diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..f5050c9 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,30 @@ +name: Bug Report +description: Report a bug in TerminalPressure +title: "[Bug]: " +labels: ["bug"] +body: + - type: dropdown + id: command + attributes: + label: Which command? + options: [scan, stress, exploit, other] + validations: + required: true + - type: textarea + id: description + attributes: + label: Bug Description + validations: + required: true + - type: textarea + id: steps + attributes: + label: Steps to Reproduce + validations: + required: true + - type: textarea + id: env + attributes: + label: Environment (OS, Python version, nmap version) + validations: + required: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..e75327f --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,34 @@ +name: CI + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + lint: + name: Lint (Python ${{ matrix.python-version }}) + runs-on: ubuntu-latest + strategy: + matrix: + python-version: ["3.10", "3.11", "3.12"] + + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + cache: pip + + - name: Install dev deps + run: pip install flake8 + + - name: Lint + run: flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=__pycache__ + + - name: Check for unauthorized use warnings + run: | + grep -n "FOR AUTHORIZED" terminal_pressure.py && echo "✓ Auth warning present" || \ + (echo "::warning::Authorization notice missing from source" && exit 0) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml new file mode 100644 index 0000000..ef0ba70 --- /dev/null +++ b/.github/workflows/python-app.yml @@ -0,0 +1,39 @@ +# This workflow will install Python dependencies, run tests and lint with a single version of Python +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python + +name: Python application + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +permissions: + contents: read + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Set up Python 3.10 + uses: actions/setup-python@v5 + with: + python-version: "3.10" + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install flake8 pytest + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + - name: Lint with flake8 + run: | + # stop the build if there are Python syntax errors or undefined names + flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide + flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics + - name: Test with pytest + run: | + pytest diff --git a/LICENSE b/LICENSE index e67242d..2de1fb1 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,62 @@ -MIT License +CyberViser Proprietary License +Copyright (c) 2025 CyberViser. All Rights Reserved. + +IMPORTANT — READ CAREFULLY BEFORE USING THIS SOFTWARE. + +By accessing, downloading, cloning, forking, contributing to, or otherwise +using this repository or any part of its contents (the "Software"), you agree +to be bound by the terms of this license. If you do not agree, do not use the +Software. + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +1. OWNERSHIP + + CyberViser retains sole and exclusive ownership of all intellectual property + rights, title, and interest in and to the Software, including all source + code, documentation, and any derivative works. No ownership rights are + transferred to you under this license. + +2. PERMITTED USES (Non-Commercial Only) + + a) View and study the source code for personal or educational purposes only; + b) Run the Software locally for authorized, non-commercial security testing + on systems you own or have explicit written permission to test; + c) Submit contributions assigned irrevocably to CyberViser. + +3. RESTRICTIONS — YOU MAY NOT: + + a) Use the Software for any commercial purpose without a written license; + b) Redistribute, publish, sublicense, sell, or transfer the Software; + c) Build competing products or services using this Software; + d) Remove or alter CyberViser copyright notices or branding; + e) Use the Software against any system without explicit authorization. + +4. AUTHORIZED USE ONLY + + This tool is intended STRICTLY for authorized penetration testing and + security research. Use against systems without written authorization is + illegal and prohibited. CyberViser assumes no liability for unauthorized use. + +5. COMMERCIAL LICENSING + + Contact: contact@cyberviser.ai + +6. NO WARRANTY + + THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. + +7. LIMITATION OF LIABILITY + + CYBERVISER SHALL NOT BE LIABLE FOR ANY DAMAGES ARISING FROM USE OR MISUSE. + +8. TERMINATION + + This license terminates immediately upon breach of any term herein. + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +© 2025 CyberViser. All Rights Reserved. -Copyright (c) 2025 Terminal-Pressure Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md new file mode 100644 index 0000000..7761424 --- /dev/null +++ b/README.md @@ -0,0 +1,64 @@ +# 💥 TerminalPressure — CyberViser Pentest Toolkit + +
+ +![TerminalPressure](https://img.shields.io/badge/CyberViser-TerminalPressure-ff3366?style=for-the-badge&logo=hackthebox&logoColor=white) + +[![License: Proprietary](https://img.shields.io/badge/License-Proprietary-red.svg)](LICENSE) +[![Python](https://img.shields.io/badge/Python-3.10%2B-blue?logo=python)](https://python.org) +[![Part of](https://img.shields.io/badge/Part%20of-Hancock%20Platform-00ff88)](https://github.com/cyberviser/Hancock) + +**Authorized penetration testing toolkit — vulnerability scanning, stress testing, and exploit chain simulation.** + +> ⚠️ **FOR AUTHORIZED USE ONLY.** Use only on systems you own or have explicit written permission to test. Unauthorized use is illegal. + +
+ +--- + +## 🔧 Features + +| Command | Description | +|---------|-------------| +| `scan` | nmap vulnerability scan (ports 1–1024, `-sV --script vuln`) | +| `stress` | Multi-threaded connection stress test (authorized load testing) | +| `exploit` | Exploit chain simulation framework | + +--- + +## ⚡ Quick Start + +```bash +git clone https://github.com/cyberviser/TerminalPressure.git +cd TerminalPressure +pip install -r requirements.txt + +# Vulnerability scan (authorized targets only) +python terminal_pressure.py scan 192.168.1.1 + +# Stress test +python terminal_pressure.py stress 192.168.1.1 --port 80 --threads 50 --duration 60 + +# Exploit chain simulation +python terminal_pressure.py exploit 192.168.1.1 --payload default_backdoor +``` + +> Requires `nmap` installed on your system: `sudo apt install nmap` + +--- + +## 🛡️ Part of the CyberViser Ecosystem + +TerminalPressure is a standalone toolkit that integrates with the **Hancock AI agent** for AI-assisted pentest workflows. + +→ [**Hancock — AI Security Agent**](https://github.com/cyberviser/Hancock) +→ [**CyberViser Platform**](https://cyberviser.github.io/Hancock/) + +--- + +## 📄 License + +**CyberViser Proprietary License** — see [LICENSE](LICENSE). +Commercial use requires a written agreement: contact@cyberviser.ai + +© 2025 CyberViser. All Rights Reserved. diff --git a/docs/index.html b/docs/index.html new file mode 100644 index 0000000..879ea15 --- /dev/null +++ b/docs/index.html @@ -0,0 +1,225 @@ + + + + + + TerminalPressure — CyberViser Pentest Toolkit + + + + + + + + + + + + + +
+
⚠ AUTHORIZED USE ONLY — FOR PENTESTERS & RED TEAMS
+

