2.3.0 - 2026-03-14

Added

• Global Settings Page — new /settings page (gear icon in header) for managing all user-level configuration through the UI. AI provider keys and Tavily API key are configured exclusively here — no .env file needed. Two sections:

  • LLM Providers — add, edit, delete, and test LLM provider configurations stored per-user in the database. Supports five provider types:
    • OpenAI, Anthropic, OpenRouter — enter API key, all models auto-discovered
    • AWS Bedrock — enter AWS credentials + region, foundation models auto-discovered
    • OpenAI-Compatible — single endpoint+model configuration with presets for Ollama, vLLM, LM Studio, Groq, Together AI, Fireworks AI, Mistral AI, and Deepinfra. Supports custom base URL, headers, timeout, temperature, and max tokens
  • Tool API Keys — Tavily API key (web search), Shodan API key (internet-wide OSINT), and SerpAPI key (Google dorking)

• Test Connection — each LLM provider can be tested before saving with a "Test Connection" button that sends a simple message and shows the response

• DB-only settings — AI provider keys and Tavily API key are stored exclusively in the database (per-user). No env-var fallback — .env is reserved for infrastructure variables only (NVD, tunneling, database credentials, ports)

• Prisma schema — added UserLlmProvider and UserSettings models with relations to User

• Centralized LLM setup — CypherFix triage and codefix orchestrators now use the shared setup_llm() function instead of duplicating provider routing logic

• Pentest Report Generation — generate professional, client-ready penetration testing reports as self-contained HTML files from the /reports page. Reports compile all reconnaissance data, vulnerability findings, CVE intelligence, attack chain results, and remediation recommendations into an 11-section document (Cover, Executive Summary, Scope & Methodology, Risk Summary, Findings, Other Vulnerability Details, Attack Surface, CVE Intelligence, GitHub Secrets, Attack Chains, Recommendations, Appendix). Features include:

  • LLM-generated narratives — when an AI model is configured, six report sections receive detailed prose: executive summary (8–12 paragraphs), scope, risk analysis, findings context, attack surface analysis, and exhaustive prioritized remediation triage. Falls back gracefully to data-only reports when no LLM is available
  • Security Posture Radar — inline SVG 6-axis radar chart in the Risk Summary section showing Attack Surface, Vulnerability Density, Exploitability, Certificate Health, Injectable Parameters, and Security Header coverage using logarithmic normalization
  • Security Headers Gap Analysis — per-header weighted coverage bars (HSTS, CSP, X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy) with color-coded thresholds
  • CISA KEV Callout — prominent alert box highlighting Known Exploited Vulnerabilities when present
  • Injectable Parameters Breakdown — summary and per-position injection risk analysis with visual bars
  • Attack Flow Chains — Technology → CVE → CWE → CAPEC flow table showing complete attack paths
  • CDN Coverage visualization — ratio of CDN-fronted vs directly exposed IPs in the Attack Surface section
  • Project-specific generation — dedicated project selector dropdown on the reports page (independent of the top bar selection)
  • Download and Open — separate buttons to save the HTML file locally or open in a new browser tab
  • Print/PDF optimized — page breaks, print-friendly CSS, and clean SVG/CSS bar rendering for Ctrl+P export
  • Export/Import support — reports (metadata + HTML files) are included in project export ZIP archives and fully restored on import
  • Wiki documentation — new Pentest Reports wiki page with example report download

• Target Guardrail — LLM-based safety check that prevents targeting unauthorized domains and IPs. Blocks government sites (.gov, .mil), major tech companies, financial institutions, social media platforms, and other well-known public services. Two layers: project creation (fail-open) and agent initialization (fail-closed). For IP mode, public IPs are resolved via reverse DNS before evaluation; private/RFC1918 IPs are auto-allowed. Blocked targets show a centered modal with the reason.

