zen-ai-pentest 2.0.4__py3-none-any.whl → 2.1.0__py3-none-any.whl

api/main.py

@@ -60,7 +60,7 @@ async def lifespan(app: FastAPI):
 app = FastAPI(
     title="Zen-AI-Pentest API",
     description="Professional Pentesting Framework API",
-    version="2.0.0",
+    version="2.1.0",
     lifespan=lifespan
 )
 
@@ -500,7 +500,7 @@ async def health_check():
     """Health check endpoint"""
     return {
         "status": "healthy",
-        "version": "2.0.0",
+        "version": "2.1.0",
         "timestamp": datetime.utcnow().isoformat()
     }
 
@@ -1022,6 +1022,18 @@ async def create_jira_ticket(
 # Import models for reports
 from database.models import Report
 
+# ============================================================================
+# API v1.0 (Q1 2026)
+# ============================================================================
+
+# Import v1 router
+try:
+    from api.v1.siem import router as siem_v1_router
+    app.include_router(siem_v1_router, prefix="/api/v1/siem", tags=["SIEM v1.0"])
+    logger.info("API v1.0 SIEM endpoints loaded")
+except ImportError as e:
+    logger.warning(f"Could not load API v1.0 endpoints: {e}")
+
 if __name__ == "__main__":
     import uvicorn
     uvicorn.run(app, host="0.0.0.0", port=8000)

modules/__init__.py

@@ -10,7 +10,7 @@ from .osint import (DomainInfo, EmailProfile, OSINTModule, OSINTResult,
 from .protonvpn import (ProtonVPNManager, VPNProtocol, VPNSecurityLevel,
                         VPNServer, VPNStatus, quick_connect, secure_connect)
 from .recon import ReconModule
-from .report_gen import ReportGenerator
+# from .report_gen import ReportGenerator  # Module not available
 from .sql_injection_db import (DBType, SQLInjectionDatabase, SQLITechnique,
                                SQLPayload)
 from .vuln_scanner import VulnScannerModule
@@ -19,7 +19,7 @@ __all__ = [
     "ReconModule",
     "VulnScannerModule",
     "ExploitAssistModule",
-    "ReportGenerator",
+    # "ReportGenerator",  # Module not available
     "NucleiIntegration",
     "NucleiTemplateManager",
     "SQLInjectionDatabase",

