Merge Development into Main Branch

[andreashappe]

This pull request introduces support for both SSH and local shell (via tmux) connections to target systems, making it easier to test and develop hackingBuddyGPT locally. The documentation has been significantly updated to reflect these new connection options and to provide clear setup instructions. Additionally, several new capabilities and dependencies have been added to expand and improve the framework's functionality.

Major new features and improvements:

Connection mode support and documentation updates:

• Added support for connecting to local shells via tmux in addition to SSH, including a new LocalShellCapability class and integration into the LinuxPrivesc use case. The documentation in README.md has been updated to explain both connection types, provide setup instructions, and give usage examples for each mode. [1] [2] [3] [4] [5] [6] [7]

Capabilities and extensibility:

• Added new capability classes: ParsedInformation for handling parsed HTTP responses and PythonTestCase for registering and describing test cases, supporting richer agent behaviors. [1] [2]

Dependency management:

• Updated and expanded dependencies in pyproject.toml to include pandas, faker, fpdf, and specific langchain packages, and ensured test dependencies are complete. [1] [2]

Bugfixes and minor improvements:

• Fixed a bug in http_request.py to correctly handle path joining for HTTP requests.
• Improved screenshot and documentation links in the README.md and clarified the description of the extended linux-privesc use case.

Internal codebase organization:

• Added missing imports and improved module structure for web API testing utilities and documentation handling. [1] [2]

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.
• ⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

License Issues

pyproject.toml

Package	Version	License	Issue Type
langchain_chroma		Null	Unknown License
langchain_community		Null	Unknown License
langchain_core		Null	Unknown License
langchain_openai		Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/faker		🟢 5.3	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 9 1 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/fpdf		⚠️ 2.9	Details Check Score Reason Code-Review ⚠️ 1 Found 3/28 approved changesets -- score normalized to 1 Token-Permissions ⚠️ -1 No tokens found Dangerous-Workflow ⚠️ -1 no workflows found Packaging ⚠️ -1 packaging workflow not detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ -1 no dependencies found CII-Best-Practices ⚠️ 2 badge detected: InProgress Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/langchain_chroma		Unknown	Unknown
pip/langchain_community		Unknown	Unknown
pip/langchain_core		Unknown	Unknown
pip/langchain_openai		Unknown	Unknown
pip/pandas		🟢 6.4	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no badge detected Code-Review 🟢 8 25 out of last 30 changesets reviewed before merge -- score normalized to 8 Contributors 🟢 10 47 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool ⚠️ 0 no update tool detected Fuzzing 🟢 10 project is fuzzed with [OSSFuzz] License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 21 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 no published package detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 7 SAST tool detected but not run on all commmits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 0 out of 5 artifacts are signed or have provenance Token-Permissions ⚠️ 0 non read-only tokens detected in GitHub workflows Vulnerabilities 🟢 10 no vulnerabilities detected

Scanned Files

• pyproject.toml