myaidev-method 0.2.18 → 0.2.22

package/src/templates/claude/commands/sc:security-setup.md

@@ -0,0 +1,501 @@
+---
+name: security-setup
+description: Setup and configure security testing environment with tools and authorization
+version: 1.0.0
+category: security
+---
+
+# Security Testing Environment Setup
+
+Initialize security testing environment with proper tools, configuration, and authorization validation.
+
+## Pre-Execution Checklist
+
+**CRITICAL**: Before running ANY security setup, you MUST:
+
+1. ✅ Have **written authorization** from target system owners
+2. ✅ Create `.security-authorization.json` manifest in project root
+3. ✅ Verify engagement dates are valid
+4. ✅ Confirm scope boundaries
+5. ✅ Understand rules of engagement
+
+**⚠️ Unauthorized security testing is ILLEGAL and may violate:**
+- Computer Fraud and Abuse Act (CFAA) - USA
+- Computer Misuse Act - UK
+- Similar laws in your jurisdiction
+
+## Setup Workflow
+
+When user requests security environment setup, execute these phases:
+
+### Phase 1: Authorization Validation
+
+**Objective**: Verify authorization exists before proceeding
+
+```javascript
+// Check for authorization manifest
+const authChecker = require('./src/libs/security/authorization-checker.js');
+
+try {
+  // Load and validate authorization
+  await authChecker.checkAuthorization('setup', authChecker.AuthLevel.PASSIVE);
+
+  const summary = authChecker.getChecker().getSummary();
+  console.log('Authorization Valid:', summary);
+
+} catch (error) {
+  console.error('AUTHORIZATION REQUIRED:', error.message);
+
+  // Offer to create sample manifest
+  console.log('\nCreate sample authorization manifest? (y/n)');
+  // If yes, create sample
+  await authChecker.createSampleManifest('.security-authorization.json');
+
+  process.exit(1);
+}
+```
+
+**Expected Output**:
+```
+✅ Authorization Valid
+Engagement: ENG-2025-001
+Client: Acme Corporation
+Level: exploitation
+Scope: 3 targets
+Days Remaining: 25
+```
+
+**If No Authorization**:
+```
+❌ AUTHORIZATION REQUIRED
+
+Authorization manifest not found at .security-authorization.json
+
+CRITICAL: Security testing requires explicit authorization.
+Create .security-authorization.json with proper authorization details.
+
+Example:
+{
+  "engagement_id": "ENG-2025-001",
+  "client": "Client Name",
+  "authorized_by": "John Smith",
+  "authorization_level": "exploitation",
+  "scope": [...],
+  "start_date": "2025-11-25",
+  "end_date": "2025-12-25"
+}
+
+Would you like to create a sample manifest? (y/n)
+```
+
+### Phase 2: Environment Detection
+
+**Objective**: Detect current execution environment and recommend setup approach
+
+```bash
+# Run environment detection
+node src/scripts/security/environment-detect.js
+```
+
+**Activate security-setup agent** to analyze environment:
+
+```
+You are now in security-setup mode.
+
+Detect the current environment:
+1. Check if Kali Linux
+2. Check if Docker container
+3. Check if native Linux (Ubuntu, Debian, etc.)
