"hostname": hostname, "ip": ip}
+            ))
+        # Parse ports
+        for match in self.PATTERNS["nmap_port"].finditer(output):
+            port = match.group(1)
+            protocol = match.group(2)
+            state = match.group(3)
+            service = match.group(4)
+            version = match.group(5) or ""
+            if state == "open":
+                findings.append(Finding(
+                    type="port",
+                    value=f"{port}/{protocol}",
+                    description=f"Open port {port}/{protocol}: {service} {version}".strip(),
+                    metadata={
+                        "port": int(port),
+                        "protocol": protocol,
+                        "service": service,
+                        "version": version,
+                    }
+                ))
+        return findings
+    def _parse_masscan(self, output: str) -> list[Finding]:
+        """Parse masscan output"""
+        findings = []
+        for match in self.PATTERNS["masscan_port"].finditer(output):
+            port = match.group(1)
+            protocol = match.group(2)
+            ip = match.group(3)
+            findings.append(Finding(
+                type="port",
+                value=f"{ip}:{port}/{protocol}",
+                description=f"Open port {port}/{protocol} on {ip}",
+                metadata={"ip": ip, "port": int(port), "protocol": protocol}
+            ))
+        return findings
+    def _parse_directory(self, output: str) -> list[Finding]:
+        """Parse directory brute-force output"""
+        findings = []
+        # Standard format
+        for match in self.PATTERNS["directory"].finditer(output):
+            path = match.group(1)
+            status = match.group(2)
+            severity = "info"
+            if status in ["200", "301", "302"]:
+                severity = "low"
+            if any(kw in path.lower() for kw in ["admin", "backup", "config", "upload"]):
+                severity = "medium"
+            findings.append(Finding(
+                type="path",
+                value=path,
+                description=f"Directory found: {path} (Status: {status})",
+                severity=severity,
+                metadata={"status_code": int(status)}
+            ))
+        # ffuf JSON format
+        for match in self.PATTERNS["ffuf_result"].finditer(output):
+            url = match.group(1)
+            status = match.group(2)
+            findings.append(Finding(
+                type="path",
+                value=url,
+                description=f"Endpoint found: {url} (Status: {status})",
+                severity="low",
+                metadata={"status_code": int(status)}
+            ))
+        return findings
+    def _parse_nuclei(self, output: str) -> list[Finding]:
+        """Parse nuclei vulnerability scanner output"""
+        findings = []
+        for match in self.PATTERNS["nuclei_vuln"].finditer(output):
+            template_id = match.group(1)
+            severity = match.group(2).lower()
+            protocol = match.group(3)
+            target = match.group(4)
+            # Normalize severity
+            if severity not in ["info", "low", "medium", "high", "critical"]:
+                severity = "info"
+            findings.append(Finding(
+                type="vuln",
+                value=template_id,
+                description=f"Vulnerability: {template_id} on {target}",
+                severity=severity,
+                metadata={
+                    "template": template_id,
+                    "protocol": protocol,
+                    "target": target,
+                }
+            ))
+        return findings
+    def _parse_hydra(self, output: str) -> list[Finding]:
+        """Parse hydra brute-force output"""
+        findings = []
+        for match in self.PATTERNS["hydra_cred"].finditer(output):
+            port = match.group(1)
+            service = match.group(2)
+            host = match.group(3)
+            username = match.group(4)
+            password = match.group(5)
+            findings.append(Finding(
+                type="credential",
+                value=f"{username}:{password}",
+                description=f"Valid credentials found for {service} on {host}:{port}",
+                severity="critical",
+                metadata={
+                    "host": host,
+                    "port": int(port),
+                    "service": service,
+                    "username": username,
+                    "password": password,
+                }
+            ))
+        return findings
+    def _parse_vuln_scanner(self, output: str) -> list[Finding]:
+        """Parse generic vulnerability scanner output (nikto, wpscan)"""
+        findings = []
+        # Look for CVEs
+        for match in self.PATTERNS["cve"].finditer(output):
+            cve = match.group(0).upper()
+            findings.append(Finding(
+                type="vuln",
+                value=cve,
+                description=f"CVE detected: {cve}",
+                severity="high",
+                metadata={"cve": cve}
+            ))
+        # Look for common vulnerability keywords
+        vuln_keywords = [
+            ("SQL injection", "high"),
+            ("XSS", "medium"),
+            ("CSRF", "medium"),
+            ("directory listing", "low"),
+            ("information disclosure", "medium"),
+            ("remote code execution", "critical"),
+            ("RCE", "critical"),
+            ("LFI", "high"),
+            ("RFI", "high"),
+        ]
+        output_lower = output.lower()
+        for keyword, severity in vuln_keywords:
+            if keyword.lower() in output_lower:
+                findings.append(Finding(
+                    type="vuln",
+                    value=keyword,
+                    description=f"Potential vulnerability: {keyword}",
+                    severity=severity,
+                ))
+        return findings
+    def _parse_generic(self, output: str) -> list[Finding]:
+        """Extract generic patterns from any output"""
+        findings = []
+        # Extract CVEs
+        for match in self.PATTERNS["cve"].finditer(output):
+            cve = match.group(0).upper()
+            findings.append(Finding(
+                type="vuln",
+                value=cve,
+                description=f"CVE reference: {cve}",
+                severity="medium",
+            ))
+        # Extract emails (potential targets for phishing)
+        for match in self.PATTERNS["email"].finditer(output):
+            email = match.group(0)
+            findings.append(Finding(
+                type="info",
+                value=email,
+                description=f"Email discovered: {email}",
+            ))
+        return findings
+    def _deduplicate(self, findings: list[Finding]) -> list[Finding]:
+        """Remove duplicate findings"""
+        seen = set()
+        unique = []
+        for finding in findings:
+            key = (finding.type, finding.value)
+            if key not in seen:
+                seen.add(key)
+                unique.append(finding)
+        return unique

