voidaccess 1.4.3__tar.gz → 1.4.5__tar.gz

{voidaccess-1.4.3/voidaccess.egg-info → voidaccess-1.4.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: voidaccess
-Version: 1.4.3
+Version: 1.4.5
 Summary: Dark web OSINT CLI — automated threat intelligence from query to report
 Author: VoidAccess
 License-Expression: MIT
@@ -65,6 +65,58 @@ Commercial threat intelligence platforms often charge prohibitive annual fees fo
 
 ---
 
+## Quick Start
+
+### Option A - CLI (no Docker, 30 seconds)
+
+```bash
+pip install voidaccess
+voidaccess configure
+voidaccess investigate "LockBit ransomware"
+```
+
+Requires local Tor for dark web sources:
+
+- https://torproject.org
+- Use `--no-tor` for clearnet-only investigations
+
+The CLI stores config in `~/.voidaccess/config.json` and writes results to `~/.voidaccess/results/`.
+
+### Option B - Docker (full stack, 5 minutes)
+
+```bash
+git clone https://github.com/KatrielMoses/voidaccess
+cd voidaccess
+bash setup.sh
+```
+
+The Docker stack includes PostgreSQL, Tor, FastAPI, and Next.js.
+
+### CLI Commands
+
+| Command | Description |
+|---|---|
+| `voidaccess investigate` | Run an investigation |
+| `voidaccess show` | Interactive entity browser |
+| `voidaccess export` | Export STIX/MISP/Sigma/CSV/MD |
+| `voidaccess enrich` | Re-enrich saved results |
+| `voidaccess list` | List saved investigations |
+| `voidaccess status` | Config and API key status |
+| `voidaccess configure` | Setup wizard |
+
+### CLI vs Docker
+
+| Feature | CLI | Docker |
+|---|---|---|
+| Install time | 30 seconds | 5 minutes |
+| Dark web scraping | Requires local Tor | Built-in |
+| Graph visualization | Terminal TUI | sigma.js |
+| Monitoring/alerts | No | Yes |
+| Multi-user | No | Yes |
+| Persistence | SQLite (`~/.voidaccess`) | PostgreSQL |
+
+---
+
 ## Visual Walkthrough
 
 ### 1. Intuitive Dashboard
@@ -213,7 +265,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## What's New in v1.3
+## Recent Updates
 
 - **10 new enrichment sources**: GreyNoise (scanner suppression), AbuseIPDB, Feodo Tracker, C2IntelFeeds, crt.sh, URLScan.io, Wayback Machine, Hybrid Analysis, HaveIBeenPwned, EmailRep
 - **4 new clearnet collection sources**: paste sites, GitHub code search, GitLab code search, and 20 curated RSS security feeds
@@ -228,7 +280,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## Quick Start
+## Docker Setup
 
 ### Prerequisites
 - Docker and Docker Compose

{voidaccess-1.4.3 → voidaccess-1.4.5}/README.md

@@ -19,6 +19,58 @@ Commercial threat intelligence platforms often charge prohibitive annual fees fo
 
 ---
 
+## Quick Start
+
+### Option A - CLI (no Docker, 30 seconds)
+
+```bash
+pip install voidaccess
+voidaccess configure
+voidaccess investigate "LockBit ransomware"
+```
+
+Requires local Tor for dark web sources:
+
+- https://torproject.org
+- Use `--no-tor` for clearnet-only investigations
+
+The CLI stores config in `~/.voidaccess/config.json` and writes results to `~/.voidaccess/results/`.
+
+### Option B - Docker (full stack, 5 minutes)
+
+```bash
+git clone https://github.com/KatrielMoses/voidaccess
+cd voidaccess
+bash setup.sh
+```
+
+The Docker stack includes PostgreSQL, Tor, FastAPI, and Next.js.
+
+### CLI Commands
+
+| Command | Description |
+|---|---|
+| `voidaccess investigate` | Run an investigation |
+| `voidaccess show` | Interactive entity browser |
+| `voidaccess export` | Export STIX/MISP/Sigma/CSV/MD |
+| `voidaccess enrich` | Re-enrich saved results |
+| `voidaccess list` | List saved investigations |
+| `voidaccess status` | Config and API key status |
+| `voidaccess configure` | Setup wizard |
+
+### CLI vs Docker
+
+| Feature | CLI | Docker |
+|---|---|---|
+| Install time | 30 seconds | 5 minutes |
+| Dark web scraping | Requires local Tor | Built-in |
+| Graph visualization | Terminal TUI | sigma.js |
+| Monitoring/alerts | No | Yes |
+| Multi-user | No | Yes |
+| Persistence | SQLite (`~/.voidaccess`) | PostgreSQL |
+
+---
+
 ## Visual Walkthrough
 