• Expanded CPE Technology Mappings — CPE_MAPPINGS table in recon/helpers/cve_helpers.py expanded from 82 to 133 entries, significantly improving CVE lookup accuracy for Wappalyzer-detected technologies. New coverage includes:

  • CMS: Magento, Ghost, TYPO3, Concrete CMS, Craft CMS, Strapi, Umbraco, Adobe Experience Manager, Sitecore, DNN, Kentico
  • Web Frameworks: CodeIgniter, Symfony, CakePHP, Yii, Nuxt.js, Apache Struts, Adobe ColdFusion
  • JavaScript Libraries: Moment.js, Lodash, Handlebars, Ember.js, Backbone.js, Dojo, CKEditor, TinyMCE, Prototype
  • E-commerce: PrestaShop, OpenCart, osCommerce, Zen Cart, WooCommerce
  • Message Boards / Community: Discourse, phpBB, vBulletin, MyBB, Flarum, NodeBB, Mastodon, Mattermost
  • Wikis: MediaWiki, Atlassian Confluence, DokuWiki, XWiki
  • Issue Trackers / DevOps: Atlassian Jira, Atlassian Bitbucket, Bugzilla, Redmine, Gitea, TeamCity, Artifactory
  • Hosting Panels: cPanel, Plesk, DirectAdmin
  • Web Servers: OpenResty, Deno, Tengine
  • Databases: SQLite, Apache Solr, Adminer
  • Security / Network: Kong, F5 BIG-IP, Pulse Secure
  • Webmail: Zimbra, SquirrelMail
  • 29 new normalize_product_name() aliases for Wappalyzer output variations (e.g., "Atlassian Jira" → "jira", "Moment" → "moment.js", "Concrete5" → "concrete cms")
  • 6 new skip_list entries (Cloudflare, Google Analytics, Google Tag Manager, Facebook Pixel, Hotjar, Google Font API) to avoid wasting NVD API calls on SaaS/CDN technologies

• Insights Dashboard — Real-time analytics page (/insights) with interactive charts and tables covering attack chains, exploit successes, finding severity, targets attacked, strategic decisions, vulnerability distributions, attack surface composition, and agent activity. All data is pulled directly from the Neo4j graph and organized into sections: Attack Chains & Exploits, Attack Surface, Vulnerabilities & CVE Intelligence, Graph Overview, and Activity & Timeline.

• Rules of Engagement (RoE) — upload a RoE document (PDF, TXT, MD, DOCX) at project creation and an LLM auto-parses it into structured settings enforced across the entire platform:

  • Document upload & parsing — file upload area in the RoE tab of the project form (create mode only). The agent extracts client info, scope, exclusions, time windows, testing permissions, rate limits, data handling policies, compliance frameworks, and more into 30+ structured fields
  • Three enforcement layers — (1) agent prompt injection: structured RULES OF ENGAGEMENT (MANDATORY) section injected into every reasoning step with excluded hosts, permissions, and constraints; (2) hard gate in execute_tool_node: deterministic code blocks forbidden tools, forbidden categories, permission flags, and phase cap violations regardless of LLM output; (3) recon pipeline: excluded hosts filtered from target lists, rate limits capped via min(tool_rate, global_max), time window blocks scan starts outside allowed hours
  • 30+ RoE project fields — client & engagement info, excluded hosts with reasons, time windows (days/hours/timezone), 6 testing permission toggles (DoS, social engineering, physical access, data exfiltration, account lockout, production testing), forbidden tool/category lists, max severity phase cap, global rate limit, sensitive data handling policy, data retention, encryption requirements, status update frequency, critical finding notification, incident procedure, compliance frameworks, third-party providers, and free-text notes
  • RoE Viewer tab on the graph dashboard — formatted read-only view with cards for engagement, scope, exclusions, time window (live ACTIVE/OUTSIDE WINDOW status), testing permissions (green/red badge grid), constraints, data handling, communication, compliance, and notes. Download button for the original uploaded document
  • RoE toolbar badge — blue "RoE" badge on the graph toolbar when engagement guardrails are active
  • Smart tool restriction parsing — only explicitly banned tools (e.g., "do not use Hydra") are disabled; "discouraged" or "use with caution" language is noted in the prompt but does not disable tools. Phase restrictions use roeMaxSeverityPhase instead of stripping phases from individual tools
  • Export/import support — RoE document binary is base64-encoded in project exports and restored on import. All RoE fields are included in the export ZIP
  • Cascade deletion — all RoE data (fields + document binary) deleted with the project via Prisma cascade
  • One-way at creation only — RoE settings become read-only after project creation to prevent mid-engagement modification
  • Based on industry standards: PTES, SANS, NIST SP 800-115, Microsoft RoE, HackerOne, Red Team Guide

