PyPI - souleyez - Versions diffs - 2.43.28__py3-none-any.whl → 2.43.32__py3-none-any.whl - Mend

souleyez 2.43.28py3-none-any.whl → 2.43.32py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (356) hide show

souleyez/__init__.py +1 -2
souleyez/ai/__init__.py +21 -15
souleyez/ai/action_mapper.py +249 -150
souleyez/ai/chain_advisor.py +116 -100
souleyez/ai/claude_provider.py +29 -28
souleyez/ai/context_builder.py +80 -62
souleyez/ai/executor.py +158 -117
souleyez/ai/feedback_handler.py +136 -121
souleyez/ai/llm_factory.py +27 -20
souleyez/ai/llm_provider.py +4 -2
souleyez/ai/ollama_provider.py +6 -9
souleyez/ai/ollama_service.py +44 -37
souleyez/ai/path_scorer.py +91 -76
souleyez/ai/recommender.py +176 -144
souleyez/ai/report_context.py +74 -73
souleyez/ai/report_service.py +84 -66
souleyez/ai/result_parser.py +222 -229
souleyez/ai/safety.py +67 -44
souleyez/auth/__init__.py +23 -22
souleyez/auth/audit.py +36 -26
souleyez/auth/engagement_access.py +65 -48
souleyez/auth/permissions.py +14 -3
souleyez/auth/session_manager.py +54 -37
souleyez/auth/user_manager.py +109 -64
souleyez/commands/audit.py +40 -43
souleyez/commands/auth.py +35 -15
souleyez/commands/deliverables.py +55 -50
souleyez/commands/engagement.py +47 -28
souleyez/commands/license.py +32 -23
souleyez/commands/screenshots.py +36 -32
souleyez/commands/user.py +82 -36
souleyez/config.py +52 -44
souleyez/core/credential_tester.py +87 -81
souleyez/core/cve_mappings.py +179 -192
souleyez/core/cve_matcher.py +162 -148
souleyez/core/msf_auto_mapper.py +100 -83
souleyez/core/msf_chain_engine.py +294 -256
souleyez/core/msf_database.py +153 -70
souleyez/core/msf_integration.py +679 -673
souleyez/core/msf_rpc_client.py +40 -42
souleyez/core/msf_rpc_manager.py +77 -79
souleyez/core/msf_sync_manager.py +241 -181
souleyez/core/network_utils.py +22 -15
souleyez/core/parser_handler.py +34 -25
souleyez/core/pending_chains.py +114 -63
souleyez/core/templates.py +158 -107
souleyez/core/tool_chaining.py +9592 -2879
souleyez/core/version_utils.py +79 -94
souleyez/core/vuln_correlation.py +136 -89
souleyez/core/web_utils.py +33 -32
souleyez/data/wordlists/ad_users.txt +378 -0
souleyez/data/wordlists/api_endpoints_large.txt +769 -0
souleyez/data/wordlists/home_dir_sensitive.txt +39 -0
souleyez/data/wordlists/lfi_payloads.txt +82 -0
souleyez/data/wordlists/passwords_brute.txt +1548 -0
souleyez/data/wordlists/passwords_crack.txt +2479 -0
souleyez/data/wordlists/passwords_spray.txt +386 -0
souleyez/data/wordlists/subdomains_large.txt +5057 -0
souleyez/data/wordlists/usernames_common.txt +694 -0
souleyez/data/wordlists/web_dirs_large.txt +4769 -0
souleyez/detection/__init__.py +1 -1
souleyez/detection/attack_signatures.py +12 -17
souleyez/detection/mitre_mappings.py +61 -55
souleyez/detection/validator.py +97 -86
souleyez/devtools.py +23 -10
souleyez/docs/README.md +4 -4
souleyez/docs/api-reference/cli-commands.md +2 -2
souleyez/docs/developer-guide/adding-new-tools.md +562 -0
souleyez/docs/user-guide/auto-chaining.md +30 -8
souleyez/docs/user-guide/getting-started.md +1 -1
souleyez/docs/user-guide/installation.md +26 -3
souleyez/docs/user-guide/metasploit-integration.md +2 -2
souleyez/docs/user-guide/rbac.md +1 -1
souleyez/docs/user-guide/scope-management.md +1 -1
souleyez/docs/user-guide/siem-integration.md +1 -1
souleyez/docs/user-guide/tools-reference.md +1 -8
souleyez/docs/user-guide/worker-management.md +1 -1
souleyez/engine/background.py +1238 -535
souleyez/engine/base.py +4 -1
souleyez/engine/job_status.py +17 -49
souleyez/engine/log_sanitizer.py +103 -77
souleyez/engine/manager.py +38 -7
souleyez/engine/result_handler.py +2198 -1550
souleyez/engine/worker_manager.py +50 -41
souleyez/export/evidence_bundle.py +72 -62
souleyez/feature_flags/features.py +16 -20
souleyez/feature_flags.py +5 -9
souleyez/handlers/__init__.py +11 -0
souleyez/handlers/base.py +188 -0
souleyez/handlers/bash_handler.py +277 -0
souleyez/handlers/bloodhound_handler.py +243 -0
souleyez/handlers/certipy_handler.py +311 -0
