zen-ai-pentest 2.0.4__tar.gz → 2.1.0__tar.gz

{zen_ai_pentest-2.0.4 → zen_ai_pentest-2.1.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: zen-ai-pentest
-Version: 2.0.4
+Version: 2.1.0
 Summary: Advanced AI-Powered Penetration Testing Framework with Multi-Agent Orchestration
 Home-page: https://github.com/SHAdd0WTAka/zen-ai-pentest
 Author: SHAdd0WTAka
@@ -63,10 +63,53 @@ Dynamic: requires-python
 [![Docker](https://img.shields.io/badge/Docker-Ready-blue)](docker/)
 [![Tests](https://img.shields.io/badge/Tests-pytest-brightgreen)](tests/)
 [![PyPI](https://img.shields.io/pypi/v/zen-ai-pentest)](https://pypi.org/project/zen-ai-pentest/)
-[![Version](https://img.shields.io/badge/Version-2.0.3-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
+[![Version](https://img.shields.io/badge/Version-2.0.4-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
 [![Authors](https://img.shields.io/badge/Authors-SHAdd0WTAka%20%7C%20KimiAI-purple)](#-authors--team)
 [![Roadmap](https://img.shields.io/badge/Roadmap-2026-blueviolet)](ROADMAP_2026.md)
-
+[![Architecture](https://img.shields.io/badge/Architecture-Diagram-blue)](docs/architecture.md)
+```mermaid
+  graph TB
+      subgraph "User Interface"
+          CLI[CLI]
+          API[REST API]
+          WebUI[Web UI]
+      end
+
+      subgraph "Core Engine"
+          Orchestrator[Agent Orchestrator]
+          StateMachine[State Machine]
+          RiskEngine[Risk Engine]
+      end
+
+      subgraph "AI Agents"
+          Recon[Reconnaissance]
+          Vuln[Vulnerability]
+          Exploit[Exploit]
+          Report[Report]
+      end
+
+      subgraph "Tools"
+          Nmap[Nmap]
+          SQLMap[SQLMap]
+          Metasploit[Metasploit]
+      end
+
+      subgraph "External APIs"
+          OpenAI[OpenAI]
+          Anthropic[Anthropic]
+          ThreatIntel[Threat Intelligence]
+      end
+
+      CLI --> API
+      WebUI --> API
+      API --> Orchestrator
+      Orchestrator --> StateMachine
+      StateMachine --> Recon
+      StateMachine --> Vuln
+      StateMachine --> Exploit
+      Exploit --> OpenAI
+      RiskEngine --> ThreatIntel
+  ```
 **Zen-AI-Pentest** is an autonomous, AI-powered penetration testing framework that combines cutting-edge language models with professional security tools. Built for security professionals, bug bounty hunters, and enterprise security teams.
 
 ---

{zen_ai_pentest-2.0.4 → zen_ai_pentest-2.1.0}/README.md

@@ -8,10 +8,53 @@
 [![Docker](https://img.shields.io/badge/Docker-Ready-blue)](docker/)
 [![Tests](https://img.shields.io/badge/Tests-pytest-brightgreen)](tests/)
 [![PyPI](https://img.shields.io/pypi/v/zen-ai-pentest)](https://pypi.org/project/zen-ai-pentest/)
-[![Version](https://img.shields.io/badge/Version-2.0.3-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
+[![Version](https://img.shields.io/badge/Version-2.0.4-orange)](https://github.com/SHAdd0WTAka/zen-ai-pentest/releases)
 [![Authors](https://img.shields.io/badge/Authors-SHAdd0WTAka%20%7C%20KimiAI-purple)](#-authors--team)
 [![Roadmap](https://img.shields.io/badge/Roadmap-2026-blueviolet)](ROADMAP_2026.md)
-
+[![Architecture](https://img.shields.io/badge/Architecture-Diagram-blue)](docs/architecture.md)
+```mermaid
+  graph TB
+      subgraph "User Interface"
+          CLI[CLI]
+          API[REST API]
+          WebUI[Web UI]
+      end
+
+      subgraph "Core Engine"
+          Orchestrator[Agent Orchestrator]
+          StateMachine[State Machine]
+          RiskEngine[Risk Engine]
+      end
+
+      subgraph "AI Agents"
+          Recon[Reconnaissance]
+          Vuln[Vulnerability]
+          Exploit[Exploit]
+          Report[Report]
+      end
+
+      subgraph "Tools"
+          Nmap[Nmap]
+          SQLMap[SQLMap]
+          Metasploit[Metasploit]
+      end
+
+      subgraph "External APIs"
+          OpenAI[OpenAI]
+          Anthropic[Anthropic]
+          ThreatIntel[Threat Intelligence]
+      end
+
+      CLI --> API
+      WebUI --> API
+      API --> Orchestrator
+      Orchestrator --> StateMachine
+      StateMachine --> Recon
+      StateMachine --> Vuln
+      StateMachine --> Exploit
+      Exploit --> OpenAI
+      RiskEngine --> ThreatIntel
+  ```
 **Zen-AI-Pentest** is an autonomous, AI-powered penetration testing framework that combines cutting-edge language models with professional security tools. Built for security professionals, bug bounty hunters, and enterprise security teams.
 