• Emergency PAUSE ALL button — red/yellow danger-styled button on the Graph toolbar that instantly freezes every running pipeline (Recon, GVM, GitHub Hunt) and stops all AI agent conversations in one click. Shows "PAUSING..." with spinner during operation. Always visible on the toolbar, disabled when nothing is running. New POST /emergency-stop-all endpoint on the agent service cancels all active agent tasks via the WebSocket manager

• Wave Runner (Parallel Tool Plans) — when the LLM identifies two or more independent tools that don't depend on each other's outputs, it groups them into a wave and executes them concurrently via asyncio.gather() instead of sequentially. K...

2.2.0 - 2026-03-05

Added

• Pipeline Pause / Resume / Stop Controls — full lifecycle management for all three pipelines (Recon, GVM Scan, GitHub Secret Hunt):
  • Pause — freezes the running container via Docker cgroups (container.pause()). Zero changes to scan scripts; processes resume exactly where they left off
  • Resume — unfreezes the container (container.unpause()), logs resume streaming instantly
  • Stop — kills the container permanently. Paused containers are unpaused before stopping to avoid cgroup issues. Sub-containers (naabu, httpx, nuclei, etc.) are also cleaned up
  • Toolbar UI — when running: spinner + Pause button + Stop button. When paused: Resume button + Stop button. When stopping: "Stopping..." with disabled controls
  • Logs drawer controls — pause/resume and stop buttons in the status bar, with Paused status indicator and spinner during stopping
  • Optimistic UI — stop button immediately shows "Stopping..." before the API responds
  • SSE stays alive during pause and stopping states so logs resume/complete without reconnection
  • 6 new backend endpoints (POST /{recon,gvm,github-hunt}/{projectId}/{pause,resume}) and 9 new webapp API proxy routes (pause/resume/stop × 3 pipelines)
  • Removed the auto-scroll play/pause toggle from logs drawer (redundant with "Scroll to bottom" button)
• IP/CIDR Targeting Mode — start reconnaissance from IP addresses or CIDR ranges instead of a domain:
  • "Start from IP" toggle in the Target & Modules tab — switches the project from domain-based to IP-based targeting. Locked after creation (cannot switch modes on existing projects)
  • Target IPs / CIDRs textarea — accepts individual IPs (192.168.1.1), IPv6 (2001:db8::1), and CIDR ranges (10.0.0.0/24, 192.168.1.0/28) with a max /24 (256 hosts) limit per CIDR
  • Reverse DNS (PTR) resolution — each IP is resolved to its hostname via PTR records. When no PTR exists, a mock hostname is generated from the IP (e.g., 192-168-1-1)
  • CIDR expansion — CIDR ranges are automatically expanded into individual host IPs (network and broadcast addresses excluded). Original CIDRs are passed to naabu for efficient native scanning
  • Full pipeline support — IP-mode projects run the complete 6-phase pipeline: reverse DNS + IP WHOIS → port scan → HTTP probe → resource enumeration (Katana, Kiterunner) → vulnerability scan (Nuclei) → CVE/MITRE enrichment
  • Neo4j graph integration — mock Domain node (ip-targets.{project_id}) with ip_mode: true, Subdomain nodes (real PTR hostnames or IP-based mocks), IP nodes with WHOIS data, and all downstream relationships
  • Tenant-scoped Neo4j constraints — IP, Subdomain, BaseURL, Port, Service, and Technology uniqueness constraints are now scoped to (key, user_id, project_id), allowing the same IP/subdomain to exist in different projects without conflicts
  • Input validation — new webapp/src/lib/validation.ts module with regex validators for IPs, CIDRs, domains, ports, status codes, HTTP headers, GitHub tokens, and more. Validation runs on form submit
  • ipMode and targetIps fields added to Prisma schema with database migration
• Chisel TCP Tunnel Integration — multi-port reverse tunnel alternative to ngrok for full attack path support:
  • chisel (v1.11.4) installed alongside ngrok in kali-sandbox Dockerfile — single binary, supports amd64 and arm64
  • Reverse tunnels both port 4444 (handler) and port 8080 (web delivery/HTA) through a single connection to a VPS
  • Enables Web Delivery (Method C) and HTA Delivery (Method D) phishing attacks that require two ports — previously blocked with ngrok's single-port limitation
  • Stageless Meterpreter payloads required through chisel (staged payloads fail through tunnels — same as ngrok)
  • Deterministic endpoint discovery — LHOST derived from CHISEL_SERVER_URL hostname (no API polling needed)
  • Auto-reconnect with exponential backoff if VPS connection drops
  • CHISEL_SERVER_URL and CHISEL_AUTH env vars added to .env.example and docker-compose.yml
  • _query_chisel_tunnel() utility in agentic/utils.py with get_session_config_prompt() integration
  • agentChiselTunnelEnabled Prisma field with database migration
• Phishing / Social Engineering Attack Path (phishing_social_engineering) — third classified attack path with a mandatory 6-step workflow: target platform selection, handler setup, payload generation, verification, delivery, and session callback:
  • Standalone Payloads (Method A): msfvenom-based payload generation for Windows (exe, psh, psh-reflection, vba, hta-psh), Linux (elf, bash, python), macOS (macho), Android (apk), Java (war), and cross-platform (python) — with optional AV evasion via shikata_ga_nai encoding
  • Malicious Documents (Method B): Metasploit fileformat modules for weaponized Word macro (.docm), Excel macro (.xlsm), PDF (Adobe Reader exploit), RTF (CVE-2017-0199 HTA handler), and LNK shortcut files
  • Web Delivery (Method C): fileless one-liner delivery via exploit/multi/script/web_delivery supporting Python, PHP, PowerShell, Regsvr32 (AppLocker bypass), pubprn, SyncAppvPublishingServer, and PSH Binary targets
  • HTA Delivery (Method D): HTML Application server via exploit/windows/misc/hta_server for browser-based payload delivery
  • Email Delivery: Python smtplib-based email sending via execute_code with per-project SMTP configuration (host, port, user, password, sender, TLS) — agent asks at runtime if no SMTP settings are configured
  • Chat Download: default delivery via docker cp command reported in chat
  • New prompt module phishing_social_engineering_prompts.py with PHISHING_SOCIAL_ENGINEERING_TOOLS (full workflow) and PHISHING_PAYLOAD_FORMAT_GUIDANCE (OS-specific format decision tree and msfvenom quick reference)
  • LLM classifier updated with phishing keywords and 10 example requests for accurate routing
  • phishing_social_engineering added to KNOWN_ATTACK_PATHS set and AttackPathClassification validator
• ngrok TCP Tunnel Integration — automatic reverse shell tunneling through ngrok for NAT/cloud environments:
  • ngrok installed in kali-sandbox Dockerfile and auto-started in entrypoint.sh when NGROK_AUTHTOKEN env var is set
  • TCP tunnel on port 4444 with ngrok API exposed on port 4040
  • _query_ngrok_tunnel() utility in agentic/utils.py that queries ngrok API, discovers the public TCP endpoint, and resolves the hostname to an IP for targets with limited DNS
  • get_session_config_prompt() auto-detects LHOST/LPORT from ngrok when enabled — injects a status banner, dual LHOST/LPORT table (handler vs payload), and enforces REVERSE-only payloads through ngrok
  • is_session_config_complete() short-circuits to complete when ngrok tunnel is active
  • NGROK_AUTHTOKEN added to .env.example and docker-compose.yml (kali-sandbox env + port 4040 exposed)
• Phishing Section in Project Settings — new PhishingSection component with SMTP configuration textarea for per-project email delivery settings
• Tunnel Provider Dropdown — replaced the single "Enable ngrok TCP Tunnel" toggle in Agent Behaviour settings with a Tunnel Provider dropdown (None / ngrok / chisel). Mutually exclusive — selecting one automatically disables the other
• Social Engineering Suggestion Templates — 15 new suggestion buttons in AI Assistant drawer under a pink "Social Engineering" template group (Mail icon), covering payload generation, malicious documents, web delivery, HTA, email phishing, AV evasion, and more
• Phishing Attack Path Badge — pink "PHISH" badge with #ec4899 accent color for phishing sessions in the AI Assistant drawer
• Prisma Migrations — 20260228120000_add_ngrok_tunnel (agentNgrokTunnelEnabled), 20260228130000_add_phishing_smtp_config (phishingSmtpConfig), and 20260305145750_add_ip_mode (ipMode, targetIps) database migrations
• Remote Shells Tab — new "Remote Shells" tab on the graph dashboard for real-time session management:
  • Unified view of all active Metasploit sessions (meterpreter, shell), background handlers/jobs, and non-MSF listeners (netcat, socat)
  • Sessions auto-detected from the Kali sandbox with 3-second polling and background cache refresh
  • Built-in interactive terminal with command history (arrow keys), session-aware prompts, and auto-scroll
  • Session actions: kill, upgrade shell to meterpreter, stop background jobs
  • Agent busy detection with lock-timeout strategy — session listing always works from cache, interaction retries when lock is available
  • Session-to-chat mapping — each session card shows which AI agent chat session created it
  • Non-MSF session registration when agent creates netcat/socat listeners via kali_shell
• Command Whisperer — AI-powered NLP-to-command translator in the Remote Shells terminal:
  • Natural language input bar (purple accent) above the terminal command line
  • Describe what you want in plain English → LLM generates the correct command for the current session type (meterpreter vs shell)
  • Uses the project's configured LLM (same model as the AI agent) via a new /command-whisperer API endpoint
  • Generated commands auto-fill the terminal input for review — no auto-execution
• Metasploit Session Persistence — removed automatic Metasploit restart on new conversations:
  • Removed start_msf_prewarm call from WebSocket initialization
  • Removed sessions -K soft-reset on first metasploit_console use
  • msf_restart tool now visible to the AI agent for manual use when a clean state is needed