modules/siem_integration.py

@@ -0,0 +1,501 @@
+"""
+SIEM Integration Module for Zen AI Pentest
+Supports: Splunk, Elastic, Azure Sentinel, IBM QRadar
+"""
+
+import json
+import logging
+from abc import ABC, abstractmethod
+from dataclasses import dataclass
+from datetime import datetime
+from typing import Dict, List, Optional, Any
+import requests
+from urllib.parse import urljoin
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class SIEMConfig:
+    """SIEM connection configuration"""
+    name: str
+    type: str  # splunk, elastic, sentinel, qradar
+    url: str
+    api_key: Optional[str] = None
+    username: Optional[str] = None
+    password: Optional[str] = None
+    index: Optional[str] = None
+    verify_ssl: bool = True
+    timeout: int = 30
+
+
+@dataclass
+class SecurityEvent:
+    """Normalized security event for SIEM ingestion"""
+    timestamp: datetime
+    severity: str  # critical, high, medium, low, info
+    event_type: str
+    source: str
+    target: str
+    description: str
+    cve_id: Optional[str] = None
+    cvss_score: Optional[float] = None
+    raw_data: Optional[Dict] = None
+
+
+class BaseSIEMConnector(ABC):
+    """Base class for SIEM connectors"""
+    
+    def __init__(self, config: SIEMConfig):
+        self.config = config
+        self.session = requests.Session()
+        self.session.verify = config.verify_ssl
+        self.session.timeout = config.timeout
+        
+    @abstractmethod
+    def connect(self) -> bool:
+        """Test connection to SIEM"""
+        pass
+    
+    @abstractmethod
+    def send_event(self, event: SecurityEvent) -> bool:
+        """Send security event to SIEM"""
+        pass
+    
+    @abstractmethod
+    def send_events_batch(self, events: List[SecurityEvent]) -> bool:
+        """Send multiple events to SIEM"""
+        pass
+    
+    @abstractmethod
+    def query_threat_intel(self, indicator: str) -> Optional[Dict]:
+        """Query SIEM for threat intelligence"""
+        pass
+
+
+class SplunkConnector(BaseSIEMConnector):
+    """Splunk HTTP Event Collector (HEC) connector"""
+    
+    def connect(self) -> bool:
+        try:
+            url = urljoin(self.config.url, "/services/collector/health")
+            headers = {"Authorization": f"Splunk {self.config.api_key}"}
+            response = self.session.get(url, headers=headers)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Splunk connection failed: {e}")
+            return False
+    
+    def send_event(self, event: SecurityEvent) -> bool:
+        try:
+            url = urljoin(self.config.url, "/services/collector/event")
+            headers = {
+                "Authorization": f"Splunk {self.config.api_key}",
+                "Content-Type": "application/json"
+            }
+            
+            payload = {
+                "time": event.timestamp.timestamp(),
+                "sourcetype": "zen_ai_pentest",
+                "index": self.config.index or "security",
+                "event": {
+                    "severity": event.severity,
+                    "event_type": event.event_type,
+                    "source": event.source,
+                    "target": event.target,
+                    "description": event.description,
+                    "cve_id": event.cve_id,
+                    "cvss_score": event.cvss_score,
+                    **(event.raw_data or {})
+                }
+            }
+            
+            response = self.session.post(url, headers=headers, json=payload)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Failed to send event to Splunk: {e}")
+            return False
+    
+    def send_events_batch(self, events: List[SecurityEvent]) -> bool:
+        """Send multiple events to Splunk"""
+        try:
+            url = urljoin(self.config.url, "/services/collector/event")
+            headers = {
+                "Authorization": f"Splunk {self.config.api_key}",
+                "Content-Type": "application/json"
+            }
+            
+            batch_data = ""
+            for event in events:
+                payload = {
+                    "time": event.timestamp.timestamp(),
+                    "sourcetype": "zen_ai_pentest",
+                    "index": self.config.index or "security",
+                    "event": {
+                        "severity": event.severity,
+                        "event_type": event.event_type,
+                        "source": event.source,
+                        "target": event.target,
+                        "description": event.description,
+                        "cve_id": event.cve_id,
+                        "cvss_score": event.cvss_score,