+4. Identify package manager
+5. Check for existing security tools
+
+Report findings and recommend setup approach:
+- Native installation (if VPS/dedicated)
+- Kali Docker container (if isolation needed)
+- Hybrid approach (use existing tools + Docker for specific needs)
+```
+
+**Expected Output**:
+```
+🔍 Environment Detection Results
+
+OS: Ubuntu 22.04 LTS
+Type: Native Linux (not containerized)
+Package Manager: apt
+Docker: Available (version 24.0.5)
+Existing Tools: nmap, netcat (2/50 required tools found)
+
+📋 Recommended Setup: Kali Docker Container
+Reason: Provides complete tool suite in isolated environment
+
+Alternative: Native installation (requires ~2GB downloads, 45min setup)
+
+Proceed with Docker setup? (y/n)
+```
+
+### Phase 3: Tool Installation
+
+**Option A: Kali Docker Container Setup**
+
+```bash
+# Run Kali Docker setup script
+node src/scripts/security/kali-docker-setup.js
+```
+
+**Expected Process**:
+```
+🐳 Setting up Kali Linux Docker Container
+
+[1/6] Checking Docker availability... ✅
+[2/6] Pulling kalilinux/kali-rolling image... ⏳
+  ↓ Downloading: 1.2GB / 2.8GB (42%)
+[3/6] Creating persistent volume (kali-security-data)... ✅
+[4/6] Starting Kali container (kali-security)... ✅
+[5/6] Installing kali-linux-default package... ⏳
+  ↓ Installing: 156 packages
+[6/6] Verifying tool installations... ✅
+
+✅ Kali Docker Container Ready
+
+Container: kali-security
+Access: docker exec -it kali-security /bin/bash
+Volume: kali-security-data (persistent storage)
+Tools: 50+ security tools installed
+
+Quick Test:
+docker exec kali-security nmap --version
+```
+
+**Option B: Native Installation**
+
+```bash
+# Run native tool setup
+node src/scripts/security/setup-tools.js
+```
+
+**Expected Process**:
+```
+🔧 Installing Security Tools (Native)
+
+Updating package lists... ✅
+
+[Network Tools]
+  ✅ nmap (7.94)
+  ✅ masscan (1.3.2)
+  ✅ netcat-traditional
+
+[Web Application Tools]
+  ✅ sqlmap (1.7.11)
+  ✅ nikto (2.5.0)
+  ✅ zaproxy (2.14.0)
+  ⏳ wpscan (installing via gem...)
+
+[Exploitation Tools]
+  ⏳ metasploit-framework (downloading installer...)
+  ✅ exploitdb
+
+[Password Tools]
+  ✅ john (1.9.0-jumbo-1)
+  ✅ hashcat (6.2.6)
+  ✅ hydra (9.5)
+
+Installation Progress: 35/50 tools (70%)
+Estimated time remaining: 15 minutes
+```
+
+### Phase 4: Tool Verification
+
+**Objective**: Verify all required tools are installed and functional
+
+```bash
+# Run verification script
+node src/scripts/security/verify-tools.js
+```
+
+**Expected Output**:
+```
+🔍 Security Tools Verification Report
+
+[Network Scanning]
+  ✅ nmap - 7.94
+  ✅ masscan - 1.3.2
+  ✅ netcat - 1.218
+
+[Web Application Testing]
+  ✅ sqlmap - 1.7.11
+  ✅ nikto - 2.5.0
+  ✅ wpscan - 3.8.24
+  ✅ zaproxy - 2.14.0
+
+[Exploitation]
+  ✅ msfconsole - 6.3.40
+  ✅ searchsploit - 2023.10.26
+
+[Password Attacks]
+  ✅ john - 1.9.0-jumbo-1
+  ✅ hashcat - 6.2.6
+  ✅ hydra - 9.5
+
+[Wireless]
+  ✅ aircrack-ng - 1.7
+  ✅ reaver - 1.6.6
+
+[Forensics]
+  ✅ wireshark - 4.0.11
+  ✅ tcpdump - 4.99.4
+
+[OSINT]
+  ✅ theHarvester - 4.5.1
+  ✅ recon-ng - 5.1.2
+  ✅ shodan - 1.30.1
+
+Summary: 47/50 tools installed (94%)
+Missing: 3 optional tools
+Status: READY FOR SECURITY TESTING ✅
+```
+
+### Phase 5: Configuration
+
+**Objective**: Configure essential tools and test connectivity
+
+**Metasploit Database Setup**:
+```bash
+# Initialize Metasploit database
+docker exec kali-security msfdb init
+# OR for native:
+# sudo msfdb init
+
+# Verify database connection
+docker exec kali-security msfconsole -q -x "db_status; exit"
+```
+
+**Expected Output**:
+```
+[*] Connected to msf database
+```
+
+**Burp Suite Configuration**:
+```bash
+# Create Burp directory
+mkdir -p ~/.BurpSuite
+
+# Note: Burp Suite listens on 127.0.0.1:8080 by default