 ---

{zen_ai_pentest-2.0.4 → zen_ai_pentest-2.1.0}/api/main.py

@@ -60,7 +60,7 @@ async def lifespan(app: FastAPI):
 app = FastAPI(
     title="Zen-AI-Pentest API",
     description="Professional Pentesting Framework API",
-    version="2.0.0",
+    version="2.1.0",
     lifespan=lifespan
 )
 
@@ -500,7 +500,7 @@ async def health_check():
     """Health check endpoint"""
     return {
         "status": "healthy",
-        "version": "2.0.0",
+        "version": "2.1.0",
         "timestamp": datetime.utcnow().isoformat()
     }
 
@@ -1022,6 +1022,18 @@ async def create_jira_ticket(
 # Import models for reports
 from database.models import Report
 
+# ============================================================================
+# API v1.0 (Q1 2026)
+# ============================================================================
+
+# Import v1 router
+try:
+    from api.v1.siem import router as siem_v1_router
+    app.include_router(siem_v1_router, prefix="/api/v1/siem", tags=["SIEM v1.0"])
+    logger.info("API v1.0 SIEM endpoints loaded")
+except ImportError as e:
+    logger.warning(f"Could not load API v1.0 endpoints: {e}")
+
 if __name__ == "__main__":
     import uvicorn
     uvicorn.run(app, host="0.0.0.0", port=8000)

zen_ai_pentest-2.1.0/docs/architecture.md

@@ -0,0 +1,119 @@
+# Zen AI Pentest Architecture
+
+## System Architecture Diagram
+
+```mermaid
+graph TB
+    subgraph "User Interface Layer"
+        CLI[CLI Interface]
+        API[REST API / FastAPI]
+        WebUI[React Web UI]
+    end
+
+    subgraph "Core Engine"
+        Orchestrator[Agent Orchestrator]
+        StateMachine[State Machine<br/>IDLE → PLANNING → EXECUTING → OBSERVING]
+        Memory[Memory System<br/>Short-term / Long-term]
+        RiskEngine[Risk Engine<br/>Scoring & Validation]
+    end
+
+    subgraph "AI Agents"
+        ReconAgent[Reconnaissance Agent]
+        VulnAgent[Vulnerability Agent]
+        ExploitAgent[Exploit Agent]
+        ReportAgent[Report Agent]
+        Consensus[LLM Voting Consensus]
+    end
+
+    subgraph "Tool Integration"
+        Nmap[Nmap]
+        Gobuster[Gobuster]
+        SQLMap[SQLMap]
+        Metasploit[Metasploit]
+        CustomTools[Custom Tools]
+    end
+
+    subgraph "Data Storage"
+        Evidence[Evidence Collection]
+        Logs[Audit Logs]
+        Reports[Generated Reports]
+        CVE_DB[CVE Database]
+    end
+
+    subgraph "External APIs"
+        OpenAI[OpenAI API]
+        Anthropic[Anthropic API]
+        Ollama[Local Ollama]
+        ThreatIntel[Threat Intelligence<br/>ThreatFox / URLhaus]
+    end
+
+    CLI --> API
+    WebUI --> API
+    API --> Orchestrator
+    
+    Orchestrator --> StateMachine
+    Orchestrator --> Memory
+    Orchestrator --> RiskEngine
+    
+    StateMachine --> ReconAgent
+    StateMachine --> VulnAgent
+    StateMachine --> ExploitAgent
+    StateMachine --> ReportAgent
+    
+    ReconAgent --> Nmap
+    ReconAgent --> Gobuster
+    VulnAgent --> SQLMap
+    ExploitAgent --> Metasploit
+    
+    ReconAgent --> Consensus
+    VulnAgent --> Consensus
+    ExploitAgent --> Consensus
+    
+    Consensus --> OpenAI
+    Consensus --> Anthropic
+    Consensus --> Ollama
+    
+    RiskEngine --> ThreatIntel
+    RiskEngine --> CVE_DB
+    
+    ExploitAgent --> Evidence
+    ReportAgent --> Reports
+    Orchestrator --> Logs
+```
+
+## Component Overview
+
+### 1. User Interface Layer
+- **CLI**: Command-line interface for scripting and automation
+- **REST API**: FastAPI-based backend for web integration
+- **Web UI**: React-based dashboard for interactive use
+
+### 2. Core Engine
+- **Agent Orchestrator**: Manages multi-agent workflow and task distribution
+- **State Machine**: Implements ReAct pattern (Reason → Act → Observe → Reflect)
+- **Memory System**: Maintains context across sessions
+- **Risk Engine**: Validates findings and calculates risk scores
+
+### 3. AI Agents
+Specialized agents for different penetration testing phases:
+- **Reconnaissance**: Network scanning and enumeration
+- **Vulnerability**: Identifies security weaknesses
+- **Exploit**: Attempts controlled exploitation
+- **Report**: Generates comprehensive reports
+
+### 4. Tool Integration
+Integrates with industry-standard security tools:
+- Nmap, Gobuster, SQLMap, Metasploit
+- Custom exploitation modules
+
+### 5. External APIs
+- **LLM Providers**: OpenAI, Anthropic, Local Ollama
+- **Threat Intelligence**: Real-time threat data
+
+## Data Flow
+
+1. User input → API → Orchestrator
+2. Orchestrator selects appropriate agent
+3. Agent uses tools and AI consensus
+4. Results validated by Risk Engine
+5. Evidence collected and reports generated

