pentest-ai

Highlights

Catch rate against a self-hosted 20-vuln Flask honeypot moved from 9/20 (45%) to 20/20 (100%) inside a single deterministic three-pass scan.

New probes

• web.sqli_login_bypass — classic ' OR 1=1 ---family auth-bypass against POST login endpoints. Six payloads × four username-field names × two body shapes across eight login-path candidates. Bypass detected via session-cookie minting, 3xx redirect to a non-login path, or 401→200 status flip with logged-in markers.
• web.path_traversal — filename-style query-param LFI. Thirteen payload depths (raw ../etc/passwd 3–7, URL-encoded %2e%2e/, Windows ..\\..\\..\\windows\\win.ini) across six param names and twelve default paths.
• web.response_headers — missing security headers (CSP / XFO / XCTO / Referrer-Policy / Permissions-Policy / HSTS-on-HTTPS), insecure session cookie attributes (HttpOnly / Secure / SameSite), and Server / X-Powered-By info disclosure — one GET on the base URL.

New primitive

• http_post_form — application/x-www-form-urlencoded POST helper matching the http_post_json shape. Form-handler endpoints can now be attacked without each probe re-rolling the Content-Type.

New bug-class taxonomy entries

security_misconfig, insecure_cookie, info_disclosure.

Probe hardening

• web.api_path_discovery now accepts 400/405/422 as "endpoint exists, wants different args/method" — unblocks SSRF / XXE / path-traversal probes that depend on discovery for seeding.
• web.xxe_upload tries multipart AND raw application/xml shapes per path, propagates captured_auth, unions ALWAYS_PROBED with discovery candidates.
• web.sqli_fuzz forwards captured_auth into crawler and fuzz, expands ctx.candidate_endpoints into {path}?{param}={payload} templates.
• web.stored_xss tries (json, form) shapes per (path, field) with read-back after every accepted POST, candidate union, numeric-id sink defaults.
• web.race_condition swaps local Bearer-only helper for canonical auth_headers; folds baseline into the same asyncio.gather as the burst (was sequencing baseline first, hiding atomic-gate-with-sleep bugs); iterates COMMON_COUPON_CODES.
• probe_jwt_alg_none iterates COMMON_ADMIN_SUBJECTS in the forged token — apps that DB-look-up the sub claim no longer silently reject the canary value.

Bug fixes

• @registry.probe decorator misattachment regression in race_condition and stored_xss (helper got the decorator instead of the probe entry point). Unit tests passed because they imported the probe directly; the three-pass orchestrator surfaced the break. Added registry-correctness asserts.

Tests

In-process aiohttp honeypot (tests/honeypot/server.py) grew five new vulnerable sinks mirroring TaskFlow: /api/import, /api/search, /tasks/{id}, /auth/login, /files?name=. Five new e2e tests, six new unit-test files. Discovery + injection sweep: 40 passing → 174 passing.