diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..f5050c9 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,30 @@ +name: Bug Report +description: Report a bug in TerminalPressure +title: "[Bug]: " +labels: ["bug"] +body: + - type: dropdown + id: command + attributes: + label: Which command? + options: [scan, stress, exploit, other] + validations: + required: true + - type: textarea + id: description + attributes: + label: Bug Description + validations: + required: true + - type: textarea + id: steps + attributes: + label: Steps to Reproduce + validations: + required: true + - type: textarea + id: env + attributes: + label: Environment (OS, Python version, nmap version) + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..4d04707 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: true +contact_links: + - name: 0AI Support + url: https://github.com/cyberviser/TerminalPressure/blob/main/SUPPORT.md + about: Portfolio support and owner contact for this repository. + - name: Private Security Reporting + url: https://github.com/cyberviser/TerminalPressure/blob/main/SECURITY.md + about: Report vulnerabilities and safety issues privately. \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..e75327f --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,34 @@ +name: CI + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + lint: + name: Lint (Python ${{ matrix.python-version }}) + runs-on: ubuntu-latest + strategy: + matrix: + python-version: ["3.10", "3.11", "3.12"] + + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + cache: pip + + - name: Install dev deps + run: pip install flake8 + + - name: Lint + run: flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=__pycache__ + + - name: Check for unauthorized use warnings + run: | + grep -n "FOR AUTHORIZED" terminal_pressure.py && echo "✓ Auth warning present" || \ + (echo "::warning::Authorization notice missing from source" && exit 0) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml new file mode 100644 index 0000000..ef0ba70 --- /dev/null +++ b/.github/workflows/python-app.yml @@ -0,0 +1,39 @@ +# This workflow will install Python dependencies, run tests and lint with a single version of Python +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python + +name: Python application + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +permissions: + contents: read + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Set up Python 3.10 + uses: actions/setup-python@v5 + with: + python-version: "3.10" + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install flake8 pytest + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + - name: Lint with flake8 + run: | + # stop the build if there are Python syntax errors or undefined names + flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide + flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics + - name: Test with pytest + run: | + pytest diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..262fe22 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* @cyberviser @0ai-Cyberviser \ No newline at end of file diff --git a/FORK_NOTICE.md b/FORK_NOTICE.md new file mode 100644 index 0000000..314422d --- /dev/null +++ b/FORK_NOTICE.md @@ -0,0 +1,22 @@ +# Fork Notice + +This repository is a fork of . + +The upstream project remains owned by its original authors and remains subject +to its original license and attribution terms. + +This fork is operated by Johnny Watters (0ai-Cyberviser) through the GitHub +accounts cyberviser, cyberviser-dotcom, and 0ai-Cyberviser. + +## Scope of claim + +Johnny Watters (0ai-Cyberviser) claims ownership only over any original, +fork-specific modifications, notices, metadata, branding adjustments, and other +new material added in this fork to the extent permitted by law. + +No claim is made here to exclusive ownership of the upstream codebase. + +## Contacts + +- 0ai@cyberviserai.com +- cyberviser@proton.me \ No newline at end of file diff --git a/LICENSE b/LICENSE index e67242d..2de1fb1 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,62 @@ -MIT License +CyberViser Proprietary License +Copyright (c) 2025 CyberViser. All Rights Reserved. + +IMPORTANT — READ CAREFULLY BEFORE USING THIS SOFTWARE. + +By accessing, downloading, cloning, forking, contributing to, or otherwise +using this repository or any part of its contents (the "Software"), you agree +to be bound by the terms of this license. If you do not agree, do not use the +Software. + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +1. OWNERSHIP + + CyberViser retains sole and exclusive ownership of all intellectual property + rights, title, and interest in and to the Software, including all source + code, documentation, and any derivative works. No ownership rights are + transferred to you under this license. + +2. PERMITTED USES (Non-Commercial Only) + + a) View and study the source code for personal or educational purposes only; + b) Run the Software locally for authorized, non-commercial security testing + on systems you own or have explicit