Metadata-Version: 2.4
Name: nobody-pentest-ultra
Version: 1.0.2
Summary: 150+ security tools MCP server with AI-powered analysis for Claude Code, GPT, Copilot, etc.
Project-URL: Homepage, https://nobody0x.com/pentest-docs
Project-URL: Documentation, https://nobody0x.com/pentest-docs
Author-email: Nobody AI <admin@nobody0x.com>
License: MIT
Keywords: ai,claude,cybersecurity,exploit,hacking,mcp,pentest,security,vulnerability
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Requires-Python: >=3.10
Requires-Dist: httpx>=0.25.0
Requires-Dist: mcp>=1.0.0
Description-Content-Type: text/markdown

# Nobody Pentest Ultra MCP Server

**150+ security tools** with AI-powered analysis via Nobody AI backend.

MCP server yang menghubungkan Claude Code, GPT, Copilot, atau MCP-compatible agent dengan 150+ tools keamanan.

## Features

### 150+ Security Tools

| Category | Tools | Count |
|----------|-------|-------|
| Network Recon | nmap, masscan, rustscan, amass, subfinder, fierce, dnsenum, autorecon, theharvester, arp-scan, enum4linux, smbmap, netexec, responder | 14+ |
| Web App | gobuster, feroxbuster, ffuf, dirsearch, httpx, katana, nuclei, nikto, sqlmap, wpscan, dalfox, wafw00f, wfuzz, commix, nosqlmap, tplmap, testssl, sslscan, sslyze, whatweb, jwt_tool, paramspider, arjun, x8, hakrawler, gau, waybackurls | 27+ |
| Auth/Brute | hydra, john, hashcat, medusa, evil-winrm, hashid | 6+ |
| Binary/RE | ghidra, radare2, gdb, binwalk, checksec, strings, objdump, volatility, foremost, steghide, exiftool, msfvenom, ROPgadget, one_gadget, upx, pwntools | 16+ |
| Cloud | prowler, trivy, kube-hunter, kube-bench, docker-bench, scout-suite, cloudmapper, checkov, falco | 9+ |
| CTF/Forensics | volatility3, stegsolve, zsteg, outguess, bulk-extractor, scalpel, autopsy | 7+ |
| OSINT | sherlock, recon-ng, spiderfoot, shodan, censys, social-analyzer, trufflehog | 7+ |

### AI-Powered Analysis

- **Tool Selection**: AI selects the best tool for each task
- **Parameter Optimization**: AI optimizes tool parameters
- **Attack Chain Discovery**: AI finds attack paths
- **Report Generation**: AI creates professional pentest reports

### Smart Features

- **Auto-detect**: Detects if tools are installed
- **Graceful Fallback**: Suggests installation for missing tools
- **Caching**: Smart result caching
- **Timeout**: Configurable timeouts

## Quick Setup

### Install

```bash
pip install nobody-pentest-ultra
```

### Add to Claude Code

```bash
# First, find where nobody-pentest-ultra is installed
python -c "import nobody_pentest_ultra.server; print(nobody_pentest_ultra.server.__file__)"
# Output: C:\...\Lib\site-packages\nobody_pentest_ultra\server.py

# Then add to Claude Code using the full path
claude mcp add nobody-pentest-ultra -- python "C:\...\Lib\site-packages\nobody_pentest_ultra\server.py"

# With API key (external endpoints)
claude mcp add nobody-pentest-ultra -e NOBODY_API_KEY=sk-nobody-xxx -- python "C:\...\Lib\site-packages\nobody_pentest_ultra\server.py"
```

> **Note:** Claude Code does not support `python -m` syntax. Use full path to server.py instead.

### Restart Claude Code

```
> Scan example.com for all vulnerabilities
> Perform full web app security test on target.com
> Enumerate subdomains for company.com
```

## Usage Examples

### Network Scanning

```
> Scan 192.168.1.1 for open ports and services
> Run masscan on 10.0.0.0/24
> Enumerate subdomains for example.com
```

### Web Application Testing

```
> Test example.com for SQL injection
> Enumerate directories on target.com
> Scan for XSS vulnerabilities
> Check SSL/TLS configuration
```

### Complete Pentest

```
> Perform full penetration test on example.com
> Run all security checks on target.com
```

## Tool Installation

Tools are not bundled with this package. Install them as needed:

```bash
# Network
apt install nmap masscan
go install github.com/owasp-amass/amass/v4/...@master
go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

# Web
apt install nikto
go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
pip install sqlmap

# Binary
apt install radare2 gdb binwalk

# Cloud
pip install prowler
go install github.com/aquasecurity/trivy/cmd/trivy@latest

# OSINT
pip install sherlock-cli
```

## Environment Variables

| Variable | Default | Description |
|----------|---------|-------------|
| `NOBODY_API_KEY` | (none) | API key for AI analysis (optional for Nobody endpoint) |
| `NOBODY_API_URL` | `https://v2.nobody0x.com/v1/messages` | AI backend URL |
| `NOBODY_MODEL` | `nobody-pentest` | AI model name |
| `SCAN_TIMEOUT` | `300` | Max scan time in seconds |
| `HTTP_TIMEOUT` | `30` | HTTP request timeout |

## License

MIT License
