eva-exploit 2.5__tar.gz → 3.1__tar.gz

{eva_exploit-2.5 → eva_exploit-3.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: eva-exploit
-Version: 2.5
+Version: 3.1
 Summary: Exploit Vector Agent
 Author: ARCANGEL0
 License: MIT
@@ -27,7 +27,7 @@ Requires-Dist: requests>=2.31.0
 
 [![License](https://img.shields.io/badge/License-MIT-223355.svg?style=for-the-badge)](LICENSE)
 [![Security](https://img.shields.io/badge/For-Offensive%20Security-8B0000.svg?style=for-the-badge)](#)
-[![AI](https://img.shields.io/badge/AI-Powered-cyan.svg?style=for-the-badge)](#)
+[![AI](https://img.shields.io/badge/AI-Powered-darkblue.svg?style=for-the-badge)](#)
 
 ![GitHub issues](https://img.shields.io/github/issues/ARCANGEL0/EVA?style=for-the-badge&color=3f3972)
 ![GitHub pull requests](https://img.shields.io/github/issues-pr/ARCANGEL0/EVA?style=for-the-badge&color=3f3972)
@@ -36,6 +36,14 @@ Requires-Dist: requests>=2.31.0
 
 </div>
 
+<br> <br>
+
+<div align="center">
+
+[![Checkout my other project :> NekoCLI!](https://img.shields.io/badge/Check%20out%20my%20other%20project:%20%20Neko%20AI%20Assistant%20For%20CLI!%20%F0%9F%90%88-cyan.svg?style=for-the-badge)](https://github.com/ARCANGEL0/NekoCLI)
+
+</div>
+
 ---
 
 ## 𝝺 Overview
@@ -92,8 +100,7 @@ graph TD
     R --> L
     
     Q --> S[⚡ Exploitation Phase]
-    Q --> T[Export graphs and mapped networks
-     - IN DEVELOPMENT -]
+    Q --> T[Export graphs and mapped networks]
     
     S --> U[➤_ Execute Exploit]
     U --> V{🞜 Access Gained?}
@@ -105,8 +112,7 @@ graph TD
     W --> Y[𐦝 Post-Exploitation]
     Y --> Z{🞜 Objectives Met?}
     
-    Z -->|Generate Report| AA[📋 Generate Report 
-     - IN DEVELOPMENT -]
+    Z -->|Generate Report| AA[📋 Generate Report]
     Z -->|Exit and Save| AB[💾 Save & Exit]
     Z -->|No| AC[🔍 Continue Pentest]
     AC --> L
@@ -117,8 +123,7 @@ graph TD
         AD[⯐ Attack Strategy AI]
         AE[𝚵 Session Memory]
         AF[ᐮ Vulnerability Analysis]
-        AG[CVE DATABASE SEARCH  
- - IN DEVELOPMENT -]
+        AG[CVE DATABASE SEARCH]
         AH[𐰬 Output Processing]
     end
     
@@ -138,7 +143,7 @@ graph TD
 ### 🍎 Installation
 
 ```bash
-# Ollama for local endpoint (optional)
+# Ollama for local endpoint (required for local models and eva exploit database)
 curl -fsSL https://ollama.ai/install.sh | shr
 
 # pip installation
@@ -158,39 +163,73 @@ sudo mv eva.py /usr/local/bin/eva
 ### ⬢ Configuring EVA.
 
 When starting EVA, it will automatically handle:
-- ✅ OpenAI API key setup (if using GPT backend)
-- ✅ Ollama model download (WhiteRabbit-Neo, feel free to change to any other desired model)
+- ✅ API key setup (According to Model)
+- ✅ Ollama model download (Default set as whiterabitv2, feel free to change to any other desired model)
 - ✅ Session directory creation
 - ✅ Dependencies installation
 
-<strong> If you wish to modify endpoints, ollama models or other: you can find these options in `config.py` </strong>
+<strong> If you wish to modify endpoints, ollama models, API Keys or configure EVA, please run: </strong>
 
-> EVA is now modular, with a root launcher and separate folders for logic/components.
+```bash
+eva --config
+```
 
 ### 📁 Directory Structure of EVA
 