souleyez/handlers/crackmapexec_handler.py +486 -0
souleyez/handlers/dnsrecon_handler.py +344 -0
souleyez/handlers/enum4linux_handler.py +400 -0
souleyez/handlers/evil_winrm_handler.py +493 -0
souleyez/handlers/ffuf_handler.py +815 -0
souleyez/handlers/gobuster_handler.py +1114 -0
souleyez/handlers/gpp_extract_handler.py +334 -0
souleyez/handlers/hashcat_handler.py +444 -0
souleyez/handlers/hydra_handler.py +563 -0
souleyez/handlers/impacket_getuserspns_handler.py +343 -0
souleyez/handlers/impacket_psexec_handler.py +222 -0
souleyez/handlers/impacket_secretsdump_handler.py +426 -0
souleyez/handlers/john_handler.py +286 -0
souleyez/handlers/katana_handler.py +425 -0
souleyez/handlers/kerbrute_handler.py +298 -0
souleyez/handlers/ldapsearch_handler.py +636 -0
souleyez/handlers/lfi_extract_handler.py +464 -0
souleyez/handlers/msf_auxiliary_handler.py +408 -0
souleyez/handlers/msf_exploit_handler.py +380 -0
souleyez/handlers/nikto_handler.py +413 -0
souleyez/handlers/nmap_handler.py +821 -0
souleyez/handlers/nuclei_handler.py +359 -0
souleyez/handlers/nxc_handler.py +371 -0
souleyez/handlers/rdp_sec_check_handler.py +353 -0
souleyez/handlers/registry.py +288 -0
souleyez/handlers/responder_handler.py +232 -0
souleyez/handlers/service_explorer_handler.py +434 -0
souleyez/handlers/smbclient_handler.py +344 -0
souleyez/handlers/smbmap_handler.py +510 -0
souleyez/handlers/smbpasswd_handler.py +296 -0
souleyez/handlers/sqlmap_handler.py +1116 -0
souleyez/handlers/theharvester_handler.py +601 -0
souleyez/handlers/whois_handler.py +277 -0
souleyez/handlers/wpscan_handler.py +554 -0
souleyez/history.py +32 -16
souleyez/importers/msf_importer.py +106 -75
souleyez/importers/smart_importer.py +208 -147
souleyez/integrations/siem/__init__.py +10 -10
souleyez/integrations/siem/base.py +17 -18
souleyez/integrations/siem/elastic.py +108 -122
souleyez/integrations/siem/factory.py +207 -80
souleyez/integrations/siem/googlesecops.py +146 -154
souleyez/integrations/siem/rule_mappings/__init__.py +1 -1
souleyez/integrations/siem/rule_mappings/wazuh_rules.py +8 -5
souleyez/integrations/siem/sentinel.py +107 -109
souleyez/integrations/siem/splunk.py +246 -212
souleyez/integrations/siem/wazuh.py +65 -71
souleyez/integrations/wazuh/__init__.py +5 -5
souleyez/integrations/wazuh/client.py +70 -93
souleyez/integrations/wazuh/config.py +85 -57
souleyez/integrations/wazuh/host_mapper.py +28 -36
souleyez/integrations/wazuh/sync.py +78 -68
souleyez/intelligence/__init__.py +4 -5
souleyez/intelligence/correlation_analyzer.py +309 -295
souleyez/intelligence/exploit_knowledge.py +661 -623
souleyez/intelligence/exploit_suggestions.py +159 -139
souleyez/intelligence/gap_analyzer.py +132 -97
souleyez/intelligence/gap_detector.py +251 -214
souleyez/intelligence/sensitive_tables.py +266 -129
souleyez/intelligence/service_parser.py +137 -123
souleyez/intelligence/surface_analyzer.py +407 -268
souleyez/intelligence/target_parser.py +159 -162
souleyez/licensing/__init__.py +6 -6
souleyez/licensing/validator.py +17 -19
souleyez/log_config.py +79 -54
souleyez/main.py +1505 -687
souleyez/migrations/fix_job_counter.py +16 -14
souleyez/parsers/bloodhound_parser.py +41 -39
souleyez/parsers/crackmapexec_parser.py +178 -111
souleyez/parsers/dalfox_parser.py +72 -77
souleyez/parsers/dnsrecon_parser.py +103 -91
souleyez/parsers/enum4linux_parser.py +183 -153
souleyez/parsers/ffuf_parser.py +29 -25
souleyez/parsers/gobuster_parser.py +301 -41
souleyez/parsers/hashcat_parser.py +324 -79
souleyez/parsers/http_fingerprint_parser.py +350 -103
souleyez/parsers/hydra_parser.py +131 -111
souleyez/parsers/impacket_parser.py +231 -178
souleyez/parsers/john_parser.py +98 -86
souleyez/parsers/katana_parser.py +316 -0
souleyez/parsers/msf_parser.py +943 -498
souleyez/parsers/nikto_parser.py +346 -65
souleyez/parsers/nmap_parser.py +262 -174
souleyez/parsers/nuclei_parser.py +40 -44
souleyez/parsers/responder_parser.py +26 -26
souleyez/parsers/searchsploit_parser.py +74 -74
souleyez/parsers/service_explorer_parser.py +279 -0
