souleyez 2.43.34__py3-none-any.whl → 3.0.7__py3-none-any.whl

souleyez/reporting/generator.py

@@ -3,11 +3,12 @@
 Professional penetration test report generator.
 Creates comprehensive, client-ready reports in multiple formats.
 """
-import os
+
 import logging
+import os
 from datetime import datetime
-from typing import Dict, List, Optional
 from pathlib import Path
+from typing import Dict, List, Optional
 
 logger = logging.getLogger(__name__)
 
@@ -16,11 +17,11 @@ class ReportGenerator:
     """Generates professional pentest reports from engagement data."""
 
     def __init__(self):
+        from souleyez.intelligence.surface_analyzer import AttackSurfaceAnalyzer
+        from souleyez.storage.credentials import CredentialsManager
         from souleyez.storage.engagements import EngagementManager
         from souleyez.storage.evidence import EvidenceManager
-        from souleyez.intelligence.surface_analyzer import AttackSurfaceAnalyzer
         from souleyez.storage.findings import FindingsManager
-        from souleyez.storage.credentials import CredentialsManager
 
         self.em = EngagementManager()
         self.evm = EvidenceManager()
@@ -319,12 +320,13 @@ class ReportGenerator:
 
     def _generate_html(self, data: Dict) -> str:
         """Generate HTML report with enhanced visualizations."""
-        from souleyez.reporting.formatters import HTMLFormatter, MarkdownFormatter
-        from souleyez.reporting.metrics import MetricsCalculator
+        import markdown
+
+        from souleyez.reporting.attack_chain import AttackChainAnalyzer
         from souleyez.reporting.charts import ChartGenerator
         from souleyez.reporting.compliance_mappings import ComplianceMappings
-        from souleyez.reporting.attack_chain import AttackChainAnalyzer
-        import markdown
+        from souleyez.reporting.formatters import HTMLFormatter, MarkdownFormatter
+        from souleyez.reporting.metrics import MetricsCalculator
 
         formatter = HTMLFormatter()
         md_formatter = MarkdownFormatter()
@@ -554,7 +556,7 @@ class ReportGenerator:
 
         # Try WeasyPrint first (preferred - pure Python, better CSS support)
         try:
-            from weasyprint import HTML, CSS
+            from weasyprint import CSS, HTML
             from weasyprint.text.fonts import FontConfiguration
 
             font_config = FontConfiguration()
@@ -869,11 +871,12 @@ class ReportGenerator:
         Returns:
             Path to generated report file
         """
+        import markdown
+
+        from souleyez.integrations.wazuh.config import WazuhConfig
+        from souleyez.reporting.charts import ChartGenerator
         from souleyez.reporting.detection_report import DetectionReportGatherer
         from souleyez.reporting.formatters import HTMLFormatter, MarkdownFormatter
-        from souleyez.reporting.charts import ChartGenerator
-        from souleyez.integrations.wazuh.config import WazuhConfig
-        import markdown
 
         # Check if Wazuh is configured
         config = WazuhConfig.get_config(engagement_id)
@@ -963,22 +966,21 @@ class ReportGenerator:
         sections.append(formatter.per_host_detection_section(data))
 
         # Footer
-        sections.append(
-            f"""
+        sections.append(f"""
 ---
 
 *Detection Coverage Report generated by SoulEyez*
 *{data.generated_at.strftime('%B %d, %Y at %H:%M:%S')}*
-"""
-        )
+""")
 
         return "\n\n".join(sections)
 
     def _generate_detection_html(self, data, charts: Dict) -> str:
         """Generate detection report in HTML format with heatmap."""
-        from souleyez.reporting.formatters import HTMLFormatter
         import markdown
 
+        from souleyez.reporting.formatters import HTMLFormatter
+
         # Helper to convert markdown with table support
         def md_to_html(md_text: str) -> str:
             return markdown.markdown(md_text, extensions=["tables", "fenced_code"])
@@ -1005,8 +1007,7 @@ class ReportGenerator:
 
         # Stats cards
         summary = data.summary
-        sections.append(
-            f"""
+        sections.append(f"""
 <div class="detection-stat-grid">
     <div class="detection-stat-card coverage">
         <div class="detection-stat-value">{summary.coverage_percent}%</div>
@@ -1025,8 +1026,7 @@ class ReportGenerator:
         <div class="detection-stat-label">Not Detected</div>
     </div>
 </div>
-"""
-        )
+""")
 