+                    }
+                }
+                batch_data += json.dumps(payload) + "\n"
+            
+            response = self.session.post(url, headers=headers, data=batch_data)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Failed to send batch to Splunk: {e}")
+            return False
+    
+    def query_threat_intel(self, indicator: str) -> Optional[Dict]:
+        """Query Splunk for threat intelligence"""
+        try:
+            search_query = f'search index=threat_intel indicator="{indicator}" | head 1'
+            url = urljoin(self.config.url, "/services/search/jobs")
+            headers = {"Authorization": f"Splunk {self.config.api_key}"}
+            
+            data = {"search": search_query, "output_mode": "json"}
+            response = self.session.post(url, headers=headers, data=data)
+            
+            if response.status_code == 200:
+                return response.json()
+            return None
+        except Exception as e:
+            logger.error(f"Failed to query Splunk: {e}")
+            return None
+
+
+class ElasticConnector(BaseSIEMConnector):
+    """Elastic/Elasticsearch connector"""
+    
+    def connect(self) -> bool:
+        try:
+            url = urljoin(self.config.url, "_cluster/health")
+            headers = {"Authorization": f"ApiKey {self.config.api_key}"}
+            response = self.session.get(url, headers=headers)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Elastic connection failed: {e}")
+            return False
+    
+    def send_event(self, event: SecurityEvent) -> bool:
+        try:
+            index = self.config.index or "zen-ai-security"
+            url = urljoin(self.config.url, f"{index}/_doc")
+            headers = {"Authorization": f"ApiKey {self.config.api_key}"}
+            
+            document = {
+                "@timestamp": event.timestamp.isoformat(),
+                "severity": event.severity,
+                "event.type": event.event_type,
+                "source.ip": event.source,
+                "destination.ip": event.target,
+                "message": event.description,
+                "vulnerability.cve": event.cve_id,
+                "vulnerability.cvss": event.cvss_score,
+            }
+            
+            response = self.session.post(url, headers=headers, json=document)
+            return response.status_code in [200, 201]
+        except Exception as e:
+            logger.error(f"Failed to send event to Elastic: {e}")
+            return False
+    
+    def send_events_batch(self, events: List[SecurityEvent]) -> bool:
+        """Send bulk events to Elastic"""
+        try:
+            index = self.config.index or "zen-ai-security"
+            url = urljoin(self.config.url, "_bulk")
+            headers = {"Authorization": f"ApiKey {self.config.api_key}"}
+            
+            bulk_data = ""
+            for event in events:
+                action = json.dumps({"index": {"_index": index}})
+                document = json.dumps({
+                    "@timestamp": event.timestamp.isoformat(),
+                    "severity": event.severity,
+                    "event.type": event.event_type,
+                    "source.ip": event.source,
+                    "destination.ip": event.target,
+                    "message": event.description,
+                    "vulnerability.cve": event.cve_id,
+                    "vulnerability.cvss": event.cvss_score,
+                })
+                bulk_data += action + "\n" + document + "\n"
+            
+            response = self.session.post(
+                url, 
+                headers={**headers, "Content-Type": "application/x-ndjson"},
+                data=bulk_data
+            )
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Failed to send bulk to Elastic: {e}")
+            return False
+    
+    def query_threat_intel(self, indicator: str) -> Optional[Dict]:
+        """Query Elastic for threat intelligence"""
+        try:
+            index = "threat-intel"
+            url = urljoin(self.config.url, f"{index}/_search")
+            headers = {"Authorization": f"ApiKey {self.config.api_key}"}
+            
+            query = {
+                "query": {
+                    "match": {"indicator": indicator}
+                }
+            }
+            
+            response = self.session.post(url, headers=headers, json=query)
+            if response.status_code == 200:
+                return response.json()
+            return None
+        except Exception as e:
+            logger.error(f"Failed to query Elastic: {e}")
+            return None
+