souleyez/parsers/smbmap_parser.py +180 -124
souleyez/parsers/sqlmap_parser.py +434 -308
souleyez/parsers/theharvester_parser.py +75 -57
souleyez/parsers/whois_parser.py +135 -94
souleyez/parsers/wpscan_parser.py +278 -190
souleyez/plugins/afp.py +44 -36
souleyez/plugins/afp_brute.py +114 -46
souleyez/plugins/ard.py +48 -37
souleyez/plugins/bloodhound.py +95 -61
souleyez/plugins/certipy.py +303 -0
souleyez/plugins/crackmapexec.py +186 -85
souleyez/plugins/dalfox.py +120 -59
souleyez/plugins/dns_hijack.py +146 -41
souleyez/plugins/dnsrecon.py +97 -61
souleyez/plugins/enum4linux.py +91 -66
souleyez/plugins/evil_winrm.py +291 -0
souleyez/plugins/ffuf.py +166 -90
souleyez/plugins/firmware_extract.py +133 -29
souleyez/plugins/gobuster.py +387 -190
souleyez/plugins/gpp_extract.py +393 -0
souleyez/plugins/hashcat.py +100 -73
souleyez/plugins/http_fingerprint.py +854 -267
souleyez/plugins/hydra.py +566 -200
souleyez/plugins/impacket_getnpusers.py +117 -69
souleyez/plugins/impacket_psexec.py +84 -64
souleyez/plugins/impacket_secretsdump.py +103 -69
souleyez/plugins/impacket_smbclient.py +89 -75
souleyez/plugins/john.py +86 -69
souleyez/plugins/katana.py +313 -0
souleyez/plugins/kerbrute.py +237 -0
souleyez/plugins/lfi_extract.py +541 -0
souleyez/plugins/macos_ssh.py +117 -48
souleyez/plugins/mdns.py +35 -30
souleyez/plugins/msf_auxiliary.py +253 -130
souleyez/plugins/msf_exploit.py +239 -161
souleyez/plugins/nikto.py +134 -78
souleyez/plugins/nmap.py +275 -91
souleyez/plugins/nuclei.py +180 -89
souleyez/plugins/nxc.py +285 -0
souleyez/plugins/plugin_base.py +35 -36
souleyez/plugins/plugin_template.py +13 -5
souleyez/plugins/rdp_sec_check.py +130 -0
souleyez/plugins/responder.py +112 -71
souleyez/plugins/router_http_brute.py +76 -65
souleyez/plugins/router_ssh_brute.py +118 -41
souleyez/plugins/router_telnet_brute.py +124 -42
souleyez/plugins/routersploit.py +91 -59
souleyez/plugins/routersploit_exploit.py +77 -55
souleyez/plugins/searchsploit.py +91 -77
souleyez/plugins/service_explorer.py +1160 -0
souleyez/plugins/smbmap.py +122 -72
souleyez/plugins/smbpasswd.py +215 -0
souleyez/plugins/sqlmap.py +301 -113
souleyez/plugins/theharvester.py +127 -75
souleyez/plugins/tr069.py +79 -57
souleyez/plugins/upnp.py +65 -47
souleyez/plugins/upnp_abuse.py +73 -55
souleyez/plugins/vnc_access.py +129 -42
souleyez/plugins/vnc_brute.py +109 -38
souleyez/plugins/whois.py +77 -58
souleyez/plugins/wpscan.py +173 -69
souleyez/reporting/__init__.py +2 -1
souleyez/reporting/attack_chain.py +411 -346
souleyez/reporting/charts.py +436 -501
souleyez/reporting/compliance_mappings.py +334 -201
souleyez/reporting/detection_report.py +126 -125
souleyez/reporting/formatters.py +828 -591
souleyez/reporting/generator.py +386 -302
souleyez/reporting/metrics.py +72 -75
souleyez/scanner.py +35 -29
souleyez/security/__init__.py +37 -11
souleyez/security/scope_validator.py +175 -106
souleyez/security/validation.py +223 -149
souleyez/security.py +22 -6
souleyez/storage/credentials.py +247 -186
souleyez/storage/crypto.py +296 -129
souleyez/storage/database.py +73 -50
souleyez/storage/db.py +58 -36
souleyez/storage/deliverable_evidence.py +177 -128
souleyez/storage/deliverable_exporter.py +282 -246
souleyez/storage/deliverable_templates.py +134 -116
souleyez/storage/deliverables.py +135 -130
souleyez/storage/engagements.py +109 -56
souleyez/storage/evidence.py +181 -152
souleyez/storage/execution_log.py +31 -17
souleyez/storage/exploit_attempts.py +93 -57
souleyez/storage/exploits.py +67 -36
souleyez/storage/findings.py +48 -61
souleyez/storage/hosts.py +176 -144
souleyez/storage/migrate_to_engagements.py +43 -19
souleyez/storage/migrations/_001_add_credential_enhancements.py +22 -12
souleyez/storage/migrations/_002_add_status_tracking.py +10 -7
souleyez/storage/migrations/_003_add_execution_log.py +14 -8
souleyez/storage/migrations/_005_screenshots.py +13 -5
souleyez/storage/migrations/_006_deliverables.py +13 -5
souleyez/storage/migrations/_007_deliverable_templates.py +12 -7
