pentest-ai

Bug-bounty / production-target readiness release. Four opt-in safety flags so ptai can be pointed at hardened or rate-limited targets without violating program rules, plus a real bearer authentication flow that unlocks JWT-style API targets (Juice Shop, crAPI, and the typical modern bug-bounty stack).

Added: opt-in safety flags

All three default false to preserve existing behavior. Pass on start_engagement (MCP) or via the corresponding CLI flag.

• intensity="safe" — skip destructive-low probes (mass-assignment user creation, coupon forging, stored XSS, race conditions, …). Catches read-only bug classes without mutating server state. Useful for first-pass production-target scans where you don't yet have write authorization.
• respect_rate_limits=true — when a target returns HTTP 429, honor Retry-After (or fall back to exponential backoff capped at 30s, 3 retries). Recommended for WAF-protected bug-bounty targets; off by default to preserve today's scan-as-fast-as-the-target-allows behavior.
• strict_scope=true — refuse any HTTP request whose host doesn't match the engagement target's host. Also disables redirect-following in primitives so a 302 to attacker.com can't pull the scan off-target. Bug-bounty programs care a lot about scope discipline; default off preserves today's wide-open behavior.

Added: bearer auth flow with JSON token extraction

The bearer flow was declared in cli.auth_profiles.VALID_FLOWS since v0.10 but raised AuthError at runtime — only form_post and bearer_static were actually implemented. The executor now exists.

• engine/auth_session.py:WebAuthenticator._login_bearer — POSTs credentials (JSON or form body, configurable via body_shape) to a login_url, extracts a token from a configurable JSON response path (e.g. authentication.token), returns an AuthSession with bearer_token populated. The orchestrator's set_auth() propagates it through every specialist agent, so all 30+ auth-gated probes pick it up.
• AuthProfile.body_shape / AuthProfile.token_path — new fields on the profile dataclass. Profile YAML schema gains the two keys; from_dict / to_dict updated.
• tests/test_auth_profiles_smoke.py — parametrized "paper-tiger" guard: enumerates every flow in VALID_FLOWS and asserts each either has a real executor or correctly raises the unsupported auth flow error. Future declared-but-unimplemented flows fail loudly at test time instead of mid-engagement.

Generalization validation

ptai 0.15.0 ships with a measured authenticated catch rate against OWASP Juice Shop v19.2.1: 63.24% (43 of 68 in-scope challenges) under aggressive intensity + strict_scope=true. Methodology and per-challenge breakdown in benchmarks/scoring/ (local-only — authenticated benchmark outputs are gitignored).

Install

pip install ptai==0.15.0

PyPI: https://pypi.org/project/ptai/0.15.0/

Full notes in CHANGELOG.md.