TERMINAL
PRESSURE

+

Authorized penetration testing toolkit — vulnerability scanning, connection stress testing, and exploit chain simulation. Built for red teams by CyberViser.

+
+ ⚡ View on GitHub + Quick Start +
+
+ +
+
+
+
+ terminalpressure — demo +
+
+
$ python terminal_pressure.py
+
╔══════════════════════════════════════╗
+
║ TerminalPressure — CyberViser ║
+
║ Authorized Pentest Toolkit v1.0 ║
+
╚══════════════════════════════════════╝
+
+
Commands: scan | stress | exploit | exit
+
+
tp> scan 192.168.1.1
+
[*] Starting nmap vuln scan on 192.168.1.1...
+
[+] Open: 22/tcp (OpenSSH 8.2) — No critical CVEs
+
[+] Open: 80/tcp (Apache 2.4.41) — CVE-2021-41773 detected!
+
[!] CRITICAL: Path traversal / RCE on Apache 2.4.41-2.4.42
+
+
tp> exploit CVE-2021-41773
+
[*] Loading exploit chain for CVE-2021-41773...
+
[+] Exploit simulation complete. Report generated: report_20260221.txt
+
+
+
+ +
+

// capabilities

+
+
+
🔍
+

Vulnerability Scanner

+

Automated nmap-based scanning across ports 1–1024 with service detection and CVE correlation. Outputs structured reports.