 ### 1. Intuitive Dashboard
@@ -167,7 +219,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## What's New in v1.3
+## Recent Updates
 
 - **10 new enrichment sources**: GreyNoise (scanner suppression), AbuseIPDB, Feodo Tracker, C2IntelFeeds, crt.sh, URLScan.io, Wayback Machine, Hybrid Analysis, HaveIBeenPwned, EmailRep
 - **4 new clearnet collection sources**: paste sites, GitHub code search, GitLab code search, and 20 curated RSS security feeds
@@ -182,7 +234,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## Quick Start
+## Docker Setup
 
 ### Prerequisites
 - Docker and Docker Compose

{voidaccess-1.4.3 → voidaccess-1.4.5}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "voidaccess"
-version = "1.4.3"
+version = "1.4.5"
 description = "Dark web OSINT CLI — automated threat intelligence from query to report"
 readme = "README.md"
 license = "MIT"

{voidaccess-1.4.3 → voidaccess-1.4.5/voidaccess.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: voidaccess
-Version: 1.4.3
+Version: 1.4.5
 Summary: Dark web OSINT CLI — automated threat intelligence from query to report
 Author: VoidAccess
 License-Expression: MIT
@@ -65,6 +65,58 @@ Commercial threat intelligence platforms often charge prohibitive annual fees fo
 
 ---
 
+## Quick Start
+
+### Option A - CLI (no Docker, 30 seconds)
+
+```bash
+pip install voidaccess
+voidaccess configure
+voidaccess investigate "LockBit ransomware"
+```
+
+Requires local Tor for dark web sources:
+
+- https://torproject.org
+- Use `--no-tor` for clearnet-only investigations
+
+The CLI stores config in `~/.voidaccess/config.json` and writes results to `~/.voidaccess/results/`.
+
+### Option B - Docker (full stack, 5 minutes)
+
+```bash
+git clone https://github.com/KatrielMoses/voidaccess
+cd voidaccess
+bash setup.sh
+```
+
+The Docker stack includes PostgreSQL, Tor, FastAPI, and Next.js.
+
+### CLI Commands
+
+| Command | Description |
+|---|---|
+| `voidaccess investigate` | Run an investigation |
+| `voidaccess show` | Interactive entity browser |
+| `voidaccess export` | Export STIX/MISP/Sigma/CSV/MD |
+| `voidaccess enrich` | Re-enrich saved results |
+| `voidaccess list` | List saved investigations |
+| `voidaccess status` | Config and API key status |
+| `voidaccess configure` | Setup wizard |
+
+### CLI vs Docker
+
+| Feature | CLI | Docker |
+|---|---|---|
+| Install time | 30 seconds | 5 minutes |
+| Dark web scraping | Requires local Tor | Built-in |
+| Graph visualization | Terminal TUI | sigma.js |
+| Monitoring/alerts | No | Yes |
+| Multi-user | No | Yes |
+| Persistence | SQLite (`~/.voidaccess`) | PostgreSQL |
+
+---
+
 ## Visual Walkthrough
 
 ### 1. Intuitive Dashboard
@@ -213,7 +265,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## What's New in v1.3
+## Recent Updates
 
 - **10 new enrichment sources**: GreyNoise (scanner suppression), AbuseIPDB, Feodo Tracker, C2IntelFeeds, crt.sh, URLScan.io, Wayback Machine, Hybrid Analysis, HaveIBeenPwned, EmailRep
 - **4 new clearnet collection sources**: paste sites, GitHub code search, GitLab code search, and 20 curated RSS security feeds
@@ -228,7 +280,7 @@ Free with Groq, OpenRouter free models, or Ollama. Under $0.50 per investigation
 