 ```
-~/.config/eva/
+~/EVA_data/
 ├── sessions/           # Session storage
 │   ├── session1.json
 │   ├── session2.json
 │   └── ...
-└── .env               # API keys (auto-generated)
+├── reports/           # Vulnerability reports
+│   ├── report1.html
+│   ├── report1.pdf
+│   └── ...
+├── attack_maps/           # Attack vector maps in HTML/JS
+│   ├── attack_surface1.html
+│   ├── attack_surface2.html
+│   └── ...
+├── utils/         
+├── modules/     
+├── eva   
+└── config.py          # API keys (auto-generated/persisted)
 ```
  
 ### ꀬ Where to change EVA options
 
+```bash
+eva --config
+```
+
+<strong> Will display the following configuration: </strong>
+
 ```python
-# Key Configuration Options
-API_ENDPOINT = "" # This is the custom API URL.
-G4F_MODEL = "gpt-5-1-instant"
-OLLAMA_MODEL = "jimscard/whiterabbit-neo:latest" # change ollama model as you wish, most recommended one is whiterabbit
+API_ENDPOINT = "NOT_SET" 
+G4F_MODEL="gpt-oss-120b"   
+G4F_URL="https://api.gpt4free.workers.dev/api/novaai/chat/completions"
+OLLAMA_MODEL = "ALIENTELLIGENCE/whiterabbitv2" 
+SEARCHVULN_MODEL = "gpt-oss:120b-cloud"
+SEARCVULN_URL = "https://ollama.com/api/chat"
+OLLAMA_API_KEY = "NOT_SET" 
+OPENAI_API_KEY = "NOT_SET" 
+ANTHROPIC_API_KEY = "NOT_SET" 
+GEMINI_API_KEY = "NOT_SET" 
 ANTHROPIC_MODEL = "claude-3-5-sonnet-latest"
 GEMINI_MODEL = "gemini-2.0-flash"
-CONFIG_DIR = Path.home() / ".config" / "eva" # config folder for EVA
-SESSIONS_DIR = CONFIG_DIR / "sessions" # where to store EVA sessions
-REPORTS_DIR = CONFIG_DIR / "reports" # generated reports
-MAPS_DIR = CONFIG_DIR / "attack_maps" # generated visual attack maps
+OLLAMA_CLOUD_TIMEOUT = 45
+CONFIG_DIR = Path.home() / "EVA_data" #
+SESSIONS_DIR = CONFIG_DIR / "sessions"
+REPORTS_DIR = CONFIG_DIR / "reports"
+MAPS_DIR = CONFIG_DIR / "attack_maps"
+TERMS_ACCEPTEDTHING = CONFIG_DIR / ".confirm"
+CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+SESSIONS_DIR.mkdir(parents=True, exist_ok=True)
+REPORTS_DIR.mkdir(parents=True, exist_ok=True)
+MAPS_DIR.mkdir(parents=True, exist_ok=True)
+username = os.getlogin()
+MAX_RETRIES = 10 ### maximum retries for fetching requests
+RETRY_DELAY = 10 ### delay between requests to avoid rate limit error
 ```
 
 </details>
@@ -204,13 +243,25 @@ MAPS_DIR = CONFIG_DIR / "attack_maps" # generated visual attack maps
 python3 eva.py
 # or if installed via pip:
 eva
+
+# open config.py in your default editor
+eva --config
+
+# deletes all sessions and files
+eva --delete
+
+# vulnerability / exploit intel search
+eva --search i have a wingftp server running on version 4.7.3, find me exploits for it
+
+# run eva default launcher
+eva 
 ```
 
