souleyez 2.29.0__py3-none-any.whl → 2.31.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- souleyez/__init__.py +1 -1
- souleyez/core/tool_chaining.py +24 -4
- souleyez/docs/README.md +1 -1
- souleyez/main.py +1 -1
- souleyez/storage/database.py +59 -20
- souleyez/storage/migrations/__init__.py +4 -0
- souleyez/ui/interactive.py +480 -215
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/METADATA +3 -3
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/RECORD +13 -13
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/WHEEL +0 -0
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/entry_points.txt +0 -0
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/licenses/LICENSE +0 -0
- {souleyez-2.29.0.dist-info → souleyez-2.31.0.dist-info}/top_level.txt +0 -0
souleyez/__init__.py
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
__version__ = '2.
|
|
1
|
+
__version__ = '2.31.0'
|
souleyez/core/tool_chaining.py
CHANGED
|
@@ -1759,6 +1759,20 @@ class ToolChaining:
|
|
|
1759
1759
|
)
|
|
1760
1760
|
)
|
|
1761
1761
|
|
|
1762
|
+
# Database Admin → SQLMap (gentler settings for phpMyAdmin/Adminer)
|
|
1763
|
+
# These panels are slow and easily overwhelmed - use single thread and basic tests
|
|
1764
|
+
self.rules.append(
|
|
1765
|
+
ChainRule(
|
|
1766
|
+
trigger_tool='gobuster',
|
|
1767
|
+
trigger_condition='category:database_admin',
|
|
1768
|
+
target_tool='sqlmap',
|
|
1769
|
+
priority=6, # Lower priority than CVE/exploit scans
|
|
1770
|
+
args_template=['-u', '{target}', '--batch', '--forms', '--threads=1', '--time-sec=10',
|
|
1771
|
+
'--level=1', '--risk=1', '--technique=BEU', '--timeout=30'],
|
|
1772
|
+
description='Database admin panel detected, testing login form for SQL injection (low intensity)'
|
|
1773
|
+
)
|
|
1774
|
+
)
|
|
1775
|
+
|
|
1762
1776
|
# WordPress → WPScan enumeration
|
|
1763
1777
|
self.rules.append(
|
|
1764
1778
|
ChainRule(
|
|
@@ -5017,6 +5031,7 @@ class ToolChaining:
|
|
|
5017
5031
|
label=f"Auto-retry: gobuster (wildcard {exclude_length}b)",
|
|
5018
5032
|
engagement_id=engagement_id,
|
|
5019
5033
|
parent_id=job.get('id'),
|
|
5034
|
+
reason=f"Auto-triggered by gobuster: Wildcard response detected, retrying with --exclude-length {exclude_length}",
|
|
5020
5035
|
metadata={'retry_attempt': 1, 'retry_parent_job_id': job.get('id')}
|
|
5021
5036
|
)
|
|
5022
5037
|
|
|
@@ -5116,7 +5131,8 @@ class ToolChaining:
|
|
|
5116
5131
|
args=sqlmap_args,
|
|
5117
5132
|
label=f"Auto-chain: SQLMap testing {endpoint_url}",
|
|
5118
5133
|
engagement_id=engagement_id,
|
|
5119
|
-
parent_id=job.get('id')
|
|
5134
|
+
parent_id=job.get('id'),
|
|
5135
|
+
reason=f"Auto-triggered by ffuf: Database/dynamic endpoint detected ({status_code} response)"
|
|
5120
5136
|
)
|
|
5121
5137
|
|
|
5122
5138
|
job_ids.append(sqlmap_job_id)
|
|
@@ -5144,6 +5160,7 @@ class ToolChaining:
|
|
|
5144
5160
|
label=f"Auto-chain: ffuf recursive {endpoint_url}",
|
|
5145
5161
|
engagement_id=engagement_id,
|
|
5146
5162
|
parent_id=job.get('id'),
|
|
5163
|
+
reason=f"Auto-triggered by ffuf: {status_code} response suggests deeper path, fuzzing recursively",
|
|
5147
5164
|
metadata={'ffuf_depth': current_depth + 1}