aipt_v2/tools/proxy/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+"""
+AIPT Proxy Tools - MITM proxy interception
+"""
+__all__ = []

aipt_v2/tools/proxy/proxy_actions.py ADDED Viewed

@@ -0,0 +1,103 @@
+from __future__ import annotations
+from typing import Any, Literal
+from aipt_v2.tools.registry import register_tool
+from .proxy_manager import get_proxy_manager
+RequestPart = Literal["request", "response"]
+@register_tool
+def list_requests(
+    httpql_filter: str | None = None,
+    start_page: int = 1,
+    end_page: int = 1,
+    page_size: int = 50,
+    sort_by: Literal[
+        "timestamp",
+        "host",
+        "method",
+        "path",
+        "status_code",
+        "response_time",
+        "response_size",
+        "source",
+    ] = "timestamp",
+    sort_order: Literal["asc", "desc"] = "desc",
+    scope_id: str | None = None,
+) -> dict[str, Any]:
+    manager = get_proxy_manager()
+    return manager.list_requests(
+        httpql_filter, start_page, end_page, page_size, sort_by, sort_order, scope_id
+    )
+@register_tool
+def view_request(
+    request_id: str,
+    part: RequestPart = "request",
+    search_pattern: str | None = None,
+    page: int = 1,
+    page_size: int = 50,
+) -> dict[str, Any]:
+    manager = get_proxy_manager()
+    return manager.view_request(request_id, part, search_pattern, page, page_size)
+@register_tool
+def send_request(
+    method: str,
+    url: str,
+    headers: dict[str, str] | None = None,
+    body: str = "",
+    timeout: int = 30,
+) -> dict[str, Any]:
+    if headers is None:
+        headers = {}
+    manager = get_proxy_manager()
+    return manager.send_simple_request(method, url, headers, body, timeout)
+@register_tool
+def repeat_request(
+    request_id: str,
+    modifications: dict[str, Any] | None = None,
+) -> dict[str, Any]:
+    if modifications is None:
+        modifications = {}
+    manager = get_proxy_manager()
+    return manager.repeat_request(request_id, modifications)
+@register_tool
+def scope_rules(
+    action: Literal["get", "list", "create", "update", "delete"],
+    allowlist: list[str] | None = None,
+    denylist: list[str] | None = None,
+    scope_id: str | None = None,
+    scope_name: str | None = None,
+) -> dict[str, Any]:
+    manager = get_proxy_manager()
+    return manager.scope_rules(action, allowlist, denylist, scope_id, scope_name)
+@register_tool
+def list_sitemap(
+    scope_id: str | None = None,
+    parent_id: str | None = None,
+    depth: Literal["DIRECT", "ALL"] = "DIRECT",
+    page: int = 1,
+) -> dict[str, Any]:
+    manager = get_proxy_manager()
+    return manager.list_sitemap(scope_id, parent_id, depth, page)
+@register_tool
+def view_sitemap_entry(
+    entry_id: str,
+) -> dict[str, Any]:
+    manager = get_proxy_manager()
+    return manager.view_sitemap_entry(entry_id)