 ---
 
-## Quick Start
+## Docker Setup
 
 ### Prerequisites
 - Docker and Docker Compose

{voidaccess-1.4.3 → voidaccess-1.4.5}/voidaccess_cli/adapters/sqlite.py

@@ -22,6 +22,8 @@ import uuid
 from datetime import datetime, timezone
 from typing import Any, Optional
 
+from sqlalchemy import text
+
 
 def init_db() -> None:
     """Create all tables on the SQLite file if missing. Idempotent."""
@@ -30,6 +32,18 @@ def init_db() -> None:
     engine = get_engine()
     Base.metadata.create_all(engine)
 
+    # Create page_extraction_cache table if missing
+    with engine.connect() as conn:
+        conn.execute(text("""
+            CREATE TABLE IF NOT EXISTS page_extraction_cache (
+                page_hash TEXT PRIMARY KEY,
+                entities_json TEXT NOT NULL,
+                extracted_at TIMESTAMP NOT NULL,
+                expires_at TIMESTAMP NOT NULL
+            )
+        """))
+        conn.commit()
+
 
 def _serialize_dt(dt: Optional[datetime]) -> Optional[str]:
     if dt is None:

{voidaccess-1.4.3 → voidaccess-1.4.5}/voidaccess_cli/commands/investigate.py

@@ -27,7 +27,13 @@ from typing import Any, Optional
 import typer
 from rich.console import Console
 
+# Import reputation enrichment sources (used in Step 6.2–6.4)
+from sources.domain_reputation import enrich_domain_entities
+from sources.email_reputation import enrich_email_entities
+from sources.hash_reputation import enrich_hash_entities
+
 console = Console()
+logger = logging.getLogger(__name__)
 
 
 # ---------------------------------------------------------------------------
@@ -333,6 +339,45 @@ async def _run_investigation(
         except Exception as ip_exc:
             console.print(f"[grey50]ip_reputation skipped: {ip_exc}[/grey50]")
 
+        # Step 6.2 — Domain reputation
+        try:
+            extraction_results = await enrich_domain_entities(
+                extraction_results, inv_uuid
+            )
+            display.update_step(
+                "Enriching domains",
+                "done",
+                f"{sum(1 for e in extraction_results if e.get('entity_type') == 'DOMAIN')} domains enriched",
+            )
+        except Exception as e:
+            logger.debug(f"Domain enrichment: {e}")
+
+        # Step 6.3 — Hash reputation
+        try:
+            extraction_results = await enrich_hash_entities(
+                extraction_results, inv_uuid
+            )
+            display.update_step(
+                "Enriching hashes",
+                "done",
+                "",
+            )
+        except Exception as e:
+            logger.debug(f"Hash enrichment: {e}")
+
+        # Step 6.4 — Email reputation
+        try:
+            extraction_results = await enrich_email_entities(
+                extraction_results, inv_uuid
+            )
+            display.update_step(
+                "Enriching emails",
+                "done",
+                "",
+            )
+        except Exception as e:
+            logger.debug(f"Email enrichment: {e}")
+
         sources_used["enrichment"] = {"status": "ok", "count": len(enrichment_pages)}
         display.update_step("Enriching intelligence", "ok", f"{len(enrichment_pages)} pages added")
     except Exception as exc:
@@ -367,10 +412,10 @@ async def _run_investigation(
     if llm is not None:
         try:
             from voidaccess.llm import generate_summary
-            corpus = "\n\n".join(p["text"][:5000] for p in scraped_pages[:10])
-            if corpus:
+            pages_to_summarize = scraped_pages[:10]
+            if pages_to_summarize:
                 summary_text = await asyncio.to_thread(
-                    generate_summary, llm, refined, corpus, "threat_intel"
+                    generate_summary, llm, refined, pages_to_summarize, "threat_intel"
                 )
             display.update_step("Generating summary", "ok")
         except Exception as exc: