Releases: ARCANGEL0/EVA
Releases · ARCANGEL0/EVA
Release list
v3.1
EVA Release Notes (v3.1)
Major updates made
- Massive refactor from single-file EVA into a modular codebase:
modules/for LLM, workflow, tooling, reporting, attack-map, vuln intel, search and other stuffsessions/for storing all sessions, maps and report files.utils/for UI/system helpers and utilities.
- Added major new providers:
- Anthropic Claude backend
- Google Gemini backend
- Fixed Ollama output parsing
- Added full CLI tooling with
evaentrypoint:--searchfor vulnerability/exploit searching with AI assist, to find quick results for a specific query.--configto open configure EVA variables- other flags such as
--update,--version,--delete
- Full UI flow overhaul:
- new banner screen
- EVA UI revamp with self updater in menu options
- Now EVA can generate vulnerability assessment reports in HTML/PDF and Attack Surface maps using html and js libraries.
Ollama + LLM Reliability Upgrades
- Reworked Ollama handling with layered fallbacks:
- Improved model response parsing:
- robust JSON extraction, and with debug output in case of errors.
- command extraction fallback when strict JSON is not returned or other exceptions.
- Added refusal-retry override path for Ollama in authorized CTF/lab mode, as some models would keep avoiding to respond.
- Added output chunking + evidence-lock context for better adherence on the pentest workflow for EVA.
New --search Intel Tool
- Added EVA exploit/vulnerability search pipeline powered by configurable Ollama Cloud model (default gpt-oss-120b).
- Query expansion + AI powered
- Aggregates and ranks findings from:
- local
searchsploit - NVD
- Vulners
- GitHub PoC search
- Exploit-DB web search
- CISA KEV feed
- local
- Returns risk scoring, trending signal, AI analyst summary, and safe verification command hints.
Session Workflow, Reporting, and Visualization
- Added workflow-aware context builder:
- infers pentest stage
- extracts service/host signals
- tracks tool/wordlist availability
- injects vuln-intel hints into prompt context
- Added command hardening helpers:
- tool detection + install one-liners (still not 100% though, working on it)
- missing local path checks (as for wordlists and whatsoever)
- sudo normalization + scanner sudo enforcement
- Added
/report:- concise HTML report generation
- optional PDF via
wkhtmltopdf
- Added
/viewmap:- interactive attack-map HTML + JSON generation
- node/edge visualization for target/services/software/users/CVEs/workflow steps
Config, Packaging, and Update Flow
- Centralized runtime config in
config.py: - Standardized EVA data directories under
~/EVA_data:sessions/reports/attack_maps/
- Added self-update flow (CLI + session menu), with restart attempt after successful update.