Metadata-Version: 2.4
Name: nexus-fleet
Version: 1.0.5
Summary: Nexus Fleet — agent/manager/cli/dashboard keamanan endpoint (ala-Wazuh, ringan, stdlib-only)
Author: chandafa (Nexus Security)
License: Proprietary
Project-URL: Homepage, https://github.com/chandafa/cyber-nexus-
Project-URL: Issues, https://github.com/chandafa/cyber-nexus-/issues
Keywords: security,soc,edr,agent,manager,monitoring,wazuh,fleet
Classifier: Programming Language :: Python :: 3
Classifier: License :: Other/Proprietary License
Classifier: Operating System :: OS Independent
Classifier: Topic :: Security
Classifier: Environment :: Console
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Dynamic: license-file

<div align="center">

# Nexus Fleet

**Lightweight, developer-first security platform for endpoints, servers, and web apps.**
Agent · Manager · CLI · Dashboard — a Wazuh-style architecture you can `pip install`.

[![PyPI](https://img.shields.io/pypi/v/nexus-fleet?logo=pypi&logoColor=white)](https://pypi.org/project/nexus-fleet/)
[![npm](https://img.shields.io/npm/v/nexus-fleet?logo=npm)](https://www.npmjs.com/package/nexus-fleet)
[![Python](https://img.shields.io/pypi/pyversions/nexus-fleet)](https://pypi.org/project/nexus-fleet/)
[![License](https://img.shields.io/badge/license-Proprietary-blue.svg)](./LICENSE)
[![Platform](https://img.shields.io/badge/platform-Windows%20%7C%20macOS%20%7C%20Linux-informational)]()
[![Dependencies](https://img.shields.io/badge/dependencies-stdlib%20only-success)]()

</div>

---

## Overview

**Nexus Fleet** lets a central **Manager** monitor many endpoints through a lightweight **Agent**,
generating prioritized, MITRE ATT&CK–mapped alerts — while your security data **stays inside your
own network** (offline-first). It pairs the proven Wazuh model (FIM, log monitoring, SCA,
vulnerability detection, active response) with **developer-first** detections for modern web stacks
(Laravel, Next.js, Nginx) that traditional SIEMs miss.

The agent is **pure-Python (stdlib only)** — deploy it on any host with Python 3.8+, no heavy runtime.

## Why Nexus Fleet

- **Offline-first** — telemetry never leaves your LAN; ideal for compliance and on-prem.
- **Developer-aware** — detects Laravel `APP_DEBUG`, exposed `.env`, weak DB creds, leaked
  `NEXT_PUBLIC_*` secrets, source-map exposure, and parses Laravel/Nginx/auth logs.
- **Lightweight & simple** — single-command install; no cluster, indexer, or agent runtime to manage.
- **Actionable** — every alert carries a severity level (0–15), MITRE technique, and a remediation step.
- **Founder-friendly** — a 0–100 **security posture score** for network, server, and website.

## Features

| Domain | Capabilities |
| --- | --- |
| **Network** | Port/exposure detection, host discovery, DNS recon, firewall advisor |
| **Server / Endpoint** | File Integrity Monitoring (FIM), Security Configuration Assessment (SCA), software & process & network inventory, failed-login & disk monitoring |
| **Web / App** | Laravel & Next.js config audit, `.env` exposure, secret leakage, source-map checks |
| **Detection** | Rule engine (level 0–15 + MITRE ATT&CK), **Sigma import**, log decoders, **Vulnerability Detection** (inventory ↔ CVE) |
| **Response** | Alert engine with deduplication, ack/resolve, **Active Response** (block IP, dry-run by default), audit log |
| **Operations** | Multi-agent management, central policy, store-and-forward offline buffering, consistent reports, posture score |

## Architecture

```
        ┌──────────────────────┐         ┌──────────────────────┐
        │   nexus-dashboard    │         │      nexus-cli       │
        │  (web monitoring UI) │         │  (admin & SOC menu)  │
        └──────────┬───────────┘         └──────────┬───────────┘
                   │  REST API (admin token)         │
                   ▼                                 ▼
        ┌─────────────────────────────────────────────────────────┐
        │                     nexus-manager                        │
        │  enrollment · rule & alert engine · vuln detection ·     │
        │  policy · licensing · audit · reports   →  SQLite        │
        └──────────────────────────┬──────────────────────────────┘
                 HTTP + HMAC-SHA256 │  (heartbeat · events · policy)
        ┌──────────────────────────┴──────────────────────────────┐
        │                      nexus-agent                         │
        │  FIM · Log Monitoring · SCA · Syscollector · Web Audit · │
        │  Active Response · offline store-and-forward queue       │
        └──────────────────────────────────────────────────────────┘
```

## Installation

**With pip** (recommended):

```bash
pip install nexus-fleet
```

**With npm** (Node wrapper around the Python engine):

```bash
npm install -g nexus-fleet
```

Both install five commands: `nexus-manager`, `nexus-agent`, `nexus-cli`, `nexus-dashboard`,
`nexus-license`. Requires **Python 3.8+** on the host.

## Quick Start

```bash
# 1. Central server (also serves the dashboard at http://<host>:8765/)
nexus-manager run --host 0.0.0.0 --port 8765
nexus-manager info                       # prints enrollment key + admin token

# 2. On each endpoint
nexus-agent enroll --host <manager> --port 8765 --key <ENROLL_KEY> --labels prod,web
nexus-agent start                        # runs as a daemon (see deploy/ for service files)

# 3. Administration
nexus-cli                                # interactive SOC console (network & web menus)
nexus-cli --token <ADMIN_TOKEN> alerts   # list alerts (rule engine + MITRE)
nexus-cli --token <ADMIN_TOKEN> report   # consistent report (schema nexus.report/v1)
```

Run as a boot-time service using the units in [`deploy/`](./deploy) (systemd / Windows Task Scheduler).

## Editions

| | **Free** | **Pro** | **Enterprise** |
| --- | --- | --- | --- |
| Agents | 2 | seat-based | Unlimited |
| Detection rules | Core | Full (FIM, web audit, SCA, vuln) | Full |
| Sigma import · Active Response | — | ✓ | ✓ |
| Web/app audit · Reports · Posture score | Limited | ✓ | ✓ |

Licensing is enforced by Ed25519-signed tokens (`nexus-license`). Without a license, the Manager
runs in **Free** mode. Contact the vendor for Pro/Enterprise licensing.

## Security Model

- **Transport:** HMAC-SHA256 per-agent message signing; enrollment key + admin token.
- **Privacy:** offline-first — scan/telemetry data is stored locally; nothing is sent to the internet.
- **Authorized use only:** for ethical, authorized security testing on systems you own or are
  permitted to assess.

## Documentation

- Product brief & pricing — `docs/PRODUCT-BRIEF.md`
- IP & licensing — `docs/IP-PROTECTION.md`
- Validation: `python tests/test_fleet.py`, `pwsh validate.ps1`, `pwsh validate_agent.ps1`

## License

© 2026 chandafa (Nexus Security). **Proprietary** — see [`LICENSE`](./LICENSE).
Not open source; redistribution and resale are prohibited without written permission.