written permission to test; + c) Submit contributions assigned irrevocably to CyberViser. + +3. RESTRICTIONS — YOU MAY NOT: + + a) Use the Software for any commercial purpose without a written license; + b) Redistribute, publish, sublicense, sell, or transfer the Software; + c) Build competing products or services using this Software; + d) Remove or alter CyberViser copyright notices or branding; + e) Use the Software against any system without explicit authorization. + +4. AUTHORIZED USE ONLY + + This tool is intended STRICTLY for authorized penetration testing and + security research. Use against systems without written authorization is + illegal and prohibited. CyberViser assumes no liability for unauthorized use. + +5. COMMERCIAL LICENSING + + Contact: contact@cyberviser.ai + +6. NO WARRANTY + + THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. + +7. LIMITATION OF LIABILITY + + CYBERVISER SHALL NOT BE LIABLE FOR ANY DAMAGES ARISING FROM USE OR MISUSE. + +8. TERMINATION + + This license terminates immediately upon breach of any term herein. + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +© 2025 CyberViser. All Rights Reserved. -Copyright (c) 2025 Terminal-Pressure Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md new file mode 100644 index 0000000..7761424 --- /dev/null +++ b/README.md @@ -0,0 +1,64 @@ +# 💥 TerminalPressure — CyberViser Pentest Toolkit + +
+ +![TerminalPressure](https://img.shields.io/badge/CyberViser-TerminalPressure-ff3366?style=for-the-badge&logo=hackthebox&logoColor=white) + +[![License: Proprietary](https://img.shields.io/badge/License-Proprietary-red.svg)](LICENSE) +[![Python](https://img.shields.io/badge/Python-3.10%2B-blue?logo=python)](https://python.org) +[![Part of](https://img.shields.io/badge/Part%20of-Hancock%20Platform-00ff88)](https://github.com/cyberviser/Hancock) + +**Authorized penetration testing toolkit — vulnerability scanning, stress testing, and exploit chain simulation.** + +> ⚠️ **FOR AUTHORIZED USE ONLY.** Use only on systems you own or have explicit written permission to test. Unauthorized use is illegal. + +
+ +--- + +## 🔧 Features + +| Command | Description | +|---------|-------------| +| `scan` | nmap vulnerability scan (ports 1–1024, `-sV --script vuln`) | +| `stress` | Multi-threaded connection stress test (authorized load testing) | +| `exploit` | Exploit chain simulation framework | + +--- + +## ⚡ Quick Start + +```bash +git clone https://github.com/cyberviser/TerminalPressure.git +cd TerminalPressure +pip install -r requirements.txt + +# Vulnerability scan (authorized targets only) +python terminal_pressure.py scan 192.168.1.1 + +# Stress test +python terminal_pressure.py stress 192.168.1.1 --port 80 --threads 50 --duration 60 + +# Exploit chain simulation +python terminal_pressure.py exploit 192.168.1.1 --payload default_backdoor +``` + +> Requires `nmap` installed on your system: `sudo apt install nmap` + +--- + +## 🛡️ Part of the CyberViser Ecosystem + +TerminalPressure is a standalone toolkit that integrates with the **Hancock AI agent** for AI-assisted pentest workflows. + +→ [**Hancock — AI Security Agent**](https://github.com/cyberviser/Hancock) +→ [**CyberViser Platform**](https://cyberviser.github.io/Hancock/) + +--- + +## 📄 License + +**CyberViser Proprietary License** — see [LICENSE](LICENSE). +Commercial use requires a written agreement: contact@cyberviser.ai + +© 2025 CyberViser. All Rights Reserved. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..859a92f --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,19 @@ +# Security Policy + +This repository is a fork operated by Johnny Watters (`0ai-Cyberviser`) as part of the `0AI` company portfolio. Upstream licensing remains in force. + +If you discover a security vulnerability or a safety issue, do not open a public issue first. + +Report privately to: + +- 0ai@cyberviserai.com +- cyberviser@proton.me + +Please include: + +- affected repository +- impact summary +- reproduction details +- any suggested remediation + +If the issue belongs to upstream code or project governance, report upstream as well when appropriate. \ No newline at end of file diff --git a/SUPPORT.md b/SUPPORT.md new file mode 100644 index 0000000..04260b4 --- /dev/null +++ b/SUPPORT.md @@ -0,0 +1,16 @@ +# Support + +This repository is a fork operated by Johnny Watters (`0ai-Cyberviser`) as part of the `0AI` company portfolio. Upstream licensing remains in force. + +For general support or portfolio contact: + +- 0ai@cyberviserai.com +- cyberviser@proton.me + +Public GitHub accounts in this portfolio: + +- `0ai-Cyberviser` +- `cyberviser` +- `cyberviser-dotcom` + +Use the repository issue tracker for public, non-sensitive questions when appropriate. \ No newline at end of file diff --git a/docs/index.html b/docs/index.html new file mode 100644 index 0000000..8ba2468 --- /dev/null +++ b/docs/index.html @@ -0,0 +1,217 @@ + + + + + + TerminalPressure — CyberViser Pentest Toolkit + + + + + + + + + + + + + +
+
⚠ AUTHORIZED USE ONLY — FOR PENTESTERS & RED TEAMS
+