 1. **Select Session**: Choose existing session or create new one
 2. **Choose AI Backend**:
    - **Ollama** (Recommended): Local AI with WhiteRabbit-Neo model
    - **GPT-5**: OpenAI's latest model (requires API key)
-   - **G4F**: Uses g4f.dev endpoints with model GPT 5-1, feel free to change model used.
+   - **G4F**: Uses g4f.dev endpoints with models running GPT5.2, feel free to change model used.
    - **Anthropic**: Claude API backend (requires API key)
    - **Gemini**: Google Gemini API backend (requires API key)
    - **Custom API**: Your own API endpoint if desired
@@ -225,6 +276,8 @@ eva
 | `/exit` / `/quit` | Exit EVA and save session |
 | `/model` | Change AI backend |
 | `/rename` | Rename the current session |
+| `/report` | Generates a PDF/HTML report with latest findings on session |
+| `/map` | Generates a html file with attack surface map of session |
 | `/menu` | Return to session menu |
 | `R` | Run suggested command |
 | `S` | Skip command |
@@ -294,20 +347,18 @@ Let me start with basic system reconnaissance to understand the target better...
   - ✅ Custom model integration
   - ✅ Modifiable as you wish
 
-#### More backends compability will be provided soon! 
-
 ### ✶ Anthropic
 - **Model**: Configurable via `ANTHROPIC_MODEL`
 - **About**:
   - ✅ Strong reasoning quality
-  - ✅ Stable commercial API
+  - ✅ Stable API
   - ❌ Requires `ANTHROPIC_API_KEY`
 
 ### ✦ Gemini
 - **Model**: Configurable via `GEMINI_MODEL`
 - **About**:
   - ✅ Fast response latency
-  - ✅ Native JSON output mode
+  - ✅ Native JSON output mode and better parsing, usually provides best results
   - ❌ Requires `GEMINI_API_KEY`
 
 </details>
@@ -318,11 +369,11 @@ Let me start with basic system reconnaissance to understand the target better...
 - [x] **⬢ OpenAI integration**: Integrated OpenAI into EVA
 - [x] **⬢ G4F.DEV**: Added G4F endpoints to free GPT5 usage.
 - [x] **⬢ Custom API**: Add custom endpoint besides ollama and OpenAI
-- [x] **⬡ Automated Reporting**: Concise HTML report generation (+ optional PDF via wkhtmltopdf)
+- [x] **⬢ Automated Reporting**: Concise HTML report generation (+ optional PDF via wkhtmltopdf)
+- [x] **⬢ CVE Database Integration**: Real-time vulnerability data
+- [x] **⬢ Visual Attack Maps**: Interactive network diagrams such as connections or such, like Kerberos domains and AD devices.
 - [ ] **⬡ Cloud Integration**: AWS/GCP deployment ready
-- [ ] **⬡ CVE Database Integration**: Real-time vulnerability data
 - [ ] **⬡ Web Interface**: Browser-based EVA dashboard
-- [ ] **⬡ Visual Attack Maps**: Interactive network diagrams such as connections or such, like Kerberos domains and AD devices.
 
 </details>
  

{eva_exploit-2.5 → eva_exploit-3.1}/README.md

@@ -15,7 +15,7 @@
 
 [![License](https://img.shields.io/badge/License-MIT-223355.svg?style=for-the-badge)](LICENSE)
 [![Security](https://img.shields.io/badge/For-Offensive%20Security-8B0000.svg?style=for-the-badge)](#)
-[![AI](https://img.shields.io/badge/AI-Powered-cyan.svg?style=for-the-badge)](#)
+[![AI](https://img.shields.io/badge/AI-Powered-darkblue.svg?style=for-the-badge)](#)
 
 ![GitHub issues](https://img.shields.io/github/issues/ARCANGEL0/EVA?style=for-the-badge&color=3f3972)
 ![GitHub pull requests](https://img.shields.io/github/issues-pr/ARCANGEL0/EVA?style=for-the-badge&color=3f3972)
@@ -24,6 +24,14 @@
 
 </div>
 
+<br> <br>
+
+<div align="center">
+
+[![Checkout my other project :> NekoCLI!](https://img.shields.io/badge/Check%20out%20my%20other%20project:%20%20Neko%20AI%20Assistant%20For%20CLI!%20%F0%9F%90%88-cyan.svg?style=for-the-badge)](https://github.com/ARCANGEL0/NekoCLI)
+
+</div>
+
 ---
 