+ scan <target> +
+
+
💥
+

Stress Testing

+

Multi-threaded connection load testing for authorized resilience assessments. Configurable thread count and duration.

+ stress <target> <port> +
+
+
⛓️
+

Exploit Chain Sim

+

Simulate multi-stage exploit chains for authorized red team exercises. Documents attack paths without executing payloads.

+ exploit <cve-id> +
+
+
📋
+

Report Generation

+

Auto-generates timestamped plaintext reports after each scan or test run. Ready to drop into your pentest report.

+ output: report_YYYYMMDD.txt +
+
+
🤖
+

Hancock Integration

+

Pair with Hancock AI to get instant triage, CVE analysis, and PICERL playbooks for every finding TerminalPressure uncovers.

+ cyberviser.netlify.app +
+
+
🛡️
+

Proprietary License

+

CyberViser Proprietary License — permitted for authorized research and testing. Commercial use requires a license agreement.

+ cyberviser@proton.me +
+
+
+ +
+ ⚠️ This tool is for authorized security testing only. You must have explicit written permission to test any system. Unauthorized use is illegal under the CFAA and equivalent laws. CyberViser assumes no liability for misuse. +
+ +
+
+

// quick start

+ 
# Clone the repo
+git clone https://github.com/cyberviser/TerminalPressure.git
+cd TerminalPressure
+
+# Install dependencies
+pip install -r requirements.txt
+
+# Run (requires nmap installed)
+# Linux: sudo apt install nmap
+# macOS: brew install nmap
+python terminal_pressure.py
+
+# Commands inside the tool
+scan    <target_ip>           # vuln scan
+stress  <target_ip> <port>   # load test
+exploit <cve-id>             # exploit sim
+exit                          # quit
+
+
+ +
+

// part of the cyberviser platform

+

TerminalPressure handles the exploitation. Hancock handles the analysis — triage findings, generate CVE reports, write executive summaries, and build IR playbooks using AI.

+ Explore Hancock AI → +
+ + + + + diff --git a/requirements.txt b/requirements.txt index 761b2c3..3cb84f3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,3 @@ -python-nmap -scapy +python-nmap>=0.7.1 +scapy>=2.5.0 +requests>=2.32.0 diff --git a/terminal_pressure.py b/terminal_pressure.py index b064653..a510ecc 100644 --- a/terminal_pressure.py +++ b/terminal_pressure.py @@ -1,10 +1,15 @@ #!/usr/bin/env python3 +# Copyright (c) 2025 CyberViser. All Rights Reserved. +# Licensed under the CyberViser Proprietary License — see LICENSE for details. +# FOR AUTHORIZED SECURITY TESTING ONLY. Unauthorized use is illegal and prohibited. import argparse import nmap # Requires pip install python-nmap (user installs) import socket import requests from scapy.all import * # For packet crafting; pip install scapy import random +import concurrent.futures +import logging import threading import time @@ -29,16 +34,16 @@ def flood(): end_time = time.time() + duration while time.time() < end_time: try: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.connect((target, port)) - s.send(b"GET / HTTP/1.1\r\nHost: " + target.encode() + b"\r\n\r\n") - s.close() - except: - pass + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((target, port)) + s.send(b"GET / HTTP/1.1\r\nHost: " + target.encode() + b"\r\n\r\n") + except (socket.error, OSError) as e: + logging.debug("Connection error: %s", e) print(f"[+] Applying pressure to {target}:{port} with {threads} threads for {duration}s") - for _ in range(threads): - t = threading.Thread(target=flood) - t.start() + max_workers = min(threads, 100) + with concurrent.futures.ThreadPoolExecutor(max_workers=max_workers) as executor: + futures = [executor.submit(flood) for _ in range(threads)] + concurrent.futures.wait(futures) def exploit_chain(target, payload="default_backdoor"): # Shadow module: Simulate exploit (real: inject shellcode)