souleyez 2.43.28__py3-none-any.whl → 2.43.32__py3-none-any.whl

souleyez/engine/base.py

@@ -17,9 +17,12 @@ class ScannerPlugin:
       - prepare(target, args, label) -> dict (optional)
       - run(prepared) -> ScanResult
     """
+
     name = "base"
 
-    def prepare(self, target: str, args: list, label: Optional[str] = None) -> Dict[str, Any]:
+    def prepare(
+        self, target: str, args: list, label: Optional[str] = None
+    ) -> Dict[str, Any]:
         return {"target": target, "args": args, "label": label}
 
     def run(self, prepared: Dict[str, Any]) -> ScanResult:

souleyez/engine/job_status.py

@@ -6,13 +6,13 @@ Defines the status lifecycle for jobs in the system.
 """
 
 # Job status constants
-STATUS_QUEUED = 'queued'       # Job waiting to execute
-STATUS_RUNNING = 'running'     # Job actively executing
-STATUS_DONE = 'done'           # Completed successfully WITH results
-STATUS_NO_RESULTS = 'no_results'  # Completed successfully but found NOTHING
-STATUS_WARNING = 'warning'     # Partial success or non-critical issues
-STATUS_ERROR = 'error'         # TRUE failures (crashes, timeouts, invalid args)
-STATUS_KILLED = 'killed'       # User terminated
+STATUS_QUEUED = "queued"  # Job waiting to execute
+STATUS_RUNNING = "running"  # Job actively executing
+STATUS_DONE = "done"  # Completed successfully WITH results
+STATUS_NO_RESULTS = "no_results"  # Completed successfully but found NOTHING
+STATUS_WARNING = "warning"  # Partial success or non-critical issues
+STATUS_ERROR = "error"  # TRUE failures (crashes, timeouts, invalid args)
+STATUS_KILLED = "killed"  # User terminated
 
 # Valid status values
 VALID_STATUSES = {
@@ -36,9 +36,9 @@ TERMINAL_STATUSES = {
 
 # Statuses that should trigger auto-chaining
 CHAINABLE_STATUSES = {
-    STATUS_DONE,        # Always chain - results found
+    STATUS_DONE,  # Always chain - results found
     STATUS_NO_RESULTS,  # May chain if intelligence-driven
-    STATUS_WARNING,     # May chain with special handling
+    STATUS_WARNING,  # May chain with special handling
 }
 
 
@@ -60,45 +60,13 @@ def get_status_display_info(status: str) -> dict:
         dict with 'color', 'icon', and 'label' keys
     """
     status_info = {
-        STATUS_QUEUED: {
-            'color': 'cyan',
-            'icon': '◷',
-            'label': 'queued'
-        },
-        STATUS_RUNNING: {
-            'color': 'yellow',
-            'icon': '▶',
-            'label': 'running'
-        },
-        STATUS_DONE: {
-            'color': 'green',
-            'icon': '✓',
-            'label': 'done'
-        },
-        STATUS_NO_RESULTS: {
-            'color': 'white',
-            'icon': '⊘',
-            'label': 'no results'
-        },
-        STATUS_WARNING: {
-            'color': 'yellow',
-            'icon': '⚠',
-            'label': 'warning'
-        },
-        STATUS_ERROR: {
-            'color': 'red',
-            'icon': '✗',
-            'label': 'error'
-        },
-        STATUS_KILLED: {
-            'color': 'magenta',
-            'icon': '●',
-            'label': 'killed'
-        },
+        STATUS_QUEUED: {"color": "cyan", "icon": "◷", "label": "queued"},
+        STATUS_RUNNING: {"color": "yellow", "icon": "▶", "label": "running"},
+        STATUS_DONE: {"color": "green", "icon": "✓", "label": "done"},
+        STATUS_NO_RESULTS: {"color": "white", "icon": "⊘", "label": "no results"},
+        STATUS_WARNING: {"color": "yellow", "icon": "⚠", "label": "warning"},
+        STATUS_ERROR: {"color": "red", "icon": "✗", "label": "error"},
+        STATUS_KILLED: {"color": "magenta", "icon": "●", "label": "killed"},
     }
 