souleyez/storage/migrations/_008_add_nuclei_table.py +10 -4
souleyez/storage/migrations/_010_evidence_linking.py +17 -10
souleyez/storage/migrations/_011_timeline_tracking.py +20 -13
souleyez/storage/migrations/_012_team_collaboration.py +34 -21
souleyez/storage/migrations/_013_add_host_tags.py +12 -6
souleyez/storage/migrations/_014_exploit_attempts.py +22 -10
souleyez/storage/migrations/_015_add_mac_os_fields.py +15 -7
souleyez/storage/migrations/_016_add_domain_field.py +10 -4
souleyez/storage/migrations/_017_msf_sessions.py +16 -8
souleyez/storage/migrations/_018_add_osint_target.py +10 -6
souleyez/storage/migrations/_019_add_engagement_type.py +10 -6
souleyez/storage/migrations/_020_add_rbac.py +36 -15
souleyez/storage/migrations/_021_wazuh_integration.py +20 -8
souleyez/storage/migrations/_022_wazuh_indexer_columns.py +6 -4
souleyez/storage/migrations/_023_fix_detection_results_fk.py +16 -6
souleyez/storage/migrations/_024_wazuh_vulnerabilities.py +26 -10
souleyez/storage/migrations/_025_multi_siem_support.py +3 -5
souleyez/storage/migrations/_026_add_engagement_scope.py +31 -12
souleyez/storage/migrations/_027_multi_siem_persistence.py +32 -15
souleyez/storage/migrations/__init__.py +26 -26
souleyez/storage/migrations/migration_manager.py +19 -19
souleyez/storage/msf_sessions.py +100 -65
souleyez/storage/osint.py +17 -24
souleyez/storage/recommendation_engine.py +269 -235
souleyez/storage/screenshots.py +33 -32
souleyez/storage/smb_shares.py +136 -92
souleyez/storage/sqlmap_data.py +183 -128
souleyez/storage/team_collaboration.py +135 -141
souleyez/storage/timeline_tracker.py +122 -94
souleyez/storage/wazuh_vulns.py +64 -66
souleyez/storage/web_paths.py +33 -37
souleyez/testing/credential_tester.py +221 -205
souleyez/ui/__init__.py +1 -1
souleyez/ui/ai_quotes.py +12 -12
souleyez/ui/attack_surface.py +2439 -1516
souleyez/ui/chain_rules_view.py +914 -382
souleyez/ui/correlation_view.py +312 -230
souleyez/ui/dashboard.py +2382 -1130
souleyez/ui/deliverables_view.py +148 -62
souleyez/ui/design_system.py +13 -13
souleyez/ui/errors.py +49 -49
souleyez/ui/evidence_linking_view.py +284 -179
souleyez/ui/evidence_vault.py +393 -285
souleyez/ui/exploit_suggestions_view.py +555 -349
souleyez/ui/export_view.py +100 -66
souleyez/ui/gap_analysis_view.py +315 -171
souleyez/ui/help_system.py +105 -97
souleyez/ui/intelligence_view.py +436 -293
souleyez/ui/interactive.py +23142 -10430
souleyez/ui/interactive_selector.py +75 -68
souleyez/ui/log_formatter.py +47 -39
souleyez/ui/menu_components.py +22 -13
souleyez/ui/msf_auxiliary_menu.py +184 -133
souleyez/ui/pending_chains_view.py +336 -172
souleyez/ui/progress_indicators.py +5 -3
souleyez/ui/recommendations_view.py +195 -137
souleyez/ui/rule_builder.py +343 -225
souleyez/ui/setup_wizard.py +678 -284
souleyez/ui/shortcuts.py +217 -165
souleyez/ui/splunk_gap_analysis_view.py +452 -270
souleyez/ui/splunk_vulns_view.py +139 -86
souleyez/ui/team_dashboard.py +498 -335
souleyez/ui/template_selector.py +196 -105
souleyez/ui/terminal.py +6 -6
souleyez/ui/timeline_view.py +198 -127
souleyez/ui/tool_setup.py +264 -164
souleyez/ui/tutorial.py +202 -72
souleyez/ui/tutorial_state.py +40 -40
souleyez/ui/wazuh_vulns_view.py +235 -141
souleyez/ui/wordlist_browser.py +260 -107
souleyez/ui.py +464 -312
souleyez/utils/tool_checker.py +427 -367
souleyez/utils.py +33 -29
souleyez/wordlists.py +134 -167
{souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/METADATA +1 -1
souleyez-2.43.32.dist-info/RECORD +441 -0
{souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/WHEEL +1 -1
souleyez-2.43.28.dist-info/RECORD +0 -379
{souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/entry_points.txt +0 -0
{souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/licenses/LICENSE +0 -0
{souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/top_level.txt +0 -0

souleyez/core/cve_mappings.py CHANGED Viewed

@@ -23,13 +23,14 @@ logger = logging.getLogger(__name__)
 @dataclass
 class CVEMapping:
     """Maps a CVE to affected product versions and exploit tool."""