TERMINAL
PRESSURE

+

Authorized penetration testing toolkit — vulnerability scanning, connection stress testing, and exploit chain simulation. Built for red teams by CyberViser.

+
+ ⚡ View on GitHub + Quick Start +
+
+ +
+
+
+
+ terminalpressure — demo +
+
+
$ python terminal_pressure.py scan 192.168.1.1
+
[+] Pressuring target: 192.168.1.1
+
Host: 192.168.1.1
+
Port 22/tcp: open (ssh)
+
Port 80/tcp: open (http)
+
Vuln Script: http-vuln-cve2021-41773 - possible path traversal
+
+
$ python terminal_pressure.py exploit 192.168.1.1 --payload default_backdoor
+
[+] Injecting backdoor sim on 192.168.1.1 - Codex tip: Replace with real rev-shell
+
+
+
+ +
+

// capabilities

+
+
+
🔍
+

Vulnerability Scanner

+

Automated nmap-based scanning across ports 1–1024 with service detection and CVE correlation. Outputs structured reports.

+ scan <target> +
+
+
💥
+

Stress Testing

+

Multi-threaded connection load testing for authorized resilience assessments. Configurable thread count and duration.

+ stress <target> --port 80 +
+
+
⛓️
+

Exploit Chain Sim

+

Simulate multi-stage exploit chains for authorized red team exercises. Documents attack paths without executing payloads.

+ exploit <target> --payload default_backdoor +
+
+
📋
+

Report Generation

+

Auto-generates timestamped plaintext reports after each scan or test run. Ready to drop into your pentest report.

+ output: report_YYYYMMDD.txt +
+
+
🤖
+

Hancock Integration

+

Pair with Hancock AI to get instant triage, CVE analysis, and PICERL playbooks for every finding TerminalPressure uncovers.

+ cyberviser.netlify.app +
+
+
🛡️
+

Proprietary License

+

CyberViser Proprietary License — permitted for authorized research and testing. Commercial use requires a license agreement.

+ cyberviser@proton.me +
+
+
+ +
+ ⚠️ This tool is for authorized security testing only. You must have explicit written permission to test any system. Unauthorized use is illegal under the CFAA and equivalent laws. CyberViser assumes no liability for misuse. +
+ +
+
+

// quick start

+ 
# Clone the repo
+git clone https://github.com/cyberviser/TerminalPressure.git
+cd TerminalPressure
+
+# Install dependencies
+pip install -r requirements.txt
+
+# Run scans (requires nmap installed)
+# Linux: sudo apt install nmap
+# macOS: brew install nmap
+python terminal_pressure.py scan 192.168.1.1
+
+# Stress test
+python terminal_pressure.py stress 192.168.1.1 --port 80 --threads 50 --duration 60
+
+# Exploit simulation
+python terminal_pressure.py exploit 192.168.1.1 --payload default_backdoor
+
+
+ +
+

// part of the cyberviser platform

+

TerminalPressure handles the exploitation. Hancock handles the analysis — triage findings, generate CVE reports, write executive summaries, and build IR playbooks using AI.

