Add web_request_framework tool to web_pentester (#358)

Co-authored-by: root <root@Unknown.localdomain>
This commit is contained in:
Cristi 2025-12-08 12:05:51 +02:00 committed by GitHub
parent 2ed9951cf2
commit d37584f457
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 0 deletions

View File

@ -13,6 +13,7 @@ from cai.agents.guardrails import get_security_guardrails
# Core tools
from cai.tools.reconnaissance.generic_linux_command import generic_linux_command
from cai.tools.reconnaissance.exec_code import execute_code
from cai.tools.web.headers import web_request_framework
# Optional OSINT search (requires PERPLEXITY_API_KEY)
from cai.tools.web.search_web import make_web_search_with_explanation
@ -27,6 +28,7 @@ web_pentester_system_prompt = load_prompt_template("prompts/system_web_pentester
tools = [
generic_linux_command, # shell one-liners (httpie/curl/waybackurls/etc if installed)
execute_code, # light parsing/diffing/payload crafting
web_request_framework, # HTTP request + response/header security analysis
]
# Conditional: add web search helper when available

View File

@ -8,8 +8,10 @@ analysis, parameter inspection, and security vulnerability detection.
from urllib.parse import urlparse
import requests # pylint: disable=E0401
from cai.sdk.agents import function_tool
@function_tool(strict_mode=False)
def web_request_framework( # noqa: E501 # pylint: disable=too-many-arguments,too-many-locals,too-many-branches
url: str = "",
method: str = "GET",