-    return status_info.get(status, {
-        'color': 'white',
-        'icon': '?',
-        'label': status
-    })
+    return status_info.get(status, {"color": "white", "icon": "?", "label": status})

souleyez/engine/log_sanitizer.py

@@ -12,86 +12,112 @@ from typing import Optional
 class LogSanitizer:
     """
     Sanitizes logs by redacting credentials and sensitive information.
-    
+
     Patterns detected:
     - Login successful messages with credentials
     - Username:password combinations
     - SSH/FTP/MySQL/PostgreSQL credentials
     - API keys and tokens
     """
-    
+
     # Common credential patterns
     PATTERNS = [
         # Metasploit successful login: [+] 10.0.0.82:5432 - Login Successful: postgres:postgres@template1
-        (r'(Login Successful:?\s+)([^:]+):([^@\s]+)(@\S+)?', r'\1\2:[REDACTED]\4'),
-
+        (r"(Login Successful:?\s+)([^:]+):([^@\s]+)(@\S+)?", r"\1\2:[REDACTED]\4"),
         # MSF telnet_login format: msfadmin:msfadmin login: Login OK
-        (r'(\s)([^:\s]+):([^:\s]+)(\s+login:\s+Login OK)', r'\1\2:[REDACTED]\4'),
-
+        (r"(\s)([^:\s]+):([^:\s]+)(\s+login:\s+Login OK)", r"\1\2:[REDACTED]\4"),
         # Hydra output format: login: username   password: secretpass
-        (r'(login:\s+)(\S+)(\s+password:\s+)(\S+)', r'\1\2\3[REDACTED]'),
-
+        (r"(login:\s+)(\S+)(\s+password:\s+)(\S+)", r"\1\2\3[REDACTED]"),
         # Hydra colon format in output: [port][service] host: X   login: Y   password: Z
-        (r'(host:\s+\S+\s+login:\s+)(\S+)(\s+password:\s+)(.+?)(\s|$)', r'\1\2\3[REDACTED]\5'),
-
+        (
+            r"(host:\s+\S+\s+login:\s+)(\S+)(\s+password:\s+)(.+?)(\s|$)",
+            r"\1\2\3[REDACTED]\5",
+        ),
         # SSH/FTP success: Successfully authenticated as 'root' with password 'toor'
-        (r"(authenticated as ['\"]?\w+['\"]? with password ['\"]?)([^'\"]+)(['\"]?)", r'\1[REDACTED]\3'),
-        
+        (
+            r"(authenticated as ['\"]?\w+['\"]? with password ['\"]?)([^'\"]+)(['\"]?)",
+            r"\1[REDACTED]\3",
+        ),
         # MySQL/PostgreSQL connection strings - capture everything between : and last @
         # This handles passwords with @ symbols by matching the last @ before a hostname
-        (r'((?:mysql|postgres|postgresql)://[^:]+:)(.+)(@(?:(?:\d{1,3}\.){3}\d{1,3}(?::\d+)?|[a-zA-Z0-9.-]+(?::\d+)?)(?:/|$))', r'\1[REDACTED]\3'),
-        
+        (
+            r"((?:mysql|postgres|postgresql)://[^:]+:)(.+)(@(?:(?:\d{1,3}\.){3}\d{1,3}(?::\d+)?|[a-zA-Z0-9.-]+(?::\d+)?)(?:/|$))",
+            r"\1[REDACTED]\3",
+        ),
         # Direct credentials: username:password format (but not URLs)
-        (r'(?<!://)\b(\w+):([^\s:@]{4,})@', r'\1:[REDACTED]@'),
-        
+        (r"(?<!://)\b(\w+):([^\s:@]{4,})@", r"\1:[REDACTED]@"),
         # Common password indicators (stop at & to preserve form parameters)
-        (r'(password[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
-        (r'(pass[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
-        (r'(pwd[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
-        
+        (
+            r'(password[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
+        (
+            r'(pass[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
+        (
+            r'(pwd[=:\s]+["\']?)([^"\'\s&]{4,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
         # API keys and tokens (long alphanumeric strings)
-        (r'(["\']?api[_-]?key["\']?\s*[=:]\s*["\']?)([A-Za-z0-9_-]{20,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
-        (r'(["\']?token["\']?\s*[=:]\s*["\']?)([A-Za-z0-9_.-]{20,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
-        
+        (
+            r'(["\']?api[_-]?key["\']?\s*[=:]\s*["\']?)([A-Za-z0-9_-]{20,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
+        (
+            r'(["\']?token["\']?\s*[=:]\s*["\']?)([A-Za-z0-9_.-]{20,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
         # SSH private keys
-        (r'(-----BEGIN[A-Z\s]+PRIVATE KEY-----)(.*?)(-----END[A-Z\s]+PRIVATE KEY-----)', r'\1\n[REDACTED]\n\3', re.DOTALL),
-        
+        (
+            r"(-----BEGIN[A-Z\s]+PRIVATE KEY-----)(.*?)(-----END[A-Z\s]+PRIVATE KEY-----)",
+            r"\1\n[REDACTED]\n\3",
+            re.DOTALL,
+        ),
         # Hashes (common hash formats: MD5, SHA1, SHA256)
-        (r'\b([a-f0-9]{32})\b', r'[HASH_REDACTED]'),  # MD5
-        (r'\b([a-f0-9]{40})\b', r'[HASH_REDACTED]'),  # SHA1