|
|
5148
5165
|
)
|
|
5149
5166
|
|
|
@@ -5367,7 +5384,8 @@ class ToolChaining:
|
|
|
5367
5384
|
args=['-m', '18200', '-a', '0', 'data/wordlists/top100.txt'],
|
|
5368
5385
|
label='CRACK_ASREP',
|
|
5369
5386
|
engagement_id=engagement_id,
|
|
5370
|
-
parent_id=job.get('id')
|
|
5387
|
+
parent_id=job.get('id'),
|
|
5388
|
+
reason="Auto-triggered by impacket-getnpusers: AS-REP hash extracted, attempting to crack"
|
|
5371
5389
|
)
|
|
5372
5390
|
|
|
5373
5391
|
job_ids.append(job_id)
|
|
@@ -5412,7 +5430,8 @@ class ToolChaining:
|
|
|
5412
5430
|
args=['-m', '1000', '-a', '0', 'data/wordlists/top100.txt'],
|
|
5413
5431
|
label='CRACK_NTLM',
|
|
5414
5432
|
engagement_id=engagement_id,
|
|
5415
|
-
parent_id=job.get('id')
|
|
5433
|
+
parent_id=job.get('id'),
|
|
5434
|
+
reason="Auto-triggered by impacket-secretsdump: NTLM hash extracted, attempting to crack"
|
|
5416
5435
|
)
|
|
5417
5436
|
|
|
5418
5437
|
job_ids.append(job_id)
|
|
@@ -5452,7 +5471,8 @@ class ToolChaining:
|
|
|
5452
5471
|
args=[cred_str],
|
|
5453
5472
|
label='EXTRACT_CREDS',
|
|
5454
5473
|
engagement_id=engagement_id,
|
|
5455
|
-
parent_id=job.get('id')
|
|
5474
|
+
parent_id=job.get('id'),
|
|
5475
|
+
reason="Auto-triggered by hydra: Valid credentials found, attempting to extract domain secrets"
|
|
5456
5476
|
)
|
|
5457
5477
|
|
|
5458
5478
|
job_ids.append(job_id)
|
souleyez/docs/README.md
CHANGED
souleyez/main.py
CHANGED
|
@@ -173,7 +173,7 @@ def _check_privileged_tools():
|
|
|
173
173
|
|
|
174
174
|
|
|
175
175
|
@click.group()
|
|
176
|
-
@click.version_option(version='2.
|
|
176
|
+
@click.version_option(version='2.31.0')
|
|
177
177
|
def cli():
|
|
178
178
|
"""SoulEyez - AI-Powered Pentesting Platform by CyberSoul Security"""
|
|
179
179
|
from souleyez.log_config import init_logging
|
souleyez/storage/database.py
CHANGED
|
@@ -31,7 +31,7 @@ class Database:
|
|
|
31
31
|
os.makedirs(db_dir, exist_ok=True)
|
|
32
32
|
|
|
33
33
|
conn = sqlite3.connect(self.db_path, timeout=30.0)
|
|
34
|
-
|
|
34
|
+
|
|
35
35
|
# Set secure permissions (owner read/write only)
|
|
36
36
|
os.chmod(self.db_path, 0o600)
|
|
37
37
|
conn.row_factory = sqlite3.Row
|
|
@@ -46,7 +46,44 @@ class Database:
|
|
|
46
46
|
"foreign_keys": True
|
|
47
47
|
})
|
|
48
48
|
|
|
49
|
+
# Check if this is an existing database (has tables)
|
|
50
|
+
cursor = conn.execute(
|
|
51
|
+
"SELECT name FROM sqlite_master WHERE type='table' AND name='engagements'"
|
|
52
|
+
)
|
|
53
|
+
is_existing_db = cursor.fetchone() is not None
|
|
54
|
+
conn.close()
|
|
55
|
+
|
|
56
|
+
# For EXISTING databases: Run migrations FIRST
|
|
57
|
+
# This ensures new columns exist before schema.sql tries to create indexes on them
|
|
58
|
+
if is_existing_db:
|
|
59
|
+
try:
|
|
60
|
+
from .migrations.migration_manager import MigrationManager
|
|
61
|
+
manager = MigrationManager(self.db_path)
|
|
62
|
+
pending = manager.get_pending_migrations()
|
|
63
|
+
if pending:
|
|
64
|
+
logger.info("Running pending migrations for existing database", extra={
|
|
65
|
+
"pending_count": len(pending)
|
|
66
|
+
})
|
|
67
|
+
manager.migrate()
|
|
68
|
+
logger.info("Migrations completed successfully", extra={