Changed

• Conflict detection — IP-mode projects skip domain conflict checks entirely (tenant-scoped Neo4j constraints make IP overlap safe across projects). Domain-mode conflict detection unchanged
• HTTP probe scope filtering —...

2.1.0 - 2026-02-27

Added

• CypherFix — Automated Vulnerability Remediation Pipeline — end-to-end system that takes offensive findings from the Neo4j graph and turns them into merged code fixes:
  • Triage Agent (cypherfix_triage/): AI agent that queries the Neo4j knowledge graph, correlates hundreds of reconnaissance and exploitation findings, deduplicates them, ranks by exploitability and severity, and produces a prioritized remediation plan
  • CodeFix Agent (cypherfix_codefix/): autonomous code-repair agent that clones the target repository, navigates the codebase with 11 code-aware tools, implements targeted fixes for each triaged vulnerability, and opens a GitHub pull request ready for review and merge
  • Real-time WebSocket streaming for both Triage and CodeFix agents with dedicated hooks (useCypherFixTriageWS, useCypherFixCodeFixWS)
  • Remediations API (/api/remediations/) and hook (useRemediations) for persisting and retrieving remediation results
  • CypherFix API routes (/api/cypherfix/) for triggering and managing triage and codefix sessions
  • Agent-side API endpoints and orchestrator integration in api.py and orchestrator.py
• CypherFix Tab on Graph Page — new tab (CypherFixTab/) in the Graph dashboard providing a dedicated interface to launch triage, review prioritized findings, trigger code fixes, and monitor remediation progress
• CypherFix Settings Section — new CypherFixSettingsSection in Project Settings for configuring CypherFix parameters (GitHub repo, branch, AI model, triage/codefix behavior)
• CypherFix Type System (cypherfix-types.ts) — shared TypeScript types for triage results, codefix sessions, remediation records, and WebSocket message protocols
• Agentic README Documentation (agentic/readmes/) — internal documentation for the agentic module