-        (r'\b([a-f0-9]{64})\b', r'[HASH_REDACTED]'),  # SHA256
-        
+        (r"\b([a-f0-9]{32})\b", r"[HASH_REDACTED]"),  # MD5
+        (r"\b([a-f0-9]{40})\b", r"[HASH_REDACTED]"),  # SHA1
+        (r"\b([a-f0-9]{64})\b", r"[HASH_REDACTED]"),  # SHA256
         # Generic secret patterns
-        (r'(secret[=:\s]+["\']?)([^"\'\s]{4,})(["\']?)', r'\1[REDACTED]\3', re.IGNORECASE),
+        (
+            r'(secret[=:\s]+["\']?)([^"\'\s]{4,})(["\']?)',
+            r"\1[REDACTED]\3",
+            re.IGNORECASE,
+        ),
     ]
-    
+
     # Whitelist patterns (don't redact these even if they match)
     WHITELIST_PATTERNS = [
-        r'http://',
-        r'https://',
-        r'localhost',
-        r'127\.0\.0\.1',
-        r'0\.0\.0\.0',
-        r'example\.com',
+        r"http://",
+        r"https://",
+        r"localhost",
+        r"127\.0\.0\.1",
+        r"0\.0\.0\.0",
+        r"example\.com",
     ]
-    
+
     @classmethod
     def sanitize(cls, log_content: str, aggressive: bool = False) -> str:
         """
         Sanitize log content by redacting credentials.
-        
+
         Args:
             log_content: Raw log content
             aggressive: If True, use more aggressive redaction (may over-redact)
-            
+
         Returns:
             Sanitized log content with credentials redacted
         """
         if not log_content:
             return log_content
-        
+
         sanitized = log_content
-        
+
         # Apply all patterns
         for pattern_tuple in cls.PATTERNS:
             if len(pattern_tuple) == 2:
@@ -99,100 +125,100 @@ class LogSanitizer:
                 flags = 0
             else:
                 pattern, replacement, flags = pattern_tuple
-            
+
             try:
                 sanitized = re.sub(pattern, replacement, sanitized, flags=flags)
             except Exception:
                 # If regex fails, continue with next pattern
                 continue
-        
+
         return sanitized
-    
+
     @classmethod
     def contains_credentials(cls, log_content: str) -> bool:
         """
         Check if log content appears to contain credentials.
-        
+
         Args:
             log_content: Log content to check
-            
+
         Returns:
             True if credentials detected, False otherwise
         """
         if not log_content:
             return False
-        
+
         # Quick checks for common credential indicators
         indicators = [
-            'login successful',
-            'login ok',  # MSF telnet_login
-            'authenticated',
-            'password:',
-            'credentials',
-            'api_key',
-            'api-key',
-            'token:',
-            'secret:',
-            'BEGIN PRIVATE KEY',
-            'login:',  # Hydra output
-            'valid pair found',  # Hydra success
+            "login successful",
+            "login ok",  # MSF telnet_login
+            "authenticated",
+            "password:",
+            "credentials",
+            "api_key",
+            "api-key",
+            "token:",
+            "secret:",
+            "BEGIN PRIVATE KEY",
+            "login:",  # Hydra output
+            "valid pair found",  # Hydra success
         ]
-        
+
         log_lower = log_content.lower()
         return any(indicator in log_lower for indicator in indicators)
-    
+
     @classmethod
     def get_redaction_summary(cls, original: str, sanitized: str) -> Optional[str]:
         """
         Generate a summary of what was redacted.
-        
+
         Args:
             original: Original log content
             sanitized: Sanitized log content
-            
+
         Returns:
             Summary message or None if nothing redacted
         """
         if original == sanitized:
             return None
-        
+
         # Count how many times [REDACTED] appears in sanitized version
-        redaction_count = sanitized.count('[REDACTED]')
-        hash_count = sanitized.count('[HASH_REDACTED]')
-        
+        redaction_count = sanitized.count("[REDACTED]")
+        hash_count = sanitized.count("[HASH_REDACTED]")
+
         parts = []
         if redaction_count > 0:
             parts.append(f"{redaction_count} credential(s)")
         if hash_count > 0:
             parts.append(f"{hash_count} hash(es)")
-        
+
         if parts:
             return f"Redacted: {', '.join(parts)}"
-        
+
         return "Some sensitive data redacted"
 