     cve_id: str
-    product: str                    # Normalized product name (e.g., 'apache')
-    affected_versions: str          # Version spec (e.g., '>=2.4.49,<=2.4.50')
-    tool: str                       # Tool to run (e.g., 'nuclei')
+    product: str  # Normalized product name (e.g., 'apache')
+    affected_versions: str  # Version spec (e.g., '>=2.4.49,<=2.4.50')
+    tool: str  # Tool to run (e.g., 'nuclei')
     args: List[str] = field(default_factory=list)  # Tool arguments
-    severity: str = 'high'          # critical, high, medium, low
-    description: str = ''           # Human-readable description
+    severity: str = "high"  # critical, high, medium, low
+    description: str = ""  # Human-readable description
     references: List[str] = field(default_factory=list)  # URLs
     def matches_service(self, product: str, version: str) -> bool:
@@ -49,213 +50,199 @@ class CVEMapping:
 # These are well-known vulnerabilities with reliable detection
 CURATED_CVES: Dict[str, CVEMapping] = {
     # Apache HTTP Server
-    'CVE-2021-41773': CVEMapping(
-        cve_id='CVE-2021-41773',
-        product='apache',
-        affected_versions='>=2.4.49,<=2.4.49',
-        tool='nuclei',
-        args=['-t', 'http/cves/2021/CVE-2021-41773.yaml'],
-        severity='critical',
-        description='Apache 2.4.49 path traversal and RCE',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2021-41773'],
+    "CVE-2021-41773": CVEMapping(
+        cve_id="CVE-2021-41773",
+        product="apache",
+        affected_versions=">=2.4.49,<=2.4.49",
+        tool="nuclei",
+        args=["-t", "http/cves/2021/CVE-2021-41773.yaml"],
+        severity="critical",
+        description="Apache 2.4.49 path traversal and RCE",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2021-41773"],
     ),
-    'CVE-2021-42013': CVEMapping(
-        cve_id='CVE-2021-42013',
-        product='apache',
-        affected_versions='>=2.4.49,<=2.4.50',
-        tool='nuclei',
-        args=['-t', 'http/cves/2021/CVE-2021-42013.yaml'],
-        severity='critical',
-        description='Apache 2.4.49-2.4.50 path traversal bypass (incomplete fix for CVE-2021-41773)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2021-42013'],
+    "CVE-2021-42013": CVEMapping(
+        cve_id="CVE-2021-42013",
+        product="apache",
+        affected_versions=">=2.4.49,<=2.4.50",
+        tool="nuclei",
+        args=["-t", "http/cves/2021/CVE-2021-42013.yaml"],
+        severity="critical",
+        description="Apache 2.4.49-2.4.50 path traversal bypass (incomplete fix for CVE-2021-41773)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2021-42013"],
     ),
     # nginx
-    'CVE-2021-23017': CVEMapping(
-        cve_id='CVE-2021-23017',
-        product='nginx',
-        affected_versions='>=0.6.18,<=1.20.0',
-        tool='nuclei',
-        args=['-t', 'http/cves/2021/CVE-2021-23017.yaml'],
-        severity='high',
-        description='nginx DNS resolver off-by-one heap write',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2021-23017'],
+    "CVE-2021-23017": CVEMapping(
+        cve_id="CVE-2021-23017",
+        product="nginx",
+        affected_versions=">=0.6.18,<=1.20.0",
+        tool="nuclei",
+        args=["-t", "http/cves/2021/CVE-2021-23017.yaml"],
+        severity="high",
+        description="nginx DNS resolver off-by-one heap write",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2021-23017"],
     ),
     # PHP
-    'CVE-2019-11043': CVEMapping(
-        cve_id='CVE-2019-11043',
-        product='php',
-        affected_versions='>=7.1.0,<7.1.33',
-        tool='nuclei',
-        args=['-t', 'http/cves/2019/CVE-2019-11043.yaml'],
-        severity='critical',
-        description='PHP-FPM RCE via nginx misconfiguration',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2019-11043'],
+    "CVE-2019-11043": CVEMapping(
+        cve_id="CVE-2019-11043",
+        product="php",
+        affected_versions=">=7.1.0,<7.1.33",
+        tool="nuclei",
+        args=["-t", "http/cves/2019/CVE-2019-11043.yaml"],
+        severity="critical",
+        description="PHP-FPM RCE via nginx misconfiguration",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2019-11043"],
     ),
-    'CVE-2012-1823': CVEMapping(
-        cve_id='CVE-2012-1823',
-        product='php',
-        affected_versions='>=5.3.0,<5.3.12',