         # Coverage overview
         overview_md = formatter.detection_coverage_overview(data)
@@ -1034,28 +1034,24 @@ class ReportGenerator:
 
         # Charts
         if charts.get("detection_coverage"):
-            sections.append(
-                f"""
+            sections.append(f"""
 <div class="chart-container" style="max-width: 400px; margin: 20px auto;">
     <canvas id="detectionCoverageChart"></canvas>
 </div>
 <script>
 new Chart(document.getElementById('detectionCoverageChart'), {charts['detection_coverage']});
 </script>
-"""
-            )
+""")
 
         if charts.get("detection_by_tactic"):
-            sections.append(
-                f"""
+            sections.append(f"""
 <div class="chart-container" style="max-width: 800px; margin: 20px auto;">
     <canvas id="detectionTacticChart"></canvas>
 </div>
 <script>
 new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by_tactic']});
 </script>
-"""
-            )
+""")
 
         # MITRE ATT&CK Heatmap (HTML version)
         sections.append(formatter.mitre_heatmap_html(data))
@@ -1078,14 +1074,12 @@ new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by
 
         # Detection gaps (with warning styling)
         if data.gaps:
-            sections.append(
-                """
+            sections.append("""
 <div class="gap-warning">
     <h4>Detection Gaps Identified</h4>
     <p>The following attacks were NOT detected by the SIEM. These represent potential blindspots that should be addressed.</p>
 </div>
-"""
-            )
+""")
         gaps_md = formatter.detection_gaps_section(data)
         sections.append(md_to_html(gaps_md))
 
@@ -1102,22 +1096,18 @@ new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by
         sections.append(md_to_html(host_md))
 
         # Footer
-        sections.append(
-            f"""
+        sections.append(f"""
 <hr>
 <p style="text-align: center; color: #6c757d;">
     <em>Detection Coverage Report generated by SoulEyez</em><br>
     {data.generated_at.strftime('%B %d, %Y at %H:%M:%S')}
 </p>
-"""
-        )
+""")
 
         # HTML footer with Chart.js
-        sections.append(
-            """
+        sections.append("""
 <script src="https://cdn.jsdelivr.net/npm/chart.js@3.9.1/dist/chart.min.js"></script>
-"""
-        )
+""")
         sections.append(formatter.html_footer())
 
         return "\n".join(sections)
@@ -1135,7 +1125,7 @@ new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by
 
         # Try WeasyPrint first (better CSS support)
         try:
-            from weasyprint import HTML, CSS
+            from weasyprint import CSS, HTML
 
             # Inline all external resources for PDF
             html_content = html_content.replace(
@@ -1143,8 +1133,7 @@ new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by
             )
 
             html = HTML(string=html_content)
-            css = CSS(
-                string="""
+            css = CSS(string="""
                 @page {
                     size: letter;
                     margin: 20mm 15mm;
@@ -1161,8 +1150,7 @@ new Chart(document.getElementById('detectionTacticChart'), {charts['detection_by
                 .mitre-heatmap {
                     page-break-inside: avoid;
                 }
-            """
-            )
+            """)
             html.write_pdf(output_path, stylesheets=[css])
             logger.info(f"PDF generated with WeasyPrint: {output_path}")
             return output_path

souleyez/reporting/metrics.py

@@ -3,8 +3,9 @@
 Report metrics and risk score calculations.
 Provides executive dashboard metrics for pentest reports.
 """
-from typing import Dict, List
+
 from datetime import datetime
+from typing import Dict, List
 
 
 class MetricsCalculator:

souleyez/scanner.py

@@ -1,10 +1,13 @@
 #!/usr/bin/env python3
 import subprocess
-import defusedxml.ElementTree as ET
 from pathlib import Path
-from .utils import SCANS_DIR, ensure_dirs, timestamp_str, join_cmd, nmap_installed
-from souleyez.security.validation import validate_nmap_args, ValidationError
+
+import defusedxml.ElementTree as ET
+
 from souleyez.log_config import get_logger
+from souleyez.security.validation import ValidationError, validate_nmap_args
+
+from .utils import SCANS_DIR, ensure_dirs, join_cmd, nmap_installed, timestamp_str
 
 ensure_dirs()
 logger = get_logger(__name__)

souleyez/security/__init__.py

@@ -1,9 +1,11 @@
 """Security validation, sanitization, and authentication utilities."""
 