zen_ai_pentest-2.1.0/docs/architecture.svg

@@ -0,0 +1,112 @@
+<svg viewBox="0 0 1000 700" xmlns="http://www.w3.org/2000/svg">
+  <!-- Background -->
+  <rect width="1000" height="700" fill="#f8f9fa"/>
+  
+  <!-- Title -->
+  <text x="500" y="30" text-anchor="middle" font-size="24" font-weight="bold" fill="#212529">Zen AI Pentest Architecture</text>
+  
+  <!-- User Interface Layer -->
+  <rect x="50" y="60" width="280" height="100" rx="10" fill="#e3f2fd" stroke="#1976d2" stroke-width="2"/>
+  <text x="190" y="85" text-anchor="middle" font-size="14" font-weight="bold" fill="#1565c0">User Interface Layer</text>
+  <rect x="70" y="100" width="70" height="40" rx="5" fill="#fff" stroke="#1976d2"/>
+  <text x="105" y="125" text-anchor="middle" font-size="11" fill="#1565c0">CLI</text>
+  <rect x="155" y="100" width="70" height="40" rx="5" fill="#fff" stroke="#1976d2"/>
+  <text x="190" y="125" text-anchor="middle" font-size="11" fill="#1565c0">REST API</text>
+  <rect x="240" y="100" width="70" height="40" rx="5" fill="#fff" stroke="#1976d2"/>
+  <text x="275" y="125" text-anchor="middle" font-size="11" fill="#1565c0">Web UI</text>
+  
+  <!-- Core Engine -->
+  <rect x="350" y="60" width="300" height="120" rx="10" fill="#fff3e0" stroke="#f57c00" stroke-width="2"/>
+  <text x="500" y="85" text-anchor="middle" font-size="14" font-weight="bold" fill="#e65100">Core Engine</text>
+  <rect x="370" y="100" width="120" height="30" rx="5" fill="#fff" stroke="#f57c00"/>
+  <text x="430" y="120" text-anchor="middle" font-size="11" fill="#e65100">Agent Orchestrator</text>
+  <rect x="510" y="100" width="120" height="30" rx="5" fill="#fff" stroke="#f57c00"/>
+  <text x="570" y="120" text-anchor="middle" font-size="11" fill="#e65100">State Machine</text>
+  <rect x="370" y="140" width="120" height="30" rx="5" fill="#fff" stroke="#f57c00"/>
+  <text x="430" y="160" text-anchor="middle" font-size="11" fill="#e65100">Memory System</text>
+  <rect x="510" y="140" width="120" height="30" rx="5" fill="#fff" stroke="#f57c00"/>
+  <text x="570" y="160" text-anchor="middle" font-size="11" fill="#e65100">Risk Engine</text>
+  
+  <!-- AI Agents -->
+  <rect x="50" y="200" width="280" height="140" rx="10" fill="#e8f5e9" stroke="#388e3c" stroke-width="2"/>
+  <text x="190" y="225" text-anchor="middle" font-size="14" font-weight="bold" fill="#2e7d32">AI Agents</text>
+  <rect x="70" y="245" width="110" height="35" rx="5" fill="#fff" stroke="#388e3c"/>
+  <text x="125" y="267" text-anchor="middle" font-size="10" fill="#2e7d32">Reconnaissance</text>
+  <rect x="200" y="245" width="110" height="35" rx="5" fill="#fff" stroke="#388e3c"/>
+  <text x="255" y="267" text-anchor="middle" font-size="10" fill="#2e7d32">Vulnerability</text>
+  <rect x="70" y="290" width="110" height="35" rx="5" fill="#fff" stroke="#388e3c"/>
+  <text x="125" y="312" text-anchor="middle" font-size="10" fill="#2e7d32">Exploit Agent</text>