-        tool='nuclei',
-        args=['-t', 'http/cves/2012/CVE-2012-1823.yaml'],
-        severity='critical',
-        description='PHP CGI argument injection RCE',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2012-1823'],
+    "CVE-2012-1823": CVEMapping(
+        cve_id="CVE-2012-1823",
+        product="php",
+        affected_versions=">=5.3.0,<5.3.12",
+        tool="nuclei",
+        args=["-t", "http/cves/2012/CVE-2012-1823.yaml"],
+        severity="critical",
+        description="PHP CGI argument injection RCE",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2012-1823"],
     ),
     # OpenSSH
-    'CVE-2018-15473': CVEMapping(
-        cve_id='CVE-2018-15473',
-        product='ssh',
-        affected_versions='>=2.0,<7.7',
-        tool='nmap',
-        args=['--script', 'ssh-auth-methods', '-p', '22'],
-        severity='medium',
-        description='OpenSSH user enumeration',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2018-15473'],
+    "CVE-2018-15473": CVEMapping(
+        cve_id="CVE-2018-15473",
+        product="ssh",
+        affected_versions=">=2.0,<7.7",
+        tool="nmap",
+        args=["--script", "ssh-auth-methods", "-p", "22"],
+        severity="medium",
+        description="OpenSSH user enumeration",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2018-15473"],
     ),
     # vsftpd
-    'CVE-2011-2523': CVEMapping(
-        cve_id='CVE-2011-2523',
-        product='vsftpd',
-        affected_versions='=2.3.4',
-        tool='nmap',
-        args=['--script', 'ftp-vsftpd-backdoor', '-p', '21'],
-        severity='critical',
-        description='vsftpd 2.3.4 backdoor (smiley face)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2011-2523'],
+    "CVE-2011-2523": CVEMapping(
+        cve_id="CVE-2011-2523",
+        product="vsftpd",
+        affected_versions="=2.3.4",
+        tool="nmap",
+        args=["--script", "ftp-vsftpd-backdoor", "-p", "21"],
+        severity="critical",
+        description="vsftpd 2.3.4 backdoor (smiley face)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2011-2523"],
     ),
     # ProFTPD
-    'CVE-2015-3306': CVEMapping(
-        cve_id='CVE-2015-3306',
-        product='proftpd',
-        affected_versions='>=1.3.5,<1.3.5a',
-        tool='nmap',
-        args=['--script', 'ftp-proftpd-backdoor', '-p', '21'],
-        severity='critical',
-        description='ProFTPD mod_copy arbitrary file read/write',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2015-3306'],
+    "CVE-2015-3306": CVEMapping(
+        cve_id="CVE-2015-3306",
+        product="proftpd",
+        affected_versions=">=1.3.5,<1.3.5a",
+        tool="nmap",
+        args=["--script", "ftp-proftpd-backdoor", "-p", "21"],
+        severity="critical",
+        description="ProFTPD mod_copy arbitrary file read/write",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2015-3306"],
     ),
     # Samba
-    'CVE-2017-7494': CVEMapping(
-        cve_id='CVE-2017-7494',
-        product='samba',
-        affected_versions='>=3.5.0,<4.6.4',
-        tool='nmap',
-        args=['--script', 'smb-vuln-cve-2017-7494', '-p', '445'],
-        severity='critical',
-        description='Samba RCE via writable share (SambaCry)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2017-7494'],
+    "CVE-2017-7494": CVEMapping(
+        cve_id="CVE-2017-7494",
+        product="samba",
+        affected_versions=">=3.5.0,<4.6.4",
+        tool="nmap",
+        args=["--script", "smb-vuln-cve-2017-7494", "-p", "445"],
+        severity="critical",
+        description="Samba RCE via writable share (SambaCry)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2017-7494"],
     ),
     # Apache Tomcat
-    'CVE-2020-1938': CVEMapping(
-        cve_id='CVE-2020-1938',
-        product='tomcat',
-        affected_versions='>=6.0.0,<9.0.31',
-        tool='nmap',
-        args=['--script', 'ajp-brute,ajp-headers,ajp-methods', '-p', '8009'],
-        severity='critical',
-        description='Apache Tomcat AJP Ghostcat file read/include',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2020-1938'],
+    "CVE-2020-1938": CVEMapping(
+        cve_id="CVE-2020-1938",
+        product="tomcat",
+        affected_versions=">=6.0.0,<9.0.31",
+        tool="nmap",
+        args=["--script", "ajp-brute,ajp-headers,ajp-methods", "-p", "8009"],
+        severity="critical",