Changed

• Global Header — updated navigation to include CypherFix access point
• View Tabs — styling updates to accommodate the new CypherFix tab
• Project Form — expanded with CypherFix settings section and updated section exports
• Hooks barrel export — updated hooks/index.ts with new CypherFix and remediation hooks
• Prisma Schema — new fields for CypherFix configuration in the project model
• Agent Requirements — new Python dependencies for CypherFix agents
• Docker Compose — updated service configuration for CypherFix support
• README — version bump to v2.1.0, CypherFix badge added, pipeline description updated

---

1.3.0 - 2026-02-19

Added

• Multi-Provider LLM Support — the agent now supports 4 AI providers (OpenAI, Anthropic, OpenRouter, AWS Bedrock) with 400+ selectable models. Models are dynamically fetched from each provider's API and cached for 1 hour. Provider is auto-detected via a prefix convention (openrouter/, bedrock/, claude-*, or plain OpenAI)
• Dynamic Model Selector — replaced the hardcoded 11-model dropdown with a searchable, provider-grouped model picker in Project Settings. Type to filter across all providers instantly; each model shows name, context window, and pricing info
• GET /models API Endpoint — new agent endpoint that fetches available models from all configured providers in parallel. Proxied through the webapp at /api/models
• model_providers.py — new provider discovery module with async fetchers for OpenAI, Anthropic, OpenRouter, and AWS Bedrock APIs, with in-memory caching (1h TTL)
• Stealth Mode — new per-project toggle that forces the entire pipeline to use only passive and low-noise techniques:
  • Recon: disables Kiterunner and banner grabbing, switches Naabu to CONNECT scan with rate limiting, throttles httpx/Katana/Nuclei, disables DAST and interactsh callbacks
  • Agent: injects stealth rules into the system prompt — only passive/stealthy methods allowed, agent must refuse if stealth is impossible
  • GVM scanning disabled in stealth mode (generates ~50K active probes per target)
• Stealth Mode UI — toggle in Target section of Project Settings with description of what it does
• Kali Sandbox Tooling Expansion — 15+ new packages installed in the Kali container: netcat, socat, rlwrap, exploitdb, john, smbclient, sqlmap, jq, gcc, g++, make, perl, go
• kali_shell MCP Tool — direct Kali Linux shell command execution, available in all phases
• execute_code MCP Tool — run custom Python/Bash exploit scripts on the Kali sandbox
• msf_restart MCP Tool — restart Metasploit RPC daemon when it becomes unresponsive
• execute_nmap MCP Tool — deep service analysis, OS fingerprinting, NSE scripts (consolidated from previous naabu-only setup)
• MCP Server Consolidation — merged curl and naabu servers into a unified network_recon_server.py, added dedicated nmap_server.py, fixed tool loading race condition
• Failure Loop Detection — agent detects 3+ consecutive similar failures and injects a pivot warning to break out of unproductive loops
• Prompt Token Optimization — lazy no-module fallback injection (saves ~1.1K tokens), compact formatting for older execution trace steps (full output only for last 5), trimmed rarely-used wordlist tables
• Metasploit Prewarm — pre-initializes Metasploit console on agent startup to reduce first-use latency
• Markdown Report Export — download the full agent conversation as a formatted Markdown file
• Brute Force & CVE Exploit Settings — new Project Settings sections for configuring brute force speed/wordlist limits and CVE exploit attack path parameters
• Node.js Deserialization Guinea Pig — new test environment for CVE-2017-5941 (node-serialize RCE)
• Phase Tools Tooltip — hover on phase badges to see which MCP tools are available in that phase
• GitHub Secrets Suggestion — new suggestion button in AI Assistant to leverage discovered GitHub secrets during exploitation