+ Explore Hancock AI → +
+ + + + + diff --git a/requirements.txt b/requirements.txt index 761b2c3..3cb84f3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,3 @@ -python-nmap -scapy +python-nmap>=0.7.1 +scapy>=2.5.0 +requests>=2.32.0 diff --git a/terminal_pressure.py b/terminal_pressure.py index b064653..bd46de2 100644 --- a/terminal_pressure.py +++ b/terminal_pressure.py @@ -1,14 +1,34 @@ #!/usr/bin/env python3 +# Copyright (c) 2025 CyberViser. All Rights Reserved. +# Licensed under the CyberViser Proprietary License — see LICENSE for details. +# FOR AUTHORIZED SECURITY TESTING ONLY. Unauthorized use is illegal and prohibited. import argparse -import nmap # Requires pip install python-nmap (user installs) +import concurrent.futures +import importlib +import logging import socket -import requests -from scapy.all import * # For packet crafting; pip install scapy -import random -import threading import time +def _load_optional_dependency(module_name, package_name): + """Import command-specific dependencies only when the command is used.""" + try: + return importlib.import_module(module_name) + except ImportError as exc: + raise SystemExit( + f"Missing optional dependency '{package_name}'. " + f"Install it with `pip install {package_name}`." + ) from exc + + +def positive_int(value): + value = int(value) + if value <= 0: + raise argparse.ArgumentTypeError("must be a positive integer") + return value + + def scan_vulns(target): + nmap = _load_optional_dependency("nmap", "python-nmap") scanner = nmap.PortScanner() print(f"[+] Pressuring target: {target}") scanner.scan(target, '1-1024', '-sV --script vuln') @@ -29,54 +49,57 @@ def flood(): end_time = time.time() + duration while time.time() < end_time: try: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.connect((target, port)) - s.send(b"GET / HTTP/1.1\r\nHost: " + target.encode() + b"\r\n\r\n") - s.close() - except: - pass + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((target, port)) + s.send(b"GET / HTTP/1.1\r\nHost: " + target.encode() + b"\r\n\r\n") + except (socket.error, OSError) as e: + logging.debug("Connection error: %s", e) print(f"[+] Applying pressure to {target}:{port} with {threads} threads for {duration}s") - for _ in range(threads): - t = threading.Thread(target=flood) - t.start() + max_workers = min(threads, 100) + with concurrent.futures.ThreadPoolExecutor(max_workers=max_workers) as executor: + futures = [executor.submit(flood) for _ in range(threads)] + concurrent.futures.wait(futures) def exploit_chain(target, payload="default_backdoor"): # Shadow module: Simulate exploit (real: inject shellcode) if payload == "default_backdoor": print(f"[+] Injecting backdoor sim on {target} - Codex tip: Replace with real rev-shell") # Placeholder: In prod, use metasploit embeds or custom C2 - pkt = IP(dst=target)/TCP(dport=4444, flags="S")/Raw(load="CHAOS_AWAKEN") - send(pkt, verbose=0) + scapy = _load_optional_dependency("scapy.all", "scapy") + pkt = scapy.IP(dst=target) / scapy.TCP(dport=4444, flags="S") / scapy.Raw(load=b"CHAOS_AWAKEN") + scapy.send(pkt, verbose=0) else: print(f"[+] Custom exploit chain: {payload}") -def main(): +def build_parser(): parser = argparse.ArgumentParser(description="Terminal Pressure: Cyber Tool for Pressure Testing") - subparsers = parser.add_subparsers(dest='command') + subparsers = parser.add_subparsers(dest='command', required=True) scan_parser = subparsers.add_parser('scan', help='Scan for vulnerabilities') scan_parser.add_argument('target', type=str, help='Target IP/hostname') stress_parser = subparsers.add_parser('stress', help='Stress test (DDoS sim)') stress_parser.add_argument('target', type=str, help='Target IP/hostname') - stress_parser.add_argument('--port', type=int, default=80, help='Port') - stress_parser.add_argument('--threads', type=int, default=50, help='Threads') - stress_parser.add_argument('--duration', type=int, default=60, help='Duration in seconds') + stress_parser.add_argument('--port', type=positive_int, default=80, help='Port') + stress_parser.add_argument('--threads', type=positive_int, default=50, help='Threads') + stress_parser.add_argument('--duration', type=positive_int, default=60, help='Duration in seconds') exploit_parser = subparsers.add_parser('exploit', help='Exploit chain (advanced)') exploit_parser.add_argument('target', type=str, help='Target IP/hostname') exploit_parser.add_argument('--payload', type=str, default='default_backdoor', help='Payload type') + return parser - args = parser.parse_args() +def main(argv=None): + parser = build_parser() + args = parser.parse_args(argv) if args.command == 'scan': scan_vulns(args.target) elif args.command == 'stress': stress_test(args.target, args.port, args.threads, args.duration) - elif args.command == 'exploit': - exploit_chain(args.target, args.payload) else: - parser.print_help() + exploit_chain(args.target, args.payload) + return 0 if __name__ == "__main__": - main() + raise SystemExit(main()) diff --git a/tests/test_terminal_pressure.py b/tests/test_terminal_pressure.py new file mode 100644 index 0000000..df998c5 --- /dev/null +++ b/tests/test_terminal_pressure.py @@ -0,0 +1,38 @@ +import unittest +from unittest.mock import patch + +import terminal_pressure + + +class TerminalPressureCliTests(unittest.TestCase): + def test_stress_command_does_not_import_optional_modules(self): + with patch("terminal_pressure._load_optional_dependency", side_effect=AssertionError("unexpected import")), \ + patch("terminal_pressure.stress_test") as stress_test: + result = terminal_pressure.main( + ["stress", "127.0.0.1", "--port", "8080", "--threads", "2", "--duration", "1"] + ) + + self.assertEqual(result, 0) + stress_test.assert_called_once_with("127.0.0.1", 8080, 2, 1) + + def test_scan_reports_missing_python_nmap_dependency(self): + with patch("terminal_pressure.importlib.import_module", side_effect=ImportError("missing")): + with self.assertRaises(SystemExit) as exc: + terminal_pressure.scan_vulns("127.0.0.1") + + self.assertIn("python-nmap", str(exc.exception)) + + def test_exploit_reports_missing_scapy_dependency(self): + with patch("terminal_pressure.importlib.import_module", side_effect=ImportError("missing")): + with self.assertRaises(SystemExit) as exc: + terminal_pressure.exploit_chain("127.0.0.1") + + self.assertIn("scapy", str(exc.exception)) + + def test_positive_int_parser_rejects_zero(self): + with self.assertRaises(SystemExit): + terminal_pressure.main(["stress", "127.0.0.1", "--threads", "0"]) + + +if __name__ == "__main__": + unittest.main()