+        description="Apache Tomcat AJP Ghostcat file read/include",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2020-1938"],
     ),
     # WordPress
-    'CVE-2022-21661': CVEMapping(
-        cve_id='CVE-2022-21661',
-        product='wordpress',
-        affected_versions='>=5.8.0,<5.8.3',
-        tool='wpscan',
-        args=['--enumerate', 'vp,vt,u'],
-        severity='high',
-        description='WordPress SQL injection via WP_Query',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2022-21661'],
+    "CVE-2022-21661": CVEMapping(
+        cve_id="CVE-2022-21661",
+        product="wordpress",
+        affected_versions=">=5.8.0,<5.8.3",
+        tool="wpscan",
+        args=["--enumerate", "vp,vt,u"],
+        severity="high",
+        description="WordPress SQL injection via WP_Query",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2022-21661"],
     ),
     # Drupal
-    'CVE-2018-7600': CVEMapping(
-        cve_id='CVE-2018-7600',
-        product='drupal',
-        affected_versions='>=7.0,<7.58',
-        tool='nuclei',
-        args=['-t', 'http/cves/2018/CVE-2018-7600.yaml'],
-        severity='critical',
-        description='Drupal RCE (Drupalgeddon2)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2018-7600'],
+    "CVE-2018-7600": CVEMapping(
+        cve_id="CVE-2018-7600",
+        product="drupal",
+        affected_versions=">=7.0,<7.58",
+        tool="nuclei",
+        args=["-t", "http/cves/2018/CVE-2018-7600.yaml"],
+        severity="critical",
+        description="Drupal RCE (Drupalgeddon2)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2018-7600"],
     ),
-    'CVE-2018-7602': CVEMapping(
-        cve_id='CVE-2018-7602',
-        product='drupal',
-        affected_versions='>=7.0,<7.59',
-        tool='nuclei',
-        args=['-t', 'http/cves/2018/CVE-2018-7602.yaml'],
-        severity='critical',
-        description='Drupal RCE (Drupalgeddon3)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2018-7602'],
+    "CVE-2018-7602": CVEMapping(
+        cve_id="CVE-2018-7602",
+        product="drupal",
+        affected_versions=">=7.0,<7.59",
+        tool="nuclei",
+        args=["-t", "http/cves/2018/CVE-2018-7602.yaml"],
+        severity="critical",
+        description="Drupal RCE (Drupalgeddon3)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2018-7602"],
     ),
     # Microsoft IIS
-    'CVE-2017-7269': CVEMapping(
-        cve_id='CVE-2017-7269',
-        product='iis',
-        affected_versions='>=6.0,<=6.0',
-        tool='nmap',
-        args=['--script', 'http-vuln-cve2017-7269', '-p', '80'],
-        severity='critical',
-        description='IIS 6.0 WebDAV buffer overflow RCE',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2017-7269'],
+    "CVE-2017-7269": CVEMapping(
+        cve_id="CVE-2017-7269",
+        product="iis",
+        affected_versions=">=6.0,<=6.0",
+        tool="nmap",
+        args=["--script", "http-vuln-cve2017-7269", "-p", "80"],
+        severity="critical",
+        description="IIS 6.0 WebDAV buffer overflow RCE",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2017-7269"],
     ),
     # Redis
-    'CVE-2022-0543': CVEMapping(
-        cve_id='CVE-2022-0543',
-        product='redis',
-        affected_versions='>=2.2,<6.2.7',
-        tool='nuclei',
-        args=['-t', 'network/cves/2022/CVE-2022-0543.yaml'],
-        severity='critical',
-        description='Redis Lua sandbox escape RCE (Debian/Ubuntu)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2022-0543'],
+    "CVE-2022-0543": CVEMapping(
+        cve_id="CVE-2022-0543",
+        product="redis",
+        affected_versions=">=2.2,<6.2.7",
+        tool="nuclei",
+        args=["-t", "network/cves/2022/CVE-2022-0543.yaml"],
+        severity="critical",
+        description="Redis Lua sandbox escape RCE (Debian/Ubuntu)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2022-0543"],
     ),
     # Elasticsearch
-    'CVE-2015-1427': CVEMapping(
-        cve_id='CVE-2015-1427',
-        product='elasticsearch',
-        affected_versions='>=1.3.0,<1.4.3',
-        tool='nuclei',
-        args=['-t', 'http/cves/2015/CVE-2015-1427.yaml'],
-        severity='critical',
-        description='Elasticsearch Groovy sandbox bypass RCE',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2015-1427'],
+    "CVE-2015-1427": CVEMapping(