+# Configure browser proxy settings to use Burp
+```
+
+**Test Basic Connectivity**:
+```bash
+# Test with safe target (your own server or test environment)
+docker exec kali-security nmap -sn 127.0.0.1
+
+# Verify tools can execute
+docker exec kali-security which nmap sqlmap nikto
+```
+
+### Phase 6: Authorization Manifest Review
+
+**Objective**: Final review of authorization before operations
+
+```javascript
+// Display authorization summary
+const authChecker = require('./src/libs/security/authorization-checker.js');
+const manifest = authChecker.getChecker().getManifest();
+
+console.log('\n📋 Authorization Summary\n');
+console.log('Engagement ID:', manifest.engagement_id);
+console.log('Client:', manifest.client);
+console.log('Authorized By:', manifest.authorized_by);
+console.log('Authorization Level:', manifest.authorization_level);
+console.log('');
+console.log('Authorized Scope:');
+manifest.scope.forEach(item => {
+  console.log(`  - ${item.type}: ${item.target}`);
+  if (item.description) {
+    console.log(`    ${item.description}`);
+  }
+});
+console.log('');
+console.log('Out of Scope:');
+if (manifest.out_of_scope) {
+  manifest.out_of_scope.forEach(item => {
+    console.log(`  - ${item}`);
+  });
+}
+console.log('');
+console.log('Engagement Period:', manifest.start_date, 'to', manifest.end_date);
+console.log('Days Remaining:', authChecker.getChecker().getDaysRemaining());
+console.log('');
+console.log('Rules of Engagement:');
+if (manifest.rules_of_engagement) {
+  Object.entries(manifest.rules_of_engagement).forEach(([key, value]) => {
+    console.log(`  - ${key}: ${value}`);
+  });
+}
+```
+
+**Expected Output**:
+```
+📋 Authorization Summary
+
+Engagement ID: ENG-2025-001
+Client: Acme Corporation
+Authorized By: John Smith (CTO)
+Authorization Level: exploitation
+
+Authorized Scope:
+  - domain: *.acme.com
+    All subdomains of acme.com
+  - ip_range: 192.168.1.0/24
+    Internal network range
+  - url: https://app.acme.com
+    Web application
+
+Out of Scope:
+  - production-db.acme.com
+  - backup.acme.com
+
+Engagement Period: 2025-11-25 to 2025-12-25
+Days Remaining: 25
+
+Rules of Engagement:
+  - testing_hours: 24/7
+  - exploit_depth: full_exploitation_allowed
+  - data_exfiltration: proof_of_concept_only
+  - service_disruption: not_allowed
+  - social_engineering: email_only
+  - physical_security: not_authorized
+```
+
+## Setup Complete Checklist
+
+Before proceeding to security testing, verify:
+
+- ✅ Authorization manifest validated
+- ✅ Environment detected and configured
+- ✅ Security tools installed and verified
+- ✅ Tool configurations completed
+- ✅ Test connectivity confirmed
+- ✅ Scope boundaries understood
+- ✅ Rules of engagement reviewed
+- ✅ Emergency contacts documented
+- ✅ Reporting procedures established
+
+## Next Steps
+
+Setup is complete. You can now proceed with:
+
+1. **Reconnaissance**: `/sc:security-recon` - OSINT and passive intelligence gathering
+2. **Network Scanning**: `/sc:security-scan` - Active network enumeration
+3. **Exploitation**: `/sc:security-exploit` - Vulnerability exploitation
+4. **Web Application Testing**: `/sc:security-webapp` - OWASP Top 10 testing
+5. **Security Audit**: `/sc:security-audit` - Compliance and hardening assessment
+
+## Troubleshooting
+
+**Issue**: Docker container won't start
+```bash
+# Solution: Check Docker service
+sudo systemctl status docker
+sudo systemctl start docker
+
+# Verify Docker is running
+docker ps
+```
+
+**Issue**: Tools not found in PATH
+```bash
+# Solution: Update PATH or use absolute paths
+export PATH=$PATH:/usr/local/bin:/opt/tools/bin
+
+# Verify tool location
+which nmap
+```
+
+**Issue**: Permission denied errors
+```bash
+# Solution: Add user to required groups
+sudo usermod -aG docker,wireshark $USER