+
+class AzureSentinelConnector(BaseSIEMConnector):
+    """Azure Sentinel/Log Analytics connector"""
+    
+    def __init__(self, config: SIEMConfig):
+        super().__init__(config)
+        self.workspace_id = config.username  # Workspace ID
+        self.shared_key = config.api_key  # Shared Key
+        
+    def connect(self) -> bool:
+        try:
+            # Test connection by querying Log Analytics
+            url = f"https://api.loganalytics.io/v1/workspaces/{self.workspace_id}/query"
+            headers = self._build_auth_header()
+            
+            response = self.session.get(url, headers=headers)
+            return response.status_code in [200, 401]  # 401 means auth works but query invalid
+        except Exception as e:
+            logger.error(f"Sentinel connection failed: {e}")
+            return False
+    
+    def _build_auth_header(self) -> Dict[str, str]:
+        """Build Azure API authentication header"""
+        import hmac
+        import hashlib
+        import base64
+        
+        date = datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
+        string_to_hash = f"POST\n{len('')}\napplication/json\nx-ms-date:{date}\n/api/logs"
+        decoded_key = base64.b64decode(self.shared_key)
+        encoded_hash = base64.b64encode(
+            hmac.new(decoded_key, string_to_hash.encode(), hashlib.sha256).digest()
+        ).decode()
+        
+        return {
+            "Content-Type": "application/json",
+            "Authorization": f"SharedKey {self.workspace_id}:{encoded_hash}",
+            "x-ms-date": date,
+            "Log-Type": "ZenAIPentest"
+        }
+    
+    def send_event(self, event: SecurityEvent) -> bool:
+        try:
+            url = f"https://{self.workspace_id}.ods.opinsights.azure.com/api/logs?api-version=2016-04-01"
+            headers = self._build_auth_header()
+            
+            log_data = [{
+                "TimeGenerated": event.timestamp.isoformat(),
+                "Severity": event.severity,
+                "EventType": event.event_type,
+                "Source": event.source,
+                "Target": event.target,
+                "Description": event.description,
+                "CVE": event.cve_id,
+                "CVSS": event.cvss_score
+            }]
+            
+            response = self.session.post(url, headers=headers, json=log_data)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Failed to send event to Sentinel: {e}")
+            return False
+    
+    def send_events_batch(self, events: List[SecurityEvent]) -> bool:
+        """Send batch to Azure Log Analytics"""
+        try:
+            url = f"https://{self.workspace_id}.ods.opinsights.azure.com/api/logs?api-version=2016-04-01"
+            headers = self._build_auth_header()
+            
+            log_data = []
+            for event in events:
+                log_data.append({
+                    "TimeGenerated": event.timestamp.isoformat(),
+                    "Severity": event.severity,
+                    "EventType": event.event_type,
+                    "Source": event.source,
+                    "Target": event.target,
+                    "Description": event.description,
+                    "CVE": event.cve_id,
+                    "CVSS": event.cvss_score
+                })
+            
+            response = self.session.post(url, headers=headers, json=log_data)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"Failed to send batch to Sentinel: {e}")
+            return False
+    
+    def query_threat_intel(self, indicator: str) -> Optional[Dict]:
+        """Query Sentinel Threat Intelligence"""
+        try:
+            url = f"https://api.loganalytics.io/v1/workspaces/{self.workspace_id}/query"
+            headers = self._build_auth_header()
+            
+            query = f"ThreatIntelligenceIndicator | where Indicator == '{indicator}' | limit 1"
+            
+            response = self.session.post(
+                url,
+                headers=headers,
+                json={"query": query}
+            )
+            
+            if response.status_code == 200:
+                return response.json()
+            return None
+        except Exception as e:
+            logger.error(f"Failed to query Sentinel: {e}")
+            return None
+
+
+class QRadarConnector(BaseSIEMConnector):
+    """IBM QRadar connector"""
+    
+    def connect(self) -> bool:
+        try:
+            url = urljoin(self.config.url, "/api/system/about")
+            headers = self._build_auth_header()
+            response = self.session.get(url, headers=headers)
+            return response.status_code == 200