Changed

• Agent Orchestrator — rewritten _setup_llm() with 4-way provider detection (OpenAI, Anthropic, OpenRouter via ChatOpenAI + custom base_url, Bedrock via ChatBedrockConverse with lazy import)
• Model Display — formatModelDisplay() helper cleans up prefixed model names in the AI Assistant badge and markdown export (e.g., openrouter/meta-llama/llama-4-maverick → llama-4-maverick (OR))
• Prompt Architecture — tool registry extracted into dedicated tool_registry.py, attack path prompts (CVE exploit, brute force, post-exploitation) significantly reworked for better token efficiency and exploitation success rates
• curl-based Exploitation — expanded curl-based vulnerability probing and no-module fallback workflows for when Metasploit modules aren't available
• kali_shell & execute_nuclei — expanded to all phases (previously restricted)
• GVM Button — disabled in stealth mode with tooltip explaining why
• README — extensive updates: 4-provider documentation, AI Model Providers section, Kali sandbox tooling tables, new badges (400+ AI Models, Stealth Mode, Full Kill Chain, 30+ Security Tools, 9000+ Vuln Templates, 170K+ NVTs, 180+ Settings), version bump to v1.3.0

1.2.0 - 2026-02-13

Added

• GVM Vulnerability Scanning — full end-to-end integration of Greenbone Vulnerability Management (GVM/OpenVAS) into the RedAmon pipeline:
  • Python scanner module (gvm_scan/) with GVMScanner class wrapping the GMP protocol for headless API-based scanning
  • Orchestrator endpoints (/gvm/{id}/start, /gvm/{id}/status, /gvm/{id}/stop, /gvm/{id}/logs) with SSE log streaming
  • Webapp API routes, useGvmStatus polling hook, useGvmSSE streaming hook, toolbar buttons, and log drawer on the Graph page
  • Neo4j graph integration — GVM findings stored as Vulnerability nodes (source="gvm") linked to IP/Subdomain via HAS_VULNERABILITY, with associated CVE nodes
  • JSON result download from the Graph page toolbar
• GitHub Secret Hunt — automated secret and credential detection across GitHub organizations and user repositories:
  • Python scanner module (github_secret_hunt/) with GitHubSecretHunter class supporting 40+ regex patterns for AWS, Azure, GCP, GitHub, Slack, Stripe, database connection strings, CI/CD tokens, cryptographic keys, JWT/Bearer tokens, and more
  • High-entropy string detection via Shannon entropy to catch unknown secret formats
  • Sensitive filename detection (.env, .pem, .key, credentials files, Kubernetes kubeconfig, Terraform tfvars, etc.)
  • Commit history scanning (configurable depth, default 100 commits) and gist scanning
  • Organization member repository enumeration with rate-limit handling and exponential backoff
  • Orchestrator endpoints (/github-hunt/{id}/start, /github-hunt/{id}/status, /github-hunt/{id}/stop, /github-hunt/{id}/logs) with SSE log streaming
  • Webapp API routes for start, status, stop, log streaming, and JSON result download
  • useGithubHuntStatus polling hook and useGithubHuntSSE streaming hook for real-time UI updates
  • Graph page toolbar integration with start/stop button, log drawer, and result download
  • JSON output with statistics (repos scanned, files scanned, commits scanned, gists scanned, secrets found, sensitive files, high-entropy findings)
• GitHub Hunt Per-Project Settings — GitHub scan configuration is now configurable per-project via the webapp UI:
  • New "GitHub" section in Project Settings with token, target org/user, and scan options
  • 7 configurable fields: Access Token, Target Organization, Scan Members, Scan Gists, Scan Commits, Max Commits, Output JSON
  • github_secret_hunt/project_settings.py mirrors the recon/GVM settings pattern (fetch from webapp API, fallback to defaults)
  • 7 new Prisma schema fields (github_access_token, github_target_org, github_scan_members, github_scan_gists, github_scan_commits, github_max_commits, github_output_json)
• GVM Per-Project Settings — GVM scan configuration is now configurable per-project via the webapp UI:
  • New "GVM Scan" tab in Project Settings (between Integrations and Agent Behaviour)
  • 5 configurable fields: Scan Profile, Scan Targets Strategy, Task Timeout, Poll Interval, Cleanup After Scan
  • gvm_scan/project_settings.py mirrors the recon/agentic settings pattern (fetch from webapp API, fallback to defaults)
  • Defaults served via orchestrator /defaults endpoint using importlib to avoid module name collision
  • 5 new Prisma schema fields (gvm_scan_config, gvm_scan_targets, gvm_task_timeout, gvm_poll_interval, gvm_cleanup_after_scan)