-import click
-import sys
 import functools
 import getpass
+import sys
+
+import click
+
 from souleyez.storage.crypto import get_crypto_manager
 
 
@@ -20,7 +22,7 @@ def require_login(f):
 
     @functools.wraps(f)
     def wrapper(*args, **kwargs):
-        from souleyez.auth import get_current_user, is_logged_in, init_auth
+        from souleyez.auth import get_current_user, init_auth, is_logged_in
         from souleyez.storage.database import get_db
 
         # Initialize auth if needed
@@ -56,7 +58,7 @@ def require_admin(f):
 
     @functools.wraps(f)
     def wrapper(*args, **kwargs):
-        from souleyez.auth import get_current_user, Role
+        from souleyez.auth import Role, get_current_user
 
         user = get_current_user()
         if user is None or user.role != Role.ADMIN:
@@ -83,7 +85,7 @@ def require_pro(f):
 
     @functools.wraps(f)
     def wrapper(*args, **kwargs):
-        from souleyez.auth import get_current_user, Tier
+        from souleyez.auth import Tier, get_current_user
 
         user = get_current_user()
         if user is None or user.tier != Tier.PRO:

souleyez/security/scope_validator.py

@@ -5,15 +5,16 @@ Engagement scope validation for target validation.
 This module provides validation of targets against engagement scope definitions
 to prevent scanning unauthorized targets.
 """
-import re
-import ipaddress
+
 import fnmatch
+import ipaddress
+import re
 from dataclasses import dataclass
-from typing import Dict, Any, List, Optional
+from typing import Any, Dict, List, Optional
 from urllib.parse import urlparse
 
-from souleyez.storage.database import get_db
 from souleyez.log_config import get_logger
+from souleyez.storage.database import get_db
 
 logger = get_logger(__name__)
 

souleyez/security/validation.py

@@ -608,6 +608,20 @@ def validate_target_or_url(target: str) -> str:
     except ValidationError:
         pass
 
+    # Check if input looks like an IP address attempt
+    # Patterns: dot-separated numbers, or starts with numbers and dots
+    # If so, don't allow fallthrough to hostname - it's an invalid IP
+    ip_like_pattern = re.compile(r"^-?\d+(\.\d+)+$")  # All numeric octets
+    mixed_ip_pattern = re.compile(
+        r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.[a-zA-Z]"
+    )  # 3 numeric octets + letters
+    if ip_like_pattern.match(target) or mixed_ip_pattern.match(target):
+        # Looks like an IP but failed IP validation - reject it
+        raise ValidationError(
+            f"Invalid IP address: '{target}'. "
+            "Each octet must be 0-255 (e.g., 192.168.1.1)"
+        )
+
     # Try hostname (more lenient pattern for domains)
     # Allow single-part hostnames and domains
     hostname_pattern = re.compile(

souleyez/security.py

@@ -2,10 +2,13 @@
 """
 Security utilities for password protection and authentication.
 """
-import click
-import sys
+
 import functools
 import getpass
+import sys
+
+import click
+
 from souleyez.storage.crypto import get_crypto_manager
 
 

souleyez/storage/credentials.py

@@ -4,12 +4,15 @@ souleyez.storage.credentials - Credential storage and management
 
 Similar to MSF's creds command - tracks enumerated usernames and discovered passwords.
 """
+
 import re
-from typing import List, Dict, Any, Optional
-from .database import get_db
-from .crypto import get_crypto_manager
+from typing import Any, Dict, List, Optional
+
 from souleyez.log_config import get_logger
 
+from .crypto import get_crypto_manager
+from .database import get_db
+
 logger = get_logger(__name__)
 
 
@@ -77,8 +80,7 @@ class CredentialsManager:
     def _ensure_table(self):
         """Ensure credentials table exists."""
         conn = self.db.get_connection()
-        conn.execute(
-            """
+        conn.execute("""
             CREATE TABLE IF NOT EXISTS credentials (
                 id INTEGER PRIMARY KEY AUTOINCREMENT,
                 engagement_id INTEGER NOT NULL,
@@ -95,28 +97,21 @@ class CredentialsManager:
                 FOREIGN KEY (engagement_id) REFERENCES engagements(id),
                 FOREIGN KEY (host_id) REFERENCES hosts(id)
             )
-        """
-        )
+        """)
 
