v0.3.0

HackingBuddyGPT 0.3.0

European Summer'24 Heatwave edition

Version 0.3 contains a massive refactoring and rewrite of our code-base (by @Neverbolt and @andreashappe), laying the groundwork for future features. Meanwhile, @DianaStrauss was improving the Web API testing agent.

Also see our latest hacking benchmark results for multiple models.

Notable user-visible changes:

• GitHub Models are now supported as LLM backend
• the hackingBuddyGPT CLI is installed (alias to the wintermute CLI) to provide consistency
• massively improved web api testing agent:
  • new response analyzer to create a report from the testing findings
  • prompt engineering: improved prompt creation, now categorized into task and state planning prompts
  • Streamlined the OpenAPI documentation generation (reconnaissance) process
• restructured introductory usecases and agents
  • moved them into src/hackingbuddygpt/usecases/examples
  • their names (used by the CLI) start with Ex
• bump minimal python version to python 3.10

Notable developer-visible changes:

• allow for streaming responses from LLMs
• The class hierarchy has been refactored. UseCases showcase the different hacking behaviors provided hackingBuddyGPT. They offer developers flexibility how they implement their hacking techniques. To streamline development, we introduce the Agent base-class. Agents perform hacking in steps/rounds. Developers can automatically wrap an Agent within a usecases to integrate new agents with minimal development overhead into hackingBuddyGPT. For more information, see our documentation.
• massively increased test coverage

What's Changed

• Update README.md by @eltociear in #66
• some type hint fixes and a first integration test by @andreashappe in #67
• Create python-app.yml by @andreashappe in #69
• Update python-app.yml by @andreashappe in #70
• add more test-cases (also test github integration) by @andreashappe in #68
• Improve API and make streaming responses possible by @Neverbolt in #71
• Explorative refactoring by @andreashappe in #73
• merge diana's changes (and fixes) into development by @andreashappe in #74
• Development without spacy by @DianaStrauss in #76
• Development without spacy by @DianaStrauss in #80
• merge the current development branch into master by @andreashappe in #81
• Improved WebAPITesting by @DianaStrauss in #82
• add more web-api-testing changes, fix unittest by @andreashappe in #83

Full Changelog: v0.2.1...v0.3.0

v0.2.1

What's Changed

• update main branch by @andreashappe in #1
• V3 by @andreashappe in #2
• V4 by @andreashappe in #3
• Update README.md by @andreashappe in #4
• V5 by @andreashappe in #5
• Update README.md by @andreashappe in #6
• V6 by @andreashappe in #8
• V7 by @andreashappe in #9
• Fix typo in README.md by @eltociear in #10
• Create jekyll-gh-pages.yml by @andreashappe in #11
• fix link to old runs by @andreashappe in #12
• update README by @andreashappe in #13
• Update README.md by @andreashappe in #14
• Implements first version of modular capability system by @Neverbolt in #15
• Adds the possibility to define help text for parameters by @Neverbolt in #16
• Bump idna from 3.6 to 3.7 by @dependabot in #17
• Adds documentation for use cases and configurable by @Neverbolt in #18
• Simplify use-case infrastructure by providing common base-class by @andreashappe in #19
• Create FUNDING.yml by @andreashappe in #20
• update documentation by @andreashappe in #21
• Create CONTRIBUTING.md by @andreashappe in #23
• Create SECURITY.md by @andreashappe in #25
• update minimal example by @andreashappe in #27
• Update minimal example description by @andreashappe in #28
• Unify by @andreashappe in #29
• allow running hackingbuddygpt with llama-style models again by @andreashappe in #30
• Update README.md by @andreashappe in #31
• Update README.md by @andreashappe in #32
• Create linux_privesc.md by @andreashappe in #33
• Update README.md by @andreashappe in #34
• Update README.md by @andreashappe in #35
• Update README.md by @andreashappe in #37
• Update documentation by @andreashappe in #38
• Adds an initial web testing use-case by @Neverbolt in #39
• Update README.md by @andreashappe in #40
• Update linux_privesc.md by @andreashappe in #41
• Update README.md by @andreashappe in #42
• I have no idea what's going on with the github online markdown editor.. by @andreashappe in #43
• Update README.md for more contributer info by @Neverbolt in #44
• Decision making by @andreashappe in #45
• Update README.md by @andreashappe in #46
• Added web-api-pentest prototype by @DianaStrauss in #47
• fix web-api-pentest link by @andreashappe in #49
• refactor a bit and add agents by @andreashappe in #50
• Update README.md by @andreashappe in #51
• Update README.md by @andreashappe in #52
• update links to point to the documentation site by @andreashappe in #53
• Bump requests from 2.31.0 to 2.32.0 in the pip group across 1 directory by @dependabot in #54
• Fix docs by @andreashappe in #55
• Update README.md by @andreashappe in #56
• Editorial changes to README.md by @citostyle in #57
• Adds support for generic text parsing of capabilities by @Neverbolt in #58
• Update README.md by @andreashappe in #59
• Fixes by @andreashappe in #61
• Agent with worldview by @andreashappe in #62
• Restructure by @andreashappe in #64
• Update README.md by @andreashappe in #65

New Contributors

• @dependabot made their first contribution in #17
• @citostyle made their first contribution in #57

Full Changelog: v0.1.0...v0.2.1

v0.1.0-fse23ivr

• this was the code submitted to FSE23 IVR

Full Changelog: https://github.com/ipa-lab/hackingBuddyGPT/commits/v0.1.0