+        except Exception as e:
+            logger.error(f"QRadar connection failed: {e}")
+            return False
+    
+    def _build_auth_header(self) -> Dict[str, str]:
+        """Build QRadar authentication header"""
+        import base64
+        
+        if self.config.api_key:
+            return {"SEC": self.config.api_key}
+        elif self.config.username and self.config.password:
+            credentials = base64.b64encode(
+                f"{self.config.username}:{self.config.password}".encode()
+            ).decode()
+            return {"Authorization": f"Basic {credentials}"}
+        return {}
+    
+    def send_event(self, event: SecurityEvent) -> bool:
+        try:
+            url = urljoin(self.config.url, "/api/asset_model/assets")
+            headers = self._build_auth_header()
+            
+            payload = {
+                "event": {
+                    "severity": event.severity,
+                    "event_type": event.event_type,
+                    "source": event.source,
+                    "target": event.target,
+                    "description": event.description,
+                    "cve": event.cve_id
+                }
+            }
+            
+            response = self.session.post(url, headers=headers, json=payload)
+            return response.status_code in [200, 201]
+        except Exception as e:
+            logger.error(f"Failed to send event to QRadar: {e}")
+            return False
+    
+    def send_events_batch(self, events: List[SecurityEvent]) -> bool:
+        """QRadar batch event submission"""
+        for event in events:
+            if not self.send_event(event):
+                return False
+        return True
+    
+    def query_threat_intel(self, indicator: str) -> Optional[Dict]:
+        """Query QRadar reference sets"""
+        try:
+            url = urljoin(self.config.url, f"/api/reference_data/sets/{indicator}")
+            headers = self._build_auth_header()
+            
+            response = self.session.get(url, headers=headers)
+            if response.status_code == 200:
+                return response.json()
+            return None
+        except Exception as e:
+            logger.error(f"Failed to query QRadar: {e}")
+            return None
+
+
+class SIEMIntegrationManager:
+    """Manager for multiple SIEM integrations"""
+    
+    def __init__(self):
+        self.connectors: Dict[str, BaseSIEMConnector] = {}
+        self._connector_classes = {
+            "splunk": SplunkConnector,
+            "elastic": ElasticConnector,
+            "sentinel": AzureSentinelConnector,
+            "qradar": QRadarConnector
+        }
+    
+    def add_siem(self, config: SIEMConfig) -> bool:
+        """Add SIEM integration"""
+        connector_class = self._connector_classes.get(config.type)
+        if not connector_class:
+            logger.error(f"Unknown SIEM type: {config.type}")
+            return False
+        
+        connector = connector_class(config)
+        if connector.connect():
+            self.connectors[config.name] = connector
+            logger.info(f"Connected to {config.name} ({config.type})")
+            return True
+        else:
+            logger.error(f"Failed to connect to {config.name}")
+            return False
+    
+    def send_to_all(self, event: SecurityEvent) -> Dict[str, bool]:
+        """Send event to all configured SIEMs"""
+        results = {}
+        for name, connector in self.connectors.items():
+            results[name] = connector.send_event(event)
+        return results
+    
+    def send_batch_to_all(self, events: List[SecurityEvent]) -> Dict[str, bool]:
+        """Send batch of events to all SIEMs"""
+        results = {}
+        for name, connector in self.connectors.items():
+            results[name] = connector.send_events_batch(events)
+        return results
+    
+    def get_status(self) -> Dict[str, bool]:
+        """Get connection status of all SIEMs"""
+        return {name: connector.connect() for name, connector in self.connectors.items()}
+
+
+# Factory function
+def create_siem_connector(config: SIEMConfig) -> Optional[BaseSIEMConnector]:
+    """Factory function to create appropriate SIEM connector"""
+    connectors = {
+        "splunk": SplunkConnector,
+        "elastic": ElasticConnector,
+        "sentinel": AzureSentinelConnector,
+        "qradar": QRadarConnector
+    }
+    
+    connector_class = connectors.get(config.type.lower())
+    if connector_class:
+        return connector_class(config)
+    
+    logger.error(f"Unknown SIEM type: {config.type}")
+    return None