+  <rect x="200" y="290" width="110" height="35" rx="5" fill="#fff" stroke="#388e3c"/>
+  <text x="255" y="312" text-anchor="middle" font-size="10" fill="#2e7d32">Report Agent</text>
+  
+  <!-- Tool Integration -->
+  <rect x="50" y="360" width="280" height="100" rx="10" fill="#fce4ec" stroke="#c2185b" stroke-width="2"/>
+  <text x="190" y="385" text-anchor="middle" font-size="14" font-weight="bold" fill="#ad1457">Tool Integration</text>
+  <rect x="70" y="400" width="50" height="30" rx="5" fill="#fff" stroke="#c2185b"/>
+  <text x="95" y="420" text-anchor="middle" font-size="10" fill="#ad1457">Nmap</text>
+  <rect x="130" y="400" width="70" height="30" rx="5" fill="#fff" stroke="#c2185b"/>
+  <text x="165" y="420" text-anchor="middle" font-size="10" fill="#ad1457">Gobuster</text>
+  <rect x="210" y="400" width="50" height="30" rx="5" fill="#fff" stroke="#c2185b"/>
+  <text x="235" y="420" text-anchor="middle" font-size="10" fill="#ad1457">SQLMap</text>
+  <rect x="70" y="440" width="80" height="30" rx="5" fill="#fff" stroke="#c2185b"/>
+  <text x="110" y="458" text-anchor="middle" font-size="9" fill="#ad1457">Metasploit</text>
+  <rect x="160" y="440" width="100" height="30" rx="5" fill="#fff" stroke="#c2185b"/>
+  <text x="210" y="458" text-anchor="middle" font-size="9" fill="#ad1457">Custom Tools</text>
+  
+  <!-- External APIs -->
+  <rect x="670" y="60" width="280" height="120" rx="10" fill="#f3e5f5" stroke="#7b1fa2" stroke-width="2"/>
+  <text x="810" y="85" text-anchor="middle" font-size="14" font-weight="bold" fill="#6a1b9a">External APIs</text>
+  <rect x="690" y="100" width="70" height="35" rx="5" fill="#fff" stroke="#7b1fa2"/>
+  <text x="725" y="122" text-anchor="middle" font-size="10" fill="#6a1b9a">OpenAI</text>
+  <rect x="775" y="100" width="80" height="35" rx="5" fill="#fff" stroke="#7b1fa2"/>
+  <text x="815" y="122" text-anchor="middle" font-size="10" fill="#6a1b9a">Anthropic</text>
+  <rect x="690" y="145" width="70" height="35" rx="5" fill="#fff" stroke="#7b1fa2"/>
+  <text x="725" y="165" text-anchor="middle" font-size="10" fill="#6a1b9a">Ollama</text>
+  <rect x="775" y="145" width="155" height="35" rx="5" fill="#fff" stroke="#7b1fa2"/>
+  <text x="852" y="165" text-anchor="middle" font-size="9" fill="#6a1b9a">Threat Intelligence</text>
+  
+  <!-- Data Storage -->
+  <rect x="670" y="200" width="280" height="140" rx="10" fill="#e0f2f1" stroke="#00796b" stroke-width="2"/>
+  <text x="810" y="225" text-anchor="middle" font-size="14" font-weight="bold" fill="#00695c">Data Storage</text>
+  <rect x="690" y="245" width="110" height="35" rx="5" fill="#fff" stroke="#00796b"/>
+  <text x="745" y="267" text-anchor="middle" font-size="10" fill="#00695c">Evidence</text>
+  <rect x="820" y="245" width="110" height="35" rx="5" fill="#fff" stroke="#00796b"/>
+  <text x="875" y="267" text-anchor="middle" font-size="10" fill="#00695c">Audit Logs</text>
+  <rect x="690" y="290" width="110" height="35" rx="5" fill="#fff" stroke="#00796b"/>