Changed

• Webapp Dockerfile — embedded Prisma CLI in the production image; entrypoint now runs prisma db push automatically on startup, eliminating the separate webapp-init container
• Dev Compose — docker-compose.dev.yml now runs prisma db push before npm run dev to ensure schema is always in sync
• Docker Compose — removed webapp-init service and webapp_prisma_cache volume; webapp handles its own schema migration

Removed

• webapp-init service — replaced by automatic migration in the webapp entrypoint (both production and dev modes)
• gvm_scan/params.py — hardcoded GVM settings replaced by per-project project_settings.py

1.1.0 - 2026-02-08

Added

• Attack Path System — agent now supports dynamic attack path selection with two built-in paths:
  • CVE Exploit — automated Metasploit module search, payload configuration, and exploit execution
  • Brute Force Credential Guess — service-level brute force with configurable wordlists and max attempts per service
• Agent Guidance — send real-time steering messages to the agent while it works, injected into the system prompt before the next reasoning step
• Agent Stop & Resume — stop the agent at any point and resume from the last LangGraph checkpoint with full context preserved
• Project Creation UI — full frontend project form with all configurable settings sections:
  • Naabu (port scanner), Httpx (HTTP prober), Katana (web crawler), GAU (passive URLs), Kiterunner (API discovery), Nuclei (vulnerability scanner), and agent behavior settings
• Agent Settings in Frontend — transferred agent configuration parameters from hardcoded params.py to PostgreSQL, editable via webapp UI
• Metasploit Progress Streaming — HTTP progress endpoint (port 8013) for real-time MSF command tracking with ANSI escape code cleaning
• Metasploit Session Auto-Reset — msf_restart() MCP tool for clean msfconsole state; auto-reset on first use per chat session
• WebSocket Integration — real-time bidirectional communication between frontend and agent orchestrator
• Markdown Chat UI — react-markdown with syntax highlighting for agent chat messages
• Smart Auto-Scroll — chat only auto-scrolls when user is at the bottom of the conversation
• Connection Status Indicator — color-coded WebSocket connection status (green/red) in the chat interface

Changed

• Unified Docker Compose — replaced per-module .env files and start.sh/stop.sh scripts with a single root docker-compose.yml and docker-compose.dev.yml for full-stack orchestration
• Settings Source of Truth — migrated all recon and agent settings from hardcoded params.py to PostgreSQL via Prisma ORM, fetched at runtime via webapp API
• Recon Pipeline Improvements — multi-level improvements across all recon modules for reliability and accuracy
• Orchestrator Model Selection — fixed model selection logic in the agent orchestrator
• Frontend Usability — unified RedAmon primary crimson color (#d32f2f), styled message containers with ghost icons and gradient backgrounds, improved markdown heading and list spacing
• Environment Configuration — added root .env.example with all required keys; forwarded NVD_API_KEY and Neo4j credentials from recon-orchestrator to spawned containers
• Webapp Header — replaced Crosshair icon with custom logo.png image, bumped logo text size

Fixed

• Double Approval Dialog — fixed duplicate approval confirmation with ref-based state tracking
• Orchestrator Model Selection — corrected model selection logic when switching between AI providers

---