Releases
v3.1
Compare
Sorry, something went wrong.
No results found
EVA Release Notes (v3.1)
Major updates made
Massive refactor from single-file EVA into a modular codebase:
modules/ for LLM, workflow, tooling, reporting, attack-map, vuln intel, search and other stuff
sessions/ for storing all sessions, maps and report files.
utils/ for UI/system helpers and utilities.
Added major new providers:
Anthropic Claude backend
Google Gemini backend
Fixed Ollama output parsing
Added full CLI tooling with eva entrypoint:
--search for vulnerability/exploit searching with AI assist, to find quick results for a specific query.
--config to open configure EVA variables
other flags such as --update, --version, --delete
Full UI flow overhaul:
new banner screen
EVA UI revamp with self updater in menu options
Now EVA can generate vulnerability assessment reports in HTML/PDF and Attack Surface maps using html and js libraries.
Ollama + LLM Reliability Upgrades
Reworked Ollama handling with layered fallbacks:
Improved model response parsing:
robust JSON extraction, and with debug output in case of errors.
command extraction fallback when strict JSON is not returned or other exceptions.
Added refusal-retry override path for Ollama in authorized CTF/lab mode, as some models would keep avoiding to respond.
Added output chunking + evidence-lock context for better adherence on the pentest workflow for EVA.
New --search Intel Tool
Added EVA exploit/vulnerability search pipeline powered by configurable Ollama Cloud model (default gpt-oss-120b).
Query expansion + AI powered
Aggregates and ranks findings from:
local searchsploit
NVD
Vulners
GitHub PoC search
Exploit-DB web search
CISA KEV feed
Returns risk scoring, trending signal, AI analyst summary, and safe verification command hints.
Session Workflow, Reporting, and Visualization
Added workflow-aware context builder:
infers pentest stage
extracts service/host signals
tracks tool/wordlist availability
injects vuln-intel hints into prompt context
Added command hardening helpers:
tool detection + install one-liners (still not 100% though, working on it)
missing local path checks (as for wordlists and whatsoever)
sudo normalization + scanner sudo enforcement
Added /report:
concise HTML report generation
optional PDF via wkhtmltopdf
Added /viewmap:
interactive attack-map HTML + JSON generation
node/edge visualization for target/services/software/users/CVEs/workflow steps
Config, Packaging, and Update Flow
Centralized runtime config in config.py:
Standardized EVA data directories under ~/EVA_data:
sessions/
reports/
attack_maps/
Added self-update flow (CLI + session menu), with restart attempt after successful update.
You can’t perform that action at this time.