sonobat 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +161 -0
  2. package/dist/index.d.ts +2 -0
  3. package/dist/index.js +2546 -0
  4. package/dist/index.js.map +1 -0
  5. package/package.json +62 -0
package/README.md ADDED
@@ -0,0 +1,161 @@
1
+ # sonobat
2
+
3
+ **AttackDataGraph for autonomous penetration testing.**
4
+
5
+ sonobat is a normalized data store that ingests tool outputs (nmap, ffuf, nuclei), builds a structured attack graph, and proposes next-step actions based on missing data. It exposes an [MCP Server](https://modelcontextprotocol.io/) so that LLM agents can drive the entire reconnaissance-to-exploitation loop autonomously.
6
+
7
+ ## Features
8
+
9
+ - **Ingest** — Parse nmap XML, ffuf JSON, and nuclei JSONL into a normalized SQLite graph
10
+ - **Normalize** — Deduplicate and link hosts, services, endpoints, inputs, observations, credentials, and vulnerabilities
11
+ - **Propose** — Gap-driven engine suggests what to scan next based on missing data
12
+ - **MCP Server** — 14 tools + 3 resources accessible via stdio for LLM agents (Claude Desktop, Claude Code, etc.)
13
+
14
+ ## Data Model
15
+
16
+ ```
17
+ Host
18
+ ├── Vhost
19
+ └── Service (transport + port + protocol)
20
+ ├── ServiceObservation (key-value)
21
+ ├── Credential
22
+ ├── HttpEndpoint
23
+ │ └── EndpointInput (many-to-many)
24
+ ├── Input (location + name)
25
+ │ └── Observation (observed values)
26
+ └── Vulnerability
27
+ └── CVE
28
+ ```
29
+
30
+ Every fact is linked to an **Artifact** (evidence), ensuring full traceability.
31
+
32
+ ## Quick Start
33
+
34
+ ### Prerequisites
35
+
36
+ - Node.js >= 20 LTS
37
+ - npm
38
+
39
+ ### Install & Build
40
+
41
+ ```bash
42
+ git clone https://github.com/0x6d61/sonobat.git
43
+ cd sonobat
44
+ npm install
45
+ npm run build
46
+ ```
47
+
48
+ ### Run Tests
49
+
50
+ ```bash
51
+ npm test
52
+ ```
53
+
54
+ ## MCP Server
55
+
56
+ sonobat runs as an MCP server over stdio. LLM agents connect to it and use tools to ingest data, query the graph, and get next-step proposals.
57
+
58
+ ### Available Tools
59
+
60
+ | Category | Tool | Description |
61
+ |----------|------|-------------|
62
+ | **Ingest** | `ingest_file` | Ingest a tool output file and normalize it into the graph |
63
+ | **Query** | `list_hosts` | List all discovered hosts |
64
+ | | `get_host` | Get host details including services and vhosts |
65
+ | | `list_services` | List services for a host |
66
+ | | `list_endpoints` | List HTTP endpoints for a service |
67
+ | | `list_inputs` | List input parameters for a service |
68
+ | | `list_observations` | List observed values for an input |
69
+ | | `list_credentials` | List credentials (optionally filtered by service) |
70
+ | | `list_vulnerabilities` | List vulnerabilities (optionally filtered by service/severity) |
71
+ | **Propose** | `propose` | Suggest next actions based on missing data |
72
+ | **Mutation** | `add_host` | Manually add a host |
73
+ | | `add_credential` | Add a credential for a service |
74
+ | | `add_vulnerability` | Add a vulnerability for a service |
75
+ | | `link_cve` | Link a CVE record to a vulnerability |
76
+
77
+ ### MCP Resources
78
+
79
+ | URI | Description |
80
+ |-----|-------------|
81
+ | `sonobat://hosts` | Host list (JSON) |
82
+ | `sonobat://hosts/{id}` | Host detail with full service tree |
83
+ | `sonobat://summary` | Overall statistics |
84
+
85
+ ### Claude Desktop
86
+
87
+ Add to `claude_desktop_config.json`:
88
+
89
+ ```json
90
+ {
91
+ "mcpServers": {
92
+ "sonobat": {
93
+ "command": "npx",
94
+ "args": ["tsx", "/path/to/sonobat/src/index.ts"],
95
+ "env": {
96
+ "SONOBAT_DB_PATH": "/path/to/sonobat/sonobat.db"
97
+ }
98
+ }
99
+ }
100
+ }
101
+ ```
102
+
103
+ ### Claude Code
104
+
105
+ Add to `.claude/settings.json`:
106
+
107
+ ```json
108
+ {
109
+ "mcpServers": {
110
+ "sonobat": {
111
+ "command": "npx",
112
+ "args": ["tsx", "/path/to/sonobat/src/index.ts"],
113
+ "env": {
114
+ "SONOBAT_DB_PATH": "/path/to/sonobat/sonobat.db"
115
+ }
116
+ }
117
+ }
118
+ }
119
+ ```
120
+
121
+ ### MCP Inspector
122
+
123
+ ```bash
124
+ npx @modelcontextprotocol/inspector npx tsx src/index.ts
125
+ ```
126
+
127
+ ## Environment Variables
128
+
129
+ | Variable | Default | Description |
130
+ |----------|---------|-------------|
131
+ | `SONOBAT_DB_PATH` | `sonobat.db` | Path to the SQLite database file |
132
+
133
+ ## Tech Stack
134
+
135
+ | Component | Choice |
136
+ |-----------|--------|
137
+ | Language | TypeScript 5.x (strict mode) |
138
+ | Runtime | Node.js >= 20 LTS |
139
+ | Database | SQLite via better-sqlite3 |
140
+ | MCP SDK | @modelcontextprotocol/sdk |
141
+ | XML Parser | fast-xml-parser |
142
+ | Validation | Zod |
143
+ | Build | tsup (esbuild) |
144
+ | Test | Vitest |
145
+
146
+ ## Development
147
+
148
+ ```bash
149
+ npm run dev # Run with tsx (no build needed)
150
+ npm test # Run all tests
151
+ npm run test:watch # Watch mode
152
+ npm run test:coverage # Coverage report
153
+ npm run lint # ESLint
154
+ npm run format # Prettier
155
+ npm run typecheck # tsc --noEmit
156
+ npm run build # Production build
157
+ ```
158
+
159
+ ## License
160
+
161
+ ISC
package/dist/index.d.ts ADDED
@@ -0,0 +1,2 @@
1
+
2
+ export { }