+        cve_id="CVE-2015-1427",
+        product="elasticsearch",
+        affected_versions=">=1.3.0,<1.4.3",
+        tool="nuclei",
+        args=["-t", "http/cves/2015/CVE-2015-1427.yaml"],
+        severity="critical",
+        description="Elasticsearch Groovy sandbox bypass RCE",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2015-1427"],
     ),
     # Apache Struts
-    'CVE-2017-5638': CVEMapping(
-        cve_id='CVE-2017-5638',
-        product='struts',
-        affected_versions='>=2.3.5,<2.3.32',
-        tool='nuclei',
-        args=['-t', 'http/cves/2017/CVE-2017-5638.yaml'],
-        severity='critical',
-        description='Apache Struts2 RCE via Content-Type header',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2017-5638'],
+    "CVE-2017-5638": CVEMapping(
+        cve_id="CVE-2017-5638",
+        product="struts",
+        affected_versions=">=2.3.5,<2.3.32",
+        tool="nuclei",
+        args=["-t", "http/cves/2017/CVE-2017-5638.yaml"],
+        severity="critical",
+        description="Apache Struts2 RCE via Content-Type header",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2017-5638"],
     ),
     # Log4j
-    'CVE-2021-44228': CVEMapping(
-        cve_id='CVE-2021-44228',
-        product='log4j',
-        affected_versions='>=2.0,<2.15.0',
-        tool='nuclei',
-        args=['-t', 'http/cves/2021/CVE-2021-44228.yaml'],
-        severity='critical',
-        description='Log4j RCE (Log4Shell)',
-        references=['https://nvd.nist.gov/vuln/detail/CVE-2021-44228'],
+    "CVE-2021-44228": CVEMapping(
+        cve_id="CVE-2021-44228",
+        product="log4j",
+        affected_versions=">=2.0,<2.15.0",
+        tool="nuclei",
+        args=["-t", "http/cves/2021/CVE-2021-44228.yaml"],
+        severity="critical",
+        description="Log4j RCE (Log4Shell)",
+        references=["https://nvd.nist.gov/vuln/detail/CVE-2021-44228"],
     ),
 }
@@ -277,7 +264,7 @@ def get_cves_for_service(product: str, version: str) -> List[CVEMapping]:
             applicable.append(cve)
     # Sort by severity (critical > high > medium > low)
-    severity_order = {'critical': 0, 'high': 1, 'medium': 2, 'low': 3}
+    severity_order = {"critical": 0, "high": 1, "medium": 2, "low": 3}
     applicable.sort(key=lambda c: severity_order.get(c.severity, 4))
     return applicable
@@ -300,12 +287,12 @@ def load_cve_database(path: Optional[str] = None) -> Dict[str, CVEMapping]:
     """
     if path is None:
         # Check user config directory first
-        user_path = Path.home() / '.souleyez' / 'cve_database.json'
+        user_path = Path.home() / ".souleyez" / "cve_database.json"
         if user_path.exists():
             path = str(user_path)
         else:
             # Fall back to package data
-            pkg_path = Path(__file__).parent.parent / 'data' / 'cve_database.json'
+            pkg_path = Path(__file__).parent.parent / "data" / "cve_database.json"
             if pkg_path.exists():
                 path = str(pkg_path)
             else:
@@ -313,20 +300,20 @@ def load_cve_database(path: Optional[str] = None) -> Dict[str, CVEMapping]:
                 return CURATED_CVES
     try:
-        with open(path, 'r') as f:
+        with open(path, "r") as f:
             data = json.load(f)
         cves = {}
         for cve_id, entry in data.items():
             cves[cve_id] = CVEMapping(
                 cve_id=cve_id,
-                product=entry.get('product', ''),
-                affected_versions=entry.get('affected', ''),
-                tool=entry.get('tool', 'nuclei'),
-                args=entry.get('args', []),
-                severity=entry.get('severity', 'high'),
-                description=entry.get('description', ''),
-                references=entry.get('references', []),
+                product=entry.get("product", ""),
+                affected_versions=entry.get("affected", ""),
+                tool=entry.get("tool", "nuclei"),
+                args=entry.get("args", []),
+                severity=entry.get("severity", "high"),
+                description=entry.get("description", ""),
+                references=entry.get("references", []),
             )
         logger.info(f"Loaded {len(cves)} CVEs from {path}")

souleyez 2.43.28__py3-none-any.whl → 2.43.32__py3-none-any.whl

souleyez 2.43.28py3-none-any.whl → 2.43.32py3-none-any.whl