 ## 𝝺 Overview
@@ -80,8 +88,7 @@ graph TD
     R --> L
     
     Q --> S[⚡ Exploitation Phase]
-    Q --> T[Export graphs and mapped networks
-     - IN DEVELOPMENT -]
+    Q --> T[Export graphs and mapped networks]
     
     S --> U[➤_ Execute Exploit]
     U --> V{🞜 Access Gained?}
@@ -93,8 +100,7 @@ graph TD
     W --> Y[𐦝 Post-Exploitation]
     Y --> Z{🞜 Objectives Met?}
     
-    Z -->|Generate Report| AA[📋 Generate Report 
-     - IN DEVELOPMENT -]
+    Z -->|Generate Report| AA[📋 Generate Report]
     Z -->|Exit and Save| AB[💾 Save & Exit]
     Z -->|No| AC[🔍 Continue Pentest]
     AC --> L
@@ -105,8 +111,7 @@ graph TD
         AD[⯐ Attack Strategy AI]
         AE[𝚵 Session Memory]
         AF[ᐮ Vulnerability Analysis]
-        AG[CVE DATABASE SEARCH  
- - IN DEVELOPMENT -]
+        AG[CVE DATABASE SEARCH]
         AH[𐰬 Output Processing]
     end
     
@@ -126,7 +131,7 @@ graph TD
 ### 🍎 Installation
 
 ```bash
-# Ollama for local endpoint (optional)
+# Ollama for local endpoint (required for local models and eva exploit database)
 curl -fsSL https://ollama.ai/install.sh | shr
 
 # pip installation
@@ -146,39 +151,73 @@ sudo mv eva.py /usr/local/bin/eva
 ### ⬢ Configuring EVA.
 
 When starting EVA, it will automatically handle:
-- ✅ OpenAI API key setup (if using GPT backend)
-- ✅ Ollama model download (WhiteRabbit-Neo, feel free to change to any other desired model)
+- ✅ API key setup (According to Model)
+- ✅ Ollama model download (Default set as whiterabitv2, feel free to change to any other desired model)
 - ✅ Session directory creation
 - ✅ Dependencies installation
 
-<strong> If you wish to modify endpoints, ollama models or other: you can find these options in `config.py` </strong>
+<strong> If you wish to modify endpoints, ollama models, API Keys or configure EVA, please run: </strong>
 
-> EVA is now modular, with a root launcher and separate folders for logic/components.
+```bash
+eva --config
+```
 
 ### 📁 Directory Structure of EVA
 
