Releases: s0ld13rr/pentestcode
Releases · s0ld13rr/pentestcode
Release list
v0.1.7
What's Changed
- Lowercase logo — redesigned TUI logo with lowercase block letters
dnow has a clear full-block ascender, unmistakably different fromophas a descender,thas narrow crossbar style- Consistent letter forms across both words
- Red + white colors — "pentest" in red, "code" in white bold
- Cleaner look — removed shadow marks from right side letters
- Includes Wave 3 completion (attack path derivation, agent context carry, inter-agent communication)
Full Changelog: v0.1.5...v0.1.7
v0.1.5
What's New
Competitive Gap Closure
- Decision memory context injection — last 5 decisions + failure escalation in prompt every turn
- Evidence chain extension —
reasoning,source_agent,attempt_number,verification_statuson every finding - 3 webapp tools:
sqlmap_parse,xss_detect,jwt_analyze - 2 pivot/tunnel tools:
tunnel_manage,pivot_suggest(BFS path-finding over relationship graph) - Benchmark infrastructure:
bench/verify-claims.ts— 32/32 checks, 5 challenge definitions - NetExec migration: all
crackmapexecreferences →netexec
Session Critique Fixes (from real Standoff365 testing)
- Mandatory parser workflow — all 9 agent prompts now bind bash commands to parser tools (nmap→nmap_parse, netexec→cme_parse, nuclei→nuclei_parse, etc.)
- Batch state_update — new
batchaction accepts{operations: [{action,data},...]}(max 100). Turns 40 sequential LLM steps into 1. - Context size reduction — caps on vulns/host, services/host, relationships. OODA deduplication. Conditional injection: full state every 8 turns, summary on others. ~75% token reduction.
- Parallel dispatch strengthening — CORRECT/WRONG examples in orchestrator-mode.txt and pentest.txt
Fixes
- Uninstall now auto-removes binary instead of asking user to
rmmanually
Full Changelog
v0.1.4
What's New
Competitive Gap Closure
- Decision memory context injection — last 5 decisions + failure escalation in prompt every turn
- Evidence chain extension —
reasoning,source_agent,attempt_number,verification_statuson every finding - 3 webapp tools:
sqlmap_parse,xss_detect,jwt_analyze - 2 pivot/tunnel tools:
tunnel_manage,pivot_suggest(BFS path-finding over relationship graph) - Benchmark infrastructure:
bench/verify-claims.ts— 32/32 checks, 5 challenge definitions - NetExec migration: all
crackmapexecreferences →netexec
Session Critique Fixes (from real Standoff365 testing)
- Mandatory parser workflow — all 9 agent prompts now bind bash commands to parser tools (nmap→nmap_parse, netexec→cme_parse, nuclei→nuclei_parse, etc.). Anti-patterns documented.
- Batch state_update — new
batchaction accepts{operations: [{action,data},...]}(max 100). Turns 40 sequential LLM steps into 1 for initial engagement setup. - Context size reduction —
toCompactContext()caps: 10 vulns/host, 15 services/host, 30 relationships. OODA fields deduplicated. Conditional injection: full state every 8 turns, summary on others. ~75% token reduction. - Parallel dispatch strengthening — CORRECT/WRONG examples in orchestrator-mode.txt and pentest.txt
Full Changelog
v0.1.3
PentestCode v0.1.3
AI penetration testing agent for the terminal.
What's New
- Wave 1: Confidence scoring, structured evidence, changelog
- Wave 2: State diff injection, auto-critic, entity relationships, phase quality gates
- Wave 3: Decision memory, alert queue, OODA structured reasoning
- Agent Quality: Tool knowledge in prompts, inter-agent communication, session/shell tracking, network segmentation model
- Full rename:
@opencode-ai→@pentestcodeacross entire codebase - 12 specialist agents: pentest, recon, scanner, enumerator, exploiter, reporter, identity, infrastructure, post_exploit, exploit_dev, critic, webapp
Install
Linux/macOS:
curl -fsSL https://github.com/s0ld13rr/pentestcode/releases/latest/download/install.sh | shWindows (PowerShell):
irm https://github.com/s0ld13rr/pentestcode/releases/latest/download/install.ps1 | iexOr download the binary for your platform below.