+  <text x="745" y="312" text-anchor="middle" font-size="10" fill="#00695c">Reports</text>
+  <rect x="820" y="290" width="110" height="35" rx="5" fill="#fff" stroke="#00796b"/>
+  <text x="875" y="312" text-anchor="middle" font-size="10" fill="#00695c">CVE Database</text>
+  
+  <!-- Arrows -->
+  <!-- UI to Core -->
+  <line x1="330" y1="110" x2="350" y2="110" stroke="#333" stroke-width="2" marker-end="url(#arrowhead)"/>
+  
+  <!-- Core to Agents -->
+  <line x1="350" y1="180" x2="330" y2="260" stroke="#333" stroke-width="2" marker-end="url(#arrowhead)"/>
+  
+  <!-- Agents to Tools -->
+  <line x1="125" y1="340" x2="125" y2="360" stroke="#333" stroke-width="2" marker-end="url(#arrowhead)"/>
+  
+  <!-- Core to External -->
+  <line x1="650" y1="120" x2="670" y2="120" stroke="#333" stroke-width="2" marker-end="url(#arrowhead)"/>
+  
+  <!-- Core to Storage -->
+  <line x1="650" y1="200" x2="670" y2="260" stroke="#333" stroke-width="2" marker-end="url(#arrowhead)"/>
+  
+  <!-- Arrow marker -->
+  <defs>
+    <marker id="arrowhead" markerWidth="10" markerHeight="7" refX="9" refY="3.5" orient="auto">
+      <polygon points="0 0, 10 3.5, 0 7" fill="#333"/>
+    </marker>
+  </defs>
+  
+  <!-- Legend -->
+  <rect x="50" y="480" width="900" height="200" rx="10" fill="#fff" stroke="#ddd" stroke-width="1"/>
+  <text x="500" y="510" text-anchor="middle" font-size="16" font-weight="bold" fill="#333">Data Flow</text>
+  <text x="70" y="540" font-size="12" fill="#555">1. User input → API → Orchestrator</text>
+  <text x="70" y="565" font-size="12" fill="#555">2. Orchestrator selects appropriate agent based on state</text>
+  <text x="70" y="590" font-size="12" fill="#555">3. Agent uses security tools and AI consensus</text>
+  <text x="70" y="615" font-size="12" fill="#555">4. Risk Engine validates findings with threat intelligence</text>
+  <text x="70" y="640" font-size="12" fill="#555">5. Evidence collected, reports generated, audit trail maintained</text>
+  <text x="70" y="665" font-size="12" fill="#555">6. Results presented via CLI, API, or Web UI</text>
+</svg>

{zen_ai_pentest-2.0.4 → zen_ai_pentest-2.1.0}/modules/__init__.py

@@ -10,7 +10,7 @@ from .osint import (DomainInfo, EmailProfile, OSINTModule, OSINTResult,
 from .protonvpn import (ProtonVPNManager, VPNProtocol, VPNSecurityLevel,
                         VPNServer, VPNStatus, quick_connect, secure_connect)
 from .recon import ReconModule
-from .report_gen import ReportGenerator
+# from .report_gen import ReportGenerator  # Module not available
 from .sql_injection_db import (DBType, SQLInjectionDatabase, SQLITechnique,
                                SQLPayload)
 from .vuln_scanner import VulnScannerModule
@@ -19,7 +19,7 @@ __all__ = [
     "ReconModule",
     "VulnScannerModule",
     "ExploitAssistModule",
-    "ReportGenerator",
+    # "ReportGenerator",  # Module not available
     "NucleiIntegration",
     "NucleiTemplateManager",
     "SQLInjectionDatabase",