         # Create index for faster lookups
-        conn.execute(
-            """
+        conn.execute("""
             CREATE INDEX IF NOT EXISTS idx_credentials_engagement
             ON credentials(engagement_id)
-        """
-        )
-        conn.execute(
-            """
+        """)
+        conn.execute("""
             CREATE INDEX IF NOT EXISTS idx_credentials_host
             ON credentials(host_id)
-        """
-        )
-        conn.execute(
-            """
+        """)
+        conn.execute("""
             CREATE INDEX IF NOT EXISTS idx_credentials_status
             ON credentials(status)
-        """
-        )
+        """)
 
         conn.commit()
         conn.close()

souleyez/storage/crypto.py

@@ -5,17 +5,20 @@ souleyez.storage.crypto - Credential encryption/decryption
 Provides transparent encryption for sensitive credential data using Fernet (symmetric encryption).
 The encryption key is derived from a master password using PBKDF2-HMAC-SHA256.
 """
+
 import base64
-import os
 import json
+import os
 import traceback
-from typing import Optional
-from pathlib import Path
 from datetime import datetime, timedelta
+from pathlib import Path
+from typing import Optional
+
 from cryptography.fernet import Fernet, InvalidToken
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
-from cryptography.hazmat.backends import default_backend
+
 from souleyez import config
 from souleyez.log_config import get_logger
 

souleyez/storage/database.py

@@ -2,12 +2,14 @@
 """
 souleyez.storage.database - Core database operations
 """
-import sqlite3
+
 import os
+import sqlite3
 import time
 import traceback
-from typing import Optional, List, Dict, Any
 from pathlib import Path
+from typing import Any, Dict, List, Optional
+
 from souleyez import config
 from souleyez.log_config import get_logger
 
@@ -104,8 +106,7 @@ class Database:
                     "Schema file not found, using inline schema",
                     extra={"expected_path": str(schema_path)},
                 )
-                conn.executescript(
-                    """
+                conn.executescript("""
                 CREATE TABLE IF NOT EXISTS engagements (
                     id INTEGER PRIMARY KEY AUTOINCREMENT,
                     name TEXT UNIQUE NOT NULL,
@@ -267,8 +268,7 @@ class Database:
                 CREATE INDEX IF NOT EXISTS idx_credentials_engagement ON credentials(engagement_id);
                 CREATE INDEX IF NOT EXISTS idx_credentials_host ON credentials(host_id);
                 CREATE INDEX IF NOT EXISTS idx_credentials_status ON credentials(status);
-            """
-                )
+            """)
 
             conn.commit()
             conn.close()

souleyez/storage/db.py

@@ -10,12 +10,14 @@ Provides:
 - get_scan(scan_id)
 - simple migration helper to import old history JSON entries
 """
-from pathlib import Path
-import sqlite3
+
 import json
-from typing import Optional, List, Dict, Any
-from ..utils import ensure_dirs, HISTORY_FILE, read_json
+import sqlite3
+from pathlib import Path
+from typing import Any, Dict, List, Optional
+
 from .. import config
+from ..utils import HISTORY_FILE, ensure_dirs, read_json
 
 DB_PATH = Path(config.get("database.path", "~/.souleyez/souleyez.db")).expanduser()
 ensure_dirs()
@@ -41,8 +43,7 @@ def _get_conn(fast_mode: bool = False):
 def init_db():
     conn = _get_conn()
     cur = conn.cursor()
-    cur.executescript(
-        """
+    cur.executescript("""
     CREATE TABLE IF NOT EXISTS scans (
         id INTEGER PRIMARY KEY AUTOINCREMENT,
         ts TEXT,
@@ -60,8 +61,7 @@ def init_db():
     CREATE INDEX IF NOT EXISTS idx_scans_tool ON scans(tool);
     CREATE INDEX IF NOT EXISTS idx_scans_target ON scans(target);
     CREATE INDEX IF NOT EXISTS idx_scans_ts ON scans(ts);
-    """
-    )
+    """)
     conn.commit()
     conn.close()
 

souleyez/storage/deliverable_evidence.py

@@ -2,7 +2,8 @@
 Evidence linking for deliverables.
 """
 