+
+# Log out and back in for changes to take effect
+```
+
+**Issue**: Authorization manifest validation fails
+```javascript
+// Solution: Check manifest structure
+const manifest = require('./.security-authorization.json');
+console.log(JSON.stringify(manifest, null, 2));
+
+// Ensure all required fields are present
+// Verify dates are in correct format (YYYY-MM-DD)
+// Check authorization_level is valid value
+```
+
+## Security Considerations
+
+**Environment Isolation**:
+- Use Docker containers for isolation
+- Separate security testing network from production
+- Use VPN for remote testing
+- Implement network segmentation
+
+**Data Protection**:
+- Encrypt authorization manifests with sensitive data
+- Secure engagement logs
+- Use secure channels for reporting
+- Follow data retention policies
+
+**Operational Security**:
+- Use dedicated testing infrastructure
+- Avoid mixing personal and professional testing
+- Rotate credentials regularly
+- Monitor for unauthorized access
+
+## Usage Examples
+
+**Basic Setup (Recommended)**:
+```
+User: "Setup security testing environment"
+
+Response:
+1. Check for authorization manifest
+2. Detect environment (e.g., Ubuntu 22.04)
+3. Recommend Kali Docker container
+4. Pull and configure Kali image
+5. Install all security tools
+6. Verify installations
+7. Display authorization summary
+8. Confirm ready for testing
+```
+
+**Quick Setup (Existing Kali)**:
+```
+User: "I'm already on Kali Linux, just verify tools"
+
+Response:
+1. Detect Kali Linux environment
+2. Run tool verification script
+3. Report installed tools
+4. Check authorization manifest
+5. Display engagement summary
+6. Confirm ready for testing
+```
+
+**Authorization Creation**:
+```
+User: "Create authorization manifest for testing acme.com"
+
+Response:
+1. Create sample .security-authorization.json
+2. Pre-fill with acme.com scope
+3. Guide user through required fields
+4. Validate completed manifest
+5. Save to project root
+6. Confirm authorization ready
+```
+
+---
+
+**Agent**: security-setup
+**Dependencies**: authorization-checker.js, environment-detect.js, setup-tools.js
+**Version**: 1.0.0
+**Last Updated**: 2025-11-25

package/src/templates/claude/mcp_config.json

@@ -19,6 +19,50 @@
         "wp_create_category",
         "wp_create_tag"
       ]
+    },
+    "openstack": {
+      "command": "node",
+      "args": ["../../mcp/openstack-server.js"],
+      "env": {
+        "OS_AUTH_URL": "${OS_AUTH_URL}",
+        "OS_USERNAME": "${OS_USERNAME}",
+        "OS_PASSWORD": "${OS_PASSWORD}",
+        "OS_PROJECT_ID": "${OS_PROJECT_ID}",
+        "OS_USER_DOMAIN_ID": "${OS_USER_DOMAIN_ID}",
+        "OS_PROJECT_DOMAIN_ID": "${OS_PROJECT_DOMAIN_ID}",
+        "OS_REGION_NAME": "${OS_REGION_NAME}",
+        "OS_IDENTITY_API_VERSION": "3",
+        "CLOUD_INIT": "${CLOUD_INIT}"
+      },
+      "autoStart": false,
+      "description": "OpenStack MCP server for VM management and cloud orchestration",
+      "tools": [
+        "os_health_check",
+        "os_session_create",
+        "os_cloud_init_info",
+        "os_cloud_init_fetch",
+        "os_image_list",
+        "os_flavor_list",
+        "os_network_list",
+        "os_security_group_list",
+        "os_keypair_list",
+        "os_keypair_create",
+        "os_server_list",
+        "os_server_create",
+        "os_server_show",
+        "os_server_delete",
+        "os_server_start",
+        "os_server_stop",
+        "os_server_reboot",
+        "os_server_console",
+        "os_floating_ip_create",
+        "os_floating_ip_list",
+        "os_server_add_floating_ip",
+        "os_volume_list",
+        "os_volume_create",
+        "os_server_add_volume",
+        "os_operation_history"
+      ]
     }
   },
   "configuration": {