 ```
-~/.config/eva/
+~/EVA_data/
 ├── sessions/           # Session storage
 │   ├── session1.json
 │   ├── session2.json
 │   └── ...
-└── .env               # API keys (auto-generated)
+├── reports/           # Vulnerability reports
+│   ├── report1.html
+│   ├── report1.pdf
+│   └── ...
+├── attack_maps/           # Attack vector maps in HTML/JS
+│   ├── attack_surface1.html
+│   ├── attack_surface2.html
+│   └── ...
+├── utils/         
+├── modules/     
+├── eva   
+└── config.py          # API keys (auto-generated/persisted)
 ```
  
 ### ꀬ Where to change EVA options
 
+```bash
+eva --config
+```
+
+<strong> Will display the following configuration: </strong>
+
 ```python
-# Key Configuration Options
-API_ENDPOINT = "" # This is the custom API URL.
-G4F_MODEL = "gpt-5-1-instant"
-OLLAMA_MODEL = "jimscard/whiterabbit-neo:latest" # change ollama model as you wish, most recommended one is whiterabbit
+API_ENDPOINT = "NOT_SET" 
+G4F_MODEL="gpt-oss-120b"   
+G4F_URL="https://api.gpt4free.workers.dev/api/novaai/chat/completions"
+OLLAMA_MODEL = "ALIENTELLIGENCE/whiterabbitv2" 
+SEARCHVULN_MODEL = "gpt-oss:120b-cloud"
+SEARCVULN_URL = "https://ollama.com/api/chat"
+OLLAMA_API_KEY = "NOT_SET" 
+OPENAI_API_KEY = "NOT_SET" 
+ANTHROPIC_API_KEY = "NOT_SET" 
+GEMINI_API_KEY = "NOT_SET" 
 ANTHROPIC_MODEL = "claude-3-5-sonnet-latest"
 GEMINI_MODEL = "gemini-2.0-flash"
-CONFIG_DIR = Path.home() / ".config" / "eva" # config folder for EVA
-SESSIONS_DIR = CONFIG_DIR / "sessions" # where to store EVA sessions
-REPORTS_DIR = CONFIG_DIR / "reports" # generated reports
-MAPS_DIR = CONFIG_DIR / "attack_maps" # generated visual attack maps
+OLLAMA_CLOUD_TIMEOUT = 45
+CONFIG_DIR = Path.home() / "EVA_data" #
+SESSIONS_DIR = CONFIG_DIR / "sessions"
+REPORTS_DIR = CONFIG_DIR / "reports"
+MAPS_DIR = CONFIG_DIR / "attack_maps"
+TERMS_ACCEPTEDTHING = CONFIG_DIR / ".confirm"
+CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+SESSIONS_DIR.mkdir(parents=True, exist_ok=True)
+REPORTS_DIR.mkdir(parents=True, exist_ok=True)
+MAPS_DIR.mkdir(parents=True, exist_ok=True)
+username = os.getlogin()
+MAX_RETRIES = 10 ### maximum retries for fetching requests
+RETRY_DELAY = 10 ### delay between requests to avoid rate limit error
 ```
 
 </details>
@@ -192,13 +231,25 @@ MAPS_DIR = CONFIG_DIR / "attack_maps" # generated visual attack maps
 python3 eva.py
 # or if installed via pip:
 eva
+
+# open config.py in your default editor
+eva --config
+
+# deletes all sessions and files
+eva --delete
+
+# vulnerability / exploit intel search
+eva --search i have a wingftp server running on version 4.7.3, find me exploits for it
+
+# run eva default launcher
+eva 
 ```
 
 1. **Select Session**: Choose existing session or create new one
 2. **Choose AI Backend**:
    - **Ollama** (Recommended): Local AI with WhiteRabbit-Neo model
    - **GPT-5**: OpenAI's latest model (requires API key)
-   - **G4F**: Uses g4f.dev endpoints with model GPT 5-1, feel free to change model used.
+   - **G4F**: Uses g4f.dev endpoints with models running GPT5.2, feel free to change model used.
    - **Anthropic**: Claude API backend (requires API key)
    - **Gemini**: Google Gemini API backend (requires API key)
    - **Custom API**: Your own API endpoint if desired
@@ -213,6 +264,8 @@ eva
 | `/exit` / `/quit` | Exit EVA and save session |
 | `/model` | Change AI backend |
 | `/rename` | Rename the current session |
+| `/report` | Generates a PDF/HTML report with latest findings on session |
+| `/map` | Generates a html file with attack surface map of session |
 | `/menu` | Return to session menu |
 | `R` | Run suggested command |
 | `S` | Skip command |
@@ -282,20 +335,18 @@ Let me start with basic system reconnaissance to understand the target better...
   - ✅ Custom model integration
   - ✅ Modifiable as you wish
 
-#### More backends compability will be provided soon! 
-
 ### ✶ Anthropic
 - **Model**: Configurable via `ANTHROPIC_MODEL`
 - **About**:
   - ✅ Strong reasoning quality
-  - ✅ Stable commercial API
+  - ✅ Stable API
   - ❌ Requires `ANTHROPIC_API_KEY`
 
 ### ✦ Gemini
 - **Model**: Configurable via `GEMINI_MODEL`
 - **About**:
   - ✅ Fast response latency
-  - ✅ Native JSON output mode
+  - ✅ Native JSON output mode and better parsing, usually provides best results
   - ❌ Requires `GEMINI_API_KEY`
 
