From 7ea7b85ffc14b2ba58e0be4495fbb3fd410d9745 Mon Sep 17 00:00:00 2001
From: Ayush Singh <26509147+g147@users.noreply.github.com>
Date: Sun, 12 Jan 2025 12:35:22 +0530
Subject: [PATCH] puncia[0.27]

---
 README.md          | 27 +++++++++++++----------
 puncia/__main__.py | 54 ++++++++++++++++++++++++++++++++++------------
 setup.py           |  7 +++---
 3 files changed, 60 insertions(+), 28 deletions(-)

diff --git a/README.md b/README.md
index e80ba24..2a5405f 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # The Panthera(P.)uncia of Cybersecurity
 
-### Official CLI utility for Subdomain Center & Exploit Observer
+### Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer
 
 [![Downloads](https://pepy.tech/badge/puncia)](https://pepy.tech/project/puncia)
 <img src="https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat">
@@ -8,10 +8,11 @@
 <br>
 <img src="https://raw.githubusercontent.com/ARPSyndicate/puncia/master/puncia.png" width=25%>
 <br>
-Puncia utilizes two of our intelligent APIs to gather the results - <br>
+Puncia utilizes three of our intelligent APIs to gather the results - <br>
 
 - [Subdomain Center - The World's Largest Subdomain & Shadow IT Intelligence Database](https://subdomain.center)<br>
-- [Exploit Observer - The World's Largest Exploit & Vulnerability Intelligence Database](https://exploit.observer)
+- [Exploit Observer - The World's Largest Exploit & Vulnerability Intelligence Database](https://exploit.observer)<br>
+- [Osprey Vision - The World's Most Bleeding Edge Cyber Intelligence LLM](https://osprey.vision)
 
 **Please note that although these results can sometimes be pretty inaccurate & unreliable, they can greatly differ from time to time due to their self-improvement capabilities.**
 
@@ -25,16 +26,17 @@ Puncia utilizes two of our intelligent APIs to gather the results - <br>
 ## Usage
 
 1.  Store an API key (storekey) - `puncia storekey <api-key>`
-2.  Query Domains (subdomain) - `puncia subdomain <domain> <output-file>`
-3.  Query Replica Domains (replica) - `puncia replica <domain> <output-file>`
-4.  Query Exploit & Vulnerability Identifiers (exploit)
+2.  Interact with the LLM (chat) - `puncia chat "<prompt>" <output-file>`
+3.  Query Domains (subdomain) - `puncia subdomain <domain> <output-file>`
+4.  Query Replica Domains (replica) - `puncia replica <domain> <output-file>`
+5.  Query Exploit & Vulnerability Identifiers (exploit)
     - Russian VIDs with no associated CVEs (^RU_NON_CVE) - `puncia exploit ^RU_NON_CVE  <output-file>`
     - Chinese VIDs with no associated CVEs (^CN_NON_CVE) - `puncia exploit ^CN_NON_CVE  <output-file>`
     - Vulnerability & Exploit Identifers Watchlist (^WATCHLIST_IDES) - `puncia exploit ^WATCHLIST_IDES  <output-file>`
     - Vulnerable Technologies Watchlist (^WATCHLIST_TECH) - `puncia exploit ^WATCHLIST_TECH  <output-file>`
     - [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers) - `puncia exploit <eoidentifier> <output-file>`
-5.  Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich <cve-id/ghsa-id> <output-file>`
-6.  Multiple Queries (bulk/sbom)
+6.  Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich <cve-id/ghsa-id> <output-file>`
+7.  Multiple Queries (bulk/sbom)
 
     - Bulk Input JSON File Format - `puncia bulk <json-file> <output-directory>`
       ```
@@ -59,19 +61,22 @@ Puncia utilizes two of our intelligent APIs to gather the results - <br>
       ```
     - [SBOM Input JSON File Format](https://github.com/CycloneDX/bom-examples/blob/master/SBOM/protonmail-webclient-v4-0912dff/bom.json) - `puncia sbom <json-file> <output-directory>`
 
-7.  External Import
+8.  External Import
+
     ```
         import puncia
 
         # Without API Key
         print(puncia.query_api("exploit","CVE-2021-3450"))
         print(puncia.query_api("subdomain","arpsyndicate.io"))
+        print(puncia.query_api("chat","write a xss fuzzer in python"))
 
         # With API Key
         puncia.store_key("ARPS-xxxxxxxxxx")
         print(puncia.query_api("subdomain","arpsyndicate.io", apikey=puncia.read_key()))
         print(puncia.query_api("exploit","CVE-2021-3450", apikey=puncia.read_key()))
-    
+        print(puncia.query_api("chat","write a xss fuzzer in python", apikey=puncia.read_key()))
+
     ```
 
 <br>
@@ -88,4 +93,4 @@ Puncia utilizes two of our intelligent APIs to gather the results - <br>
 
 - [VEDAS Advisories](https://vedas.arpsyndicate.io)
 - [Open Source Intelligence](https://asm.arpsyndicate.io/intelligence.html)
-- [Attack Surface Management](https://asm.arpsyndicate.io)
\ No newline at end of file
+- [Attack Surface Management](https://asm.arpsyndicate.io)
diff --git a/puncia/__main__.py b/puncia/__main__.py
index d55ce5c..8698bb5 100755
--- a/puncia/__main__.py
+++ b/puncia/__main__.py
@@ -10,10 +10,12 @@
     "replica": "https://api.subdomain.center/?engine=octopus&domain=",
     "exploit": "https://api.exploit.observer/?keyword=",
     "enrich": "https://api.exploit.observer/?enrich=True&keyword=",
+    "chat": "https://api.osprey.vision/",
     "auth_subdomain": "https://api.subdomain.center/beta/?auth={0}&domain=",
     "auth_replica": "https://api.subdomain.center/beta/?auth={0}&engine=octopus&domain=",
     "auth_exploit": "https://api.exploit.observer/beta/?auth={0}&keyword=",
     "auth_enrich": "https://api.exploit.observer/beta/?auth={0}&enrich=True&keyword=",
+    "auth_chat": "https://api.osprey.vision/beta/",
     "russia": "https://api.exploit.observer/russia/",
     "china": "https://api.exploit.observer/china/",
     "watchlist_ides": "https://api.exploit.observer/watchlist/identifiers",
@@ -37,7 +39,13 @@ def read_key():
 
 
 def query_api(mode, query, output_file=None, cid=None, apikey=""):
-    if len(apikey) > 0 and mode in ["exploit", "subdomain", "enrich", "replica"]:
+    if len(apikey) > 0 and mode in [
+        "exploit",
+        "subdomain",
+        "enrich",
+        "replica",
+        "chat",
+    ]:
         url = API_URLS.get("auth_" + mode).format(apikey)
     else:
         time.sleep(25)
@@ -68,15 +76,32 @@ def query_api(mode, query, output_file=None, cid=None, apikey=""):
     retries = 1
     counter = 0
     response = {}
-    while counter <= retries:
-        try:
-            response = requests.get(url + query).json()
-            if len(response) > 0:
-                break
-        except:
-            print("An exception happened while requesting: " + query)
-        counter = counter + 1
-        time.sleep(30)
+    if mode in ["chat", "auth_chat"]:
+        data = {"prompt": query}
+        if "/beta" in url:
+            data["auth"] = apikey
+        response = requests.post(url, json=data, stream=True)
+        reschat = ""
+        for line in response:
+            if sys.argv[0].endswith("puncia"):
+                print(line.decode("utf-8"), flush=True, end="")
+            reschat += line.decode("utf-8")
+        if sys.argv[0].endswith("puncia"):
+            print("\n")
+        if output_file:
+            with open(output_file, "w") as f:
+                f.write(reschat)
+        return reschat
+    else:
+        while counter <= retries:
+            try:
+                response = requests.get(url + query).json()
+                if len(response) > 0:
+                    break
+            except:
+                print("An exception happened while requesting: " + query)
+            counter = counter + 1
+            time.sleep(30)
     if not response or len(response) == 0:
         print("Null response from the API for: " + query)
         return
@@ -177,13 +202,13 @@ def add_component(name, version):
 def main():
     try:
         print("---------")
-        print("Panthera(P.)uncia [v0.26]")
+        print("Panthera(P.)uncia [v0.27]")
         print("A.R.P. Syndicate [https://www.arpsyndicate.io]")
         print("---------")
 
         if len(sys.argv) < 3:
             sys.exit(
-                "usage: puncia <mode:subdomain/replica/exploit/enrich/bulk/sbom/storekey> <query:domain/eoidentifier/jsonfile/apikey> [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
+                "usage: puncia <mode:chat/subdomain/replica/exploit/enrich/bulk/sbom/storekey> <query:prompt/domain/eoidentifier/jsonfile/apikey> [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
             )
 
         mode = sys.argv[1]
@@ -276,8 +301,9 @@ def main():
 
         else:
             rdata = query_api(mode, query, output_file, apikey=apikey)
-            if len(rdata) > 0:
-                print(json.dumps(rdata, indent=4, sort_keys=True))
+            if mode not in ["chat", "auth_chat"]:
+                if len(rdata) > 0:
+                    print(json.dumps(rdata, indent=4, sort_keys=True))
     except Exception as e:
         sys.exit(f"Error: {str(e)}")
 
diff --git a/setup.py b/setup.py
index 60285b5..14f5ca0 100644
--- a/setup.py
+++ b/setup.py
@@ -2,20 +2,21 @@
 
 setup(
     name="puncia",
-    version="0.26",
+    version="0.27",
     author="A.R.P. Syndicate",
     author_email="ayush@arpsyndicate.io",
-    keywords="subdomains subdomain exploits exploit sbom cyclonedx arpsyndicate panthera uncia puncia snow leopard",
+    keywords="cyber intelligence llm ai chat subdomains subdomain exploits exploit sbom cyclonedx arpsyndicate panthera uncia puncia snow leopard",
     url="https://github.com/ARPSyndicate/puncia",
     project_urls={
         "A.R.P. Syndicate": "https://www.arpsyndicate.io",
         "Subdomain Center": "https://subdomain.center",
         "Exploit Observer": "https://exploit.observer",
+        "Osprey Vision": "https://osprey.vision",
     },
     license="MIT",
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",
-    description="The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Subdomain Center & Exploit Observer",
+    description="The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer",
     packages=find_packages(),
     install_requires=[
         "requests",