risk_engine/__init__.py

@@ -58,7 +58,7 @@ from .business_impact_calculator import (
 )
 
 # Additional exports for backwards compatibility
-from .scorer import RiskScorer
+from .scorer import RiskScorer, RiskScore, SeverityLevel
 from .cvss import CVSSCalculator
 from .epss import EPSSClient
 
@@ -92,6 +92,8 @@ __all__ = [
     
     # Additional scoring modules
     "RiskScorer",
+    "RiskScore",
+    "SeverityLevel",
     "CVSSCalculator",
     "EPSSClient",
 ]

{zen_ai_pentest-2.0.4.dist-info → zen_ai_pentest-2.1.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: zen-ai-pentest
-Version: 2.0.4
+Version: 2.1.0
 Summary: Advanced AI-Powered Penetration Testing Framework with Multi-Agent Orchestration
 Home-page: https://github.com/SHAdd0WTAka/zen-ai-pentest
 Author: SHAdd0WTAka
@@ -63,10 +63,53 @@ Dynamic: requires-python
 [![Docker](https://img.shields.io/badge/Docker-Ready-blue)](docker/)
 [![Tests](https://img.shields.io/badge/Tests-pytest-brightgreen)](tests/)
 [![PyPI](https://img.shields.io/pypi/v/zen-ai-pentest)](https://pypi.org/project/zen-ai-pentest/)
-[![Version](https://img.shields.io/badge/Version-2.0.3-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
+[![Version](https://img.shields.io/badge/Version-2.0.4-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
 [![Authors](https://img.shields.io/badge/Authors-SHAdd0WTAka%20%7C%20KimiAI-purple)](#-authors--team)
 [![Roadmap](https://img.shields.io/badge/Roadmap-2026-blueviolet)](ROADMAP_2026.md)
-
+[![Architecture](https://img.shields.io/badge/Architecture-Diagram-blue)](docs/architecture.md)
+```mermaid
+  graph TB
+      subgraph "User Interface"
+          CLI[CLI]
+          API[REST API]
+          WebUI[Web UI]
+      end
+
+      subgraph "Core Engine"
+          Orchestrator[Agent Orchestrator]
+          StateMachine[State Machine]
+          RiskEngine[Risk Engine]
+      end
+
+      subgraph "AI Agents"
+          Recon[Reconnaissance]
+          Vuln[Vulnerability]
+          Exploit[Exploit]
+          Report[Report]
+      end
+
+      subgraph "Tools"
+          Nmap[Nmap]
+          SQLMap[SQLMap]
+          Metasploit[Metasploit]
+      end
+
+      subgraph "External APIs"
+          OpenAI[OpenAI]
+          Anthropic[Anthropic]
+          ThreatIntel[Threat Intelligence]
+      end
+
+      CLI --> API
+      WebUI --> API
+      API --> Orchestrator
+      Orchestrator --> StateMachine
+      StateMachine --> Recon
+      StateMachine --> Vuln
+      StateMachine --> Exploit
+      Exploit --> OpenAI
+      RiskEngine --> ThreatIntel
+  ```
 **Zen-AI-Pentest** is an autonomous, AI-powered penetration testing framework that combines cutting-edge language models with professional security tools. Built for security professionals, bug bounty hunters, and enterprise security teams.
 
 ---

{zen_ai_pentest-2.0.4.dist-info → zen_ai_pentest-2.1.0.dist-info}/RECORD

@@ -12,7 +12,7 @@ agents/react_agent_vm.py,sha256=DF_TMWG_AfWbtvw9s4TB1MAwkFLMRaWpKw2UcM7Pa5U,1112
 agents/research_agent.py,sha256=f_OjmEvgQX1mUdLRlsj3-QMyB1m5J0oHIsTvFkcRijc,6394
 api/__init__.py,sha256=HQ2cFR8t_PlbtgLzir7P1Umzh-syS5iEfCNZky5uL_Y,256
 api/auth.py,sha256=ZqIvj0L0BTAFsytjCznGF53i1kz6DOunhLxd0mPUykA,3934
-api/main.py,sha256=NGXwzpd0LuVMGA2f65PdpIDT3veHNZ4Z0fRDkJxWbx8,32324
+api/main.py,sha256=0sy31LpFZh6SvvGV1qwWV91QLbXMTuZz4o2CnjpWjf0,32801
 api/schemas.py,sha256=nnE-97OOOWpAAenD_sCsCpcLy-SpWW1g2WW902mbihY,10306