 
 def sanitize_log_file(log_path: str, output_path: Optional[str] = None) -> bool:
     """
     Sanitize a log file in place or write to new file.
-    
+
     Args:
         log_path: Path to log file to sanitize
         output_path: Optional output path (if None, modifies in place)
-        
+
     Returns:
         True if successful, False otherwise
     """
     try:
-        with open(log_path, 'r', encoding='utf-8', errors='replace') as f:
+        with open(log_path, "r", encoding="utf-8", errors="replace") as f:
             original = f.read()
-        
+
         sanitized = LogSanitizer.sanitize(original)
-        
+
         target_path = output_path or log_path
-        with open(target_path, 'w', encoding='utf-8') as f:
+        with open(target_path, "w", encoding="utf-8") as f:
             f.write(sanitized)
-        
+
         return True
     except Exception:
         return False

souleyez/engine/manager.py

@@ -17,11 +17,18 @@ import importlib
 
 def _run_nmap_adapter(target, args, label, save_xml=False):
     from .. import scanner as scanner_module
+
     # scanner.run_nmap should return (logpath, rc, xmlpath, summary)
     return scanner_module.run_nmap(target, args, label, save_xml=save_xml)
 
 
-def run_scan_sync(tool: str, target: str, args: list, label: Optional[str] = None, save_xml: bool = False) -> int:
+def run_scan_sync(
+    tool: str,
+    target: str,
+    args: list,
+    label: Optional[str] = None,
+    save_xml: bool = False,
+) -> int:
     """
     Run a scan synchronously and return the DB scan id.
     Currently supports 'nmap' as a built-in. Creates a DB record, runs, updates DB.
@@ -39,16 +46,26 @@ def run_scan_sync(tool: str, target: str, args: list, label: Optional[str] = Non
         "summary": {},
         "per_host": [],
         "status": "pending",
-        "rc": None
+        "rc": None,
     }
     scan_id = insert_scan(entry)
 
     try:
         if tool.lower() == "nmap":
-            logpath, rc, xmlpath, summary = _run_nmap_adapter(target, args, label, save_xml=save_xml)
+            logpath, rc, xmlpath, summary = _run_nmap_adapter(
+                target, args, label, save_xml=save_xml
+            )
             # ensure per_host in summary (some parsers provide it)
             per_host = summary.get("per_host") if isinstance(summary, dict) else []
-            update_scan(scan_id, status="done", rc=rc, log=logpath, xml=xmlpath, summary=summary, per_host=per_host)
+            update_scan(
+                scan_id,
+                status="done",
+                rc=rc,
+                log=logpath,
+                xml=xmlpath,
+                summary=summary,
+                per_host=per_host,
+            )
         else:
             # try to import a plugin module by convention souleyez.plugins.<tool>
             try:
@@ -58,7 +75,15 @@ def run_scan_sync(tool: str, target: str, args: list, label: Optional[str] = Non
                     plugin = PluginClass()
                     prepared = plugin.prepare(target, args, label)
                     result = plugin.run(prepared)
-                    update_scan(scan_id, status=result.get("status", "done"), rc=result.get("rc"), log=result.get("log"), xml=result.get("xml"), summary=result.get("summary"), per_host=result.get("per_host"))
+                    update_scan(
+                        scan_id,
+                        status=result.get("status", "done"),
+                        rc=result.get("rc"),
+                        log=result.get("log"),
+                        xml=result.get("xml"),
+                        summary=result.get("summary"),
+                        per_host=result.get("per_host"),
+                    )
                 else:
                     update_scan(scan_id, status="failed")
             except Exception:
@@ -68,7 +93,13 @@ def run_scan_sync(tool: str, target: str, args: list, label: Optional[str] = Non
     return scan_id
 
 
-def run_scan_background(tool: str, target: str, args: list, label: Optional[str] = None, save_xml: bool = False) -> int:
+def run_scan_background(
+    tool: str,
+    target: str,
+    args: list,
+    label: Optional[str] = None,
+    save_xml: bool = False,
+) -> int:
     """
     Run the scan in a background thread and return the DB id immediately.
     """
@@ -85,7 +116,7 @@ def run_scan_background(tool: str, target: str, args: list, label: Optional[str]
         "summary": {},
         "per_host": [],
         "status": "pending",
-        "rc": None
+        "rc": None,
     }
     scan_id = insert_scan(entry)