-from typing import List, Dict, Optional
+from typing import Dict, List, Optional
+
 from .database import get_db
 
 

souleyez/storage/deliverable_exporter.py

@@ -4,11 +4,12 @@ Export deliverables in multiple formats (CSV, JSON, Markdown).
 
 import csv
 import json
-from typing import Dict, List, Optional
 from datetime import datetime
+from typing import Dict, List, Optional
+
 from .database import get_db
-from .deliverables import DeliverableManager
 from .deliverable_evidence import EvidenceManager
+from .deliverables import DeliverableManager
 from .engagements import EngagementManager
 
 

souleyez/storage/deliverable_templates.py

@@ -2,9 +2,10 @@
 Deliverable templates management.
 """
 
-from typing import List, Dict, Optional
 import json
 import os
+from typing import Dict, List, Optional
+
 from .database import get_db
 
 

souleyez/storage/deliverables.py

@@ -2,7 +2,8 @@
 Deliverable tracking and acceptance criteria management.
 """
 
-from typing import List, Dict, Optional
+from typing import Dict, List, Optional
+
 from .database import get_db
 
 

souleyez/storage/engagements.py

@@ -2,9 +2,11 @@
 """
 souleyez.storage.engagements - Engagement management
 """
-from typing import List, Dict, Any, Optional
-from .database import get_db
+
 from pathlib import Path
+from typing import Any, Dict, List, Optional
+
+from .database import get_db
 
 ENGAGEMENT_FILE = Path.home() / ".souleyez" / "current_engagement"
 
@@ -39,7 +41,7 @@ class EngagementManager:
         )
 
         # Audit log
-        from souleyez.auth.audit import audit_log, AuditAction
+        from souleyez.auth.audit import AuditAction, audit_log
 
         audit_log(
             AuditAction.ENGAGEMENT_CREATED,
@@ -241,7 +243,7 @@ class EngagementManager:
         self.db.execute("DELETE FROM engagements WHERE id = ?", (eng["id"],))
 
         # Audit log
-        from souleyez.auth.audit import audit_log, AuditAction
+        from souleyez.auth.audit import AuditAction, audit_log
 
         audit_log(
             AuditAction.ENGAGEMENT_DELETED,

souleyez/storage/evidence.py

@@ -3,8 +3,9 @@
 Evidence collection and organization for pentest workflow.
 Aggregates all artifacts from jobs, findings, credentials, etc.
 """
-from typing import List, Dict, Optional
+
 from datetime import datetime, timedelta
+from typing import Dict, List, Optional
 
 
 class EvidenceManager:
@@ -12,10 +13,10 @@ class EvidenceManager:
 
     def __init__(self):
         # Import existing managers
-        from souleyez.storage.osint import OsintManager
-        from souleyez.storage.hosts import HostManager
-        from souleyez.storage.findings import FindingsManager
         from souleyez.storage.credentials import CredentialsManager
+        from souleyez.storage.findings import FindingsManager
+        from souleyez.storage.hosts import HostManager
+        from souleyez.storage.osint import OsintManager
         from souleyez.storage.screenshots import ScreenshotManager
 
         self.osint = OsintManager()

souleyez/storage/execution_log.py

@@ -2,11 +2,13 @@
 """
 souleyez.storage.execution_log - Track AI-driven command executions
 """
-import sqlite3
+
 import json
+import sqlite3
 from datetime import datetime
-from typing import Dict, List, Optional, Any
 from pathlib import Path
+from typing import Any, Dict, List, Optional
+
 from souleyez import config
 
 

souleyez/storage/exploit_attempts.py

@@ -2,10 +2,11 @@
 """
 souleyez.storage.exploit_attempts - Track exploitation attempts and outcomes
 """
-from typing import List, Dict, Any, Optional
+
 from datetime import datetime
-from souleyez.storage.database import get_db
+from typing import Any, Dict, List, Optional
 
+from souleyez.storage.database import get_db
 
 # Valid status values
 STATUS_NOT_TRIED = "not_tried"

souleyez/storage/exploits.py

@@ -2,7 +2,9 @@
 """
 souleyez.storage.exploits - Manage SearchSploit exploit data
 """
-from typing import List, Dict, Any, Optional
+
+from typing import Any, Dict, List, Optional
+
 from souleyez.storage.database import get_db