 api/websocket.py,sha256=DTDKr48g6RBNCBX6LM1WljR1FLTkoYB-BTm1TtMNaOY,3602
 autonomous/__init__.py,sha256=Gv83jnjasidFfyD6ggCXjJlqjn6YwANLi_b0-kpBSok,2858
@@ -47,18 +47,19 @@ core/plugin_manager.py,sha256=3sG2DMiWbyjAaoydtyz2pXmdJ-G_-SWgCLGs-w_QoSA,19167
 core/rate_limiter.py,sha256=poEYln6DGFs6C6n2rSnqRykax-YDi5NySk4LJnkgCpk,12423
 core/secure_config.py,sha256=tTDVXKoLiGKdfCQkLorgEKw2qdVyPjwhaxwyuFlGD_8,10361
 core/shield_integration.py,sha256=ktL_25WY0JBH5dBNvqcJLw42mQFkKr6ku5lkgH119Mw,9997
-modules/__init__.py,sha256=N9gvXDXbB1jAzQuImM8oZky2W9QwURup6SMEets4BJ0,1366
+modules/__init__.py,sha256=eIfsYjpXtuo4cH4TQOIOrXLa6OXrP168ESPM3OuQYT0,1418
 modules/cve_database.py,sha256=46ucXLdWjEUed4qh4wznn3oWEyoxWay2r3EVgVMmBrg,13137
 modules/exploit_assist.py,sha256=xMcIYgwP6XSNuJDw8hI3FM1GsvvL9B3uMiYE8w-OBbY,10254
 modules/nuclei_integration.py,sha256=2pvFCcTpEpC6M6YV2QWoHBxpKYswoYnD7dX4GJTQnX4,14814
 modules/osint.py,sha256=SZG1rfMQ-zPIasYtKRzFlsjXR3wDSrVLRUtg6extUok,20600
 modules/protonvpn.py,sha256=4G-tLL3JyjJm-ryQIt4-hQTX4eKX_OTZnKFkZaK_F8Q,18133
 modules/recon.py,sha256=utS-wfdRBS7XaGtr1mcpMuetyJcCi2B8LZrAmVJjhcM,5002
+modules/siem_integration.py,sha256=GbG8sbyziItdQhRArNku7pV6yZW8jR9AQgUxU2dvJ98,18594
 modules/sql_injection_db.py,sha256=x9VVIaXkykXo0zFmcPqIMk9gh_CF-Lrs9Ht2hrb9DLk,28945
 modules/tool_orchestrator.py,sha256=6FwR-EMR-HIrLFFimWf5MUMf_AYIYPUuZPaL8oTUNVU,15868
 modules/vuln_scanner.py,sha256=L68uCM1YezXrnbqjhJlslVyQOlM9jejnZHWR8j0B1m8,8617
 modules/wordlist_generator.py,sha256=3qAZseHDKI55x3gAnxKtwN1iMjXSJi1N0uMBnCnogV8,15429
-risk_engine/__init__.py,sha256=LKP5c_eYjSlROfSjXc_5mzmTGsi6odEOg3K1yIdR23U,2360
+risk_engine/__init__.py,sha256=PPGuSptgnMfNM2-DtdgE-5h7CL_0W4FdgUFYqnTgLIw,2424
 risk_engine/business_impact.py,sha256=gAjhNdMLdjx5iQkpPqxb6ugfRL6_1VCc6AIli95kS0E,8657
 risk_engine/business_impact_calculator.py,sha256=9SgIXfhF-EFVwULyWepv1_Wcr_UOSg2E0oO2_VwwTWk,21222
 risk_engine/cvss.py,sha256=iI8clKFSwi9w1xIW2Z9tCScUOmGSGWJrowA9jGWW86I,5397
@@ -67,9 +68,9 @@ risk_engine/example_usage.py,sha256=eM54wLDy3eZtiDGjOSZ4YrsCcEUzfVKjV_A_Pkn07is,
 risk_engine/false_positive_engine.py,sha256=8u0wI3W25fsEq9eXfskUtcHfV3D2V6ElzVSgY_TAA-c,37961
 risk_engine/scorer.py,sha256=BklUfMo26IaOYOJse-mjvY8NwjpbI4UEIlqZ6MhCmwU,10282
 web_ui/backend/main.py,sha256=DTVmsvbDH7EvMmeohbcl8vYyKPyaLU8oHMvwWAqAF8k,15402
-zen_ai_pentest-2.0.4.dist-info/licenses/LICENSE,sha256=C1sNTmgBbFuCm9vPCctuz6pQr4khkgqoQEMUE6cP-FY,1068
-zen_ai_pentest-2.0.4.dist-info/METADATA,sha256=f27GlZvojUOX54PnVcBPJz_pCntJv5T8ifpmI_jfCd8,29761
-zen_ai_pentest-2.0.4.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-zen_ai_pentest-2.0.4.dist-info/entry_points.txt,sha256=qZRuz7yjZdEMiUrfflMiGzMUHUZWasT49-HNE-EKmTE,55
-zen_ai_pentest-2.0.4.dist-info/top_level.txt,sha256=ExWeAuK-0xRpcWS7QsL8LEdPVJy1-Z-83qwOJ1-CERA,80
-zen_ai_pentest-2.0.4.dist-info/RECORD,,
+zen_ai_pentest-2.1.0.dist-info/licenses/LICENSE,sha256=C1sNTmgBbFuCm9vPCctuz6pQr4khkgqoQEMUE6cP-FY,1068
+zen_ai_pentest-2.1.0.dist-info/METADATA,sha256=oq5UetxEhLY1rzImAO6AQvHxrEtu3T2PJDlS6lR6Qkw,30802
+zen_ai_pentest-2.1.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+zen_ai_pentest-2.1.0.dist-info/entry_points.txt,sha256=qZRuz7yjZdEMiUrfflMiGzMUHUZWasT49-HNE-EKmTE,55
+zen_ai_pentest-2.1.0.dist-info/top_level.txt,sha256=ExWeAuK-0xRpcWS7QsL8LEdPVJy1-Z-83qwOJ1-CERA,80
+zen_ai_pentest-2.1.0.dist-info/RECORD,,