 </details>
@@ -306,11 +357,11 @@ Let me start with basic system reconnaissance to understand the target better...
 - [x] **⬢ OpenAI integration**: Integrated OpenAI into EVA
 - [x] **⬢ G4F.DEV**: Added G4F endpoints to free GPT5 usage.
 - [x] **⬢ Custom API**: Add custom endpoint besides ollama and OpenAI
-- [x] **⬡ Automated Reporting**: Concise HTML report generation (+ optional PDF via wkhtmltopdf)
+- [x] **⬢ Automated Reporting**: Concise HTML report generation (+ optional PDF via wkhtmltopdf)
+- [x] **⬢ CVE Database Integration**: Real-time vulnerability data
+- [x] **⬢ Visual Attack Maps**: Interactive network diagrams such as connections or such, like Kerberos domains and AD devices.
 - [ ] **⬡ Cloud Integration**: AWS/GCP deployment ready
-- [ ] **⬡ CVE Database Integration**: Real-time vulnerability data
 - [ ] **⬡ Web Interface**: Browser-based EVA dashboard
-- [ ] **⬡ Visual Attack Maps**: Interactive network diagrams such as connections or such, like Kerberos domains and AD devices.
 
 </details>
  

eva_exploit-3.1/config.py

@@ -0,0 +1,42 @@
+#!/usr/bin/env python3
+# made by:    _    ____   ____    _    _   _  ____ _____ _     ___
+#▄████▄ █████▄  ▄█████ ▄████▄ ███  ██  ▄████  ██████ ██     ▄████▄
+#██▄▄██ ██▄▄██▄ ██     ██▄▄██ ██ ▀▄██ ██  ▄▄▄ ██▄▄   ██     ██  ██
+#██  ██ ██   ██ ▀█████ ██  ██ ██   ██  ▀███▀  ██▄▄▄▄ ██████ ▀████▀
+# --------------------------------------------------------------------- 
+
+import os
+from pathlib import Path
+
+# ================= CONFIG =================
+APP_NAME = "EVA"
+APP_VERSION = "3.1"
+GITHUB_REPO = "arcangel0/EVA"
+PYPI_PACKAGE = "eva-exploit"
+API_ENDPOINT = "NOT_SET" # <--- change to your desired endpoint if needed
+G4F_MODEL="gpt-oss-120b"   
+G4F_URL="https://api.gpt4free.workers.dev/api/novaai/chat/completions"
+OLLAMA_MODEL = "ALIENTELLIGENCE/whiterabbitv2" # recommended ollama model
+SEARCHVULN_MODEL = "gpt-oss:120b-cloud"
+SEARCVULN_URL = "https://ollama.com/api/chat"
+OLLAMA_API_KEY = "NOT_SET" # your ollama api key
+OPENAI_API_KEY = "NOT_SET" # openai key
+ANTHROPIC_API_KEY = "NOT_SET" #anthropic api key 
+GEMINI_API_KEY = "NOT_SET" # your gemini key
+ANTHROPIC_MODEL = "claude-3-5-sonnet-latest"
+GEMINI_MODEL = "gemini-2.0-flash"
+OLLAMA_CLOUD_TIMEOUT = 45
+CONFIG_DIR = Path.home() / "EVA_data" # Path to save EVA files
+SESSIONS_DIR = CONFIG_DIR / "sessions"
+REPORTS_DIR = CONFIG_DIR / "reports"
+MAPS_DIR = CONFIG_DIR / "attack_maps"
+TERMS_ACCEPTEDTHING = CONFIG_DIR / ".confirm"
+CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+SESSIONS_DIR.mkdir(parents=True, exist_ok=True)
+REPORTS_DIR.mkdir(parents=True, exist_ok=True)
+MAPS_DIR.mkdir(parents=True, exist_ok=True)
+username = os.getlogin()
+MAX_RETRIES = 10 ### maximum retries for fetching requests
+RETRY_DELAY = 10 ### delay between requests to avoid rate limit error
+
+# All sessions will be stored on $HOME/.config/eva/sessions/*.json