Name: nebula
Author: berylliumsec

Primary Use Case

Nebula is designed for cybersecurity professionals, ethical hackers, and developers to streamline penetration testing by integrating advanced AI models directly into the CLI. It automates vulnerability assessments, provides real-time insights, and supports seamless integration with existing security tools to improve efficiency and accuracy during engagements.

Key Features

AI-powered internet search via agents for real-time cybersecurity context

AI-assisted automatic note-taking and categorization of security findings

Real-time AI-driven suggestions for discovering and exploiting vulnerabilities

Integration with multiple open-source AI models including OpenAI, Meta Llama, Mistral, and DeepSeek

Deep Application Profiler (DAP) for zero-day malware detection using neural networks

Support for both local CPU/GPU inference via Ollama and cloud-based OpenAI API models

Seamless import of external tool data for enhanced AI-powered analysis

Docker support for containerized deployment

Insights & Recommendations

Nebula requires substantial system resources (minimum 16GB RAM) for local AI model inference and Python 3.11+. Users should install Ollama for local model usage or set up OpenAI API keys for cloud models. Docker usage requires allowing local X server connections (xhost +local:docker). The tool supports multiple AI models and seamless integration with CLI-based security tools, enhancing automation and real-time analysis during penetration testing engagements.

Installation

Ensure system has at least 16GB RAM and Python 3.11 or higher
Install Ollama for local model inference (optional, supports GPU)
Run command: python -m pip install nebula-ai --upgrade
Download preferred AI models using Ollama (e.g., ollama pull mistral)
Set OpenAI API key in environment variable for OpenAI model usage (export OpenAI_API_KEY="your_key")

Usage

nebula

Launches the Nebula AI-powered penetration testing CLI interface

ollama pull mistral

Downloads the Mistral AI model for local inference via Ollama

export OpenAI_API_KEY="sk-blah-blaj"

Sets the OpenAI API key environment variable for using OpenAI models

docker run --rm -it -e DISPLAY=$DISPLAY -v /home/YOUR_HOST_NAME/.local/share/nebula/logs:/root/.local/share/nebula/logs -v YOUR_ENGAGEMENT_FOLDER_ON_HOST_MACHINE:/engagements -v /tmp/.X11-unix:/tmp/.X11-unix berylliumsec/nebula:latest

Runs Nebula inside a Docker container with GUI support and volume mounts for logs and engagements

! write a python script to scan the ports of a remote system

Example input to interact with the AI model to generate a port scanning script; '!' prefix invokes AI mode

Smart Usage Notes

Can be chained with Metasploit or other exploitation frameworks for automated vulnerability exploitation workflows.Ideal for purple team exercises to simulate attacker behaviors and improve detection capabilities.Supports integration into CI/CD pipelines for continuous automated security assessments.Leverages AI to reduce manual effort in reconnaissance and note-taking, improving penetration testing efficiency.Deep Application Profiler (DAP) enables detection of zero-day malware, enhancing threat hunting and incident response.

OpenSec Atlas

nebula

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like