|
|
69
|
+
"count": len(pending)
|
|
70
|
+
})
|
|
71
|
+
except Exception as migration_error:
|
|
72
|
+
logger.error("Failed to run migrations on existing database", extra={
|
|
73
|
+
"error": str(migration_error),
|
|
74
|
+
"error_type": type(migration_error).__name__,
|
|
75
|
+
"traceback": traceback.format_exc()
|
|
76
|
+
})
|
|
77
|
+
raise # Don't continue if migrations fail for existing DB
|
|
78
|
+
|
|
79
|
+
# Reconnect for schema loading
|
|
80
|
+
conn = sqlite3.connect(self.db_path, timeout=30.0)
|
|
81
|
+
conn.row_factory = sqlite3.Row
|
|
82
|
+
conn.execute("PRAGMA foreign_keys = ON")
|
|
83
|
+
|
|
49
84
|
# Load and execute schema from the same directory as this file
|
|
85
|
+
# For fresh DBs: Creates all tables with current schema
|
|
86
|
+
# For existing DBs: CREATE TABLE IF NOT EXISTS is no-op, but ensures new tables/indexes
|
|
50
87
|
schema_path = Path(__file__).parent / "schema.sql"
|
|
51
88
|
|
|
52
89
|
if schema_path.exists():
|
|
@@ -228,26 +265,28 @@ class Database:
|
|
|
228
265
|
|
|
229
266
|
conn.commit()
|
|
230
267
|
conn.close()
|
|
231
|
-
|
|
232
|
-
# Run
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
268
|
+
|
|
269
|
+
# For FRESH databases: Run migrations after schema.sql loads
|
|
270
|
+
# (Existing DBs already had migrations run before schema.sql)
|
|
271
|
+
if not is_existing_db:
|
|
272
|
+
try:
|
|
273
|
+
from .migrations.migration_manager import MigrationManager
|
|
274
|
+
manager = MigrationManager(self.db_path)
|
|
275
|
+
pending = manager.get_pending_migrations()
|
|
276
|
+
if pending:
|
|
277
|
+
logger.info("Running pending migrations for fresh database", extra={
|
|
278
|
+
"pending_count": len(pending)
|
|
279
|
+
})
|
|
280
|
+
manager.migrate()
|
|
281
|
+
logger.info("Migrations completed successfully", extra={
|
|
282
|
+
"count": len(pending)
|
|
283
|
+
})
|
|
284
|
+
except Exception as migration_error:
|
|
285
|
+
logger.error("Failed to run migrations", extra={
|
|
286
|
+
"error": str(migration_error),
|
|
287
|
+
"error_type": type(migration_error).__name__,
|
|
288
|
+
"traceback": traceback.format_exc()
|
|
244
289
|
})
|
|
245
|
-
except Exception as migration_error:
|
|
246
|
-
logger.error("Failed to run migrations", extra={
|
|
247
|
-
"error": str(migration_error),
|
|
248
|
-
"error_type": type(migration_error).__name__,
|
|
249
|
-
"traceback": traceback.format_exc()
|
|
250
|
-
})
|
|
251
290
|
|
|
252
291
|
except Exception as e:
|
|
253
292
|
logger.error("Database initialization failed", extra={
|
|
@@ -29,6 +29,8 @@ from . import (
|
|
|
29
29
|
_022_wazuh_indexer_columns,
|
|
30
30
|
_023_fix_detection_results_fk,
|
|
31
31
|
_024_wazuh_vulnerabilities,
|
|
32
|
+
_025_multi_siem_support,
|
|
33
|
+
_026_add_engagement_scope,
|
|
32
34
|
)
|
|
33
35
|
|
|
34
36
|
# Migration registry - maps version to module
|
|
@@ -56,6 +58,8 @@ MIGRATIONS_REGISTRY = {
|
|
|
56
58
|
'022': _022_wazuh_indexer_columns,
|
|
57
59
|
'023': _023_fix_detection_results_fk,
|
|
58
60
|
'024': _024_wazuh_vulnerabilities,
|
|
61
|
+
'025': _025_multi_siem_support,
|
|
62
|
+
'026': _026_add_engagement_scope,
|
|
59
63
|
}
|
|
60
64
|
|
|
61
65
|
|