praetorian-cli 2.3.5__tar.gz → 2.4.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (142) hide show
  1. {praetorian_cli-2.3.5/praetorian_cli.egg-info → praetorian_cli-2.4.1}/PKG-INFO +191 -14
  2. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/README.md +190 -13
  3. praetorian_cli-2.4.1/praetorian_cli/handlers/agent.py +319 -0
  4. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/cli_decorators.py +1 -1
  5. praetorian_cli-2.4.1/praetorian_cli/handlers/critfinder.py +155 -0
  6. praetorian_cli-2.4.1/praetorian_cli/handlers/engagement.py +66 -0
  7. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/export.py +4 -1
  8. praetorian_cli-2.4.1/praetorian_cli/handlers/find.py +51 -0
  9. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/get.py +7 -2
  10. praetorian_cli-2.4.1/praetorian_cli/handlers/report.py +88 -0
  11. praetorian_cli-2.4.1/praetorian_cli/handlers/run.py +463 -0
  12. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/main.py +5 -0
  13. praetorian_cli-2.4.1/praetorian_cli/runners/__init__.py +1 -0
  14. praetorian_cli-2.4.1/praetorian_cli/runners/local.py +299 -0
  15. praetorian_cli-2.4.1/praetorian_cli/sdk/entities/agents.py +220 -0
  16. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/reports.py +5 -1
  17. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/risks.py +113 -6
  18. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/search.py +41 -0
  19. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_report.py +3 -0
  20. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_z_cli.py +22 -1
  21. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/job_helpers.py +4 -1
  22. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/theme.py +1 -0
  23. praetorian_cli-2.4.1/praetorian_cli/ui/console/__init__.py +1 -0
  24. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/__init__.py +6 -0
  25. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/accounts.py +260 -0
  26. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/context.py +327 -0
  27. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/marcus.py +408 -0
  28. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/reporting.py +69 -0
  29. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/search.py +151 -0
  30. praetorian_cli-2.4.1/praetorian_cli/ui/console/commands/tools.py +420 -0
  31. praetorian_cli-2.4.1/praetorian_cli/ui/console/console.py +423 -0
  32. praetorian_cli-2.4.1/praetorian_cli/ui/console/context.py +45 -0
  33. praetorian_cli-2.4.1/praetorian_cli/ui/console/renderer.py +406 -0
  34. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1/praetorian_cli.egg-info}/PKG-INFO +191 -14
  35. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli.egg-info/SOURCES.txt +18 -0
  36. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/setup.cfg +1 -1
  37. praetorian_cli-2.3.5/praetorian_cli/handlers/agent.py +0 -100
  38. praetorian_cli-2.3.5/praetorian_cli/sdk/entities/agents.py +0 -45
  39. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/LICENSE +0 -0
  40. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/MANIFEST.in +0 -0
  41. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/__init__.py +0 -0
  42. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/__init__.py +0 -0
  43. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/add.py +0 -0
  44. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/aegis.py +0 -0
  45. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/chariot.py +0 -0
  46. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/configure.py +0 -0
  47. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/delete.py +0 -0
  48. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/enrich.py +0 -0
  49. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/imports.py +0 -0
  50. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/link.py +0 -0
  51. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/list.py +0 -0
  52. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/script.py +0 -0
  53. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/search.py +0 -0
  54. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/ssh_utils.py +0 -0
  55. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/test.py +0 -0
  56. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/unlink.py +0 -0
  57. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/update.py +0 -0
  58. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/handlers/utils.py +0 -0
  59. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/scripts/__init__.py +0 -0
  60. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/scripts/commands/__init__.py +0 -0
  61. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/scripts/commands/nmap-example.py +0 -0
  62. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/scripts/utils.py +0 -0
  63. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/__init__.py +0 -0
  64. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/chariot.py +0 -0
  65. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/__init__.py +0 -0
  66. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/accounts.py +0 -0
  67. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/ad.py +0 -0
  68. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/aegis.py +0 -0
  69. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/assets.py +0 -0
  70. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/attributes.py +0 -0
  71. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/capabilities.py +0 -0
  72. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/configurations.py +0 -0
  73. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/credentials.py +0 -0
  74. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/definitions.py +0 -0
  75. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/files.py +0 -0
  76. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/integrations.py +0 -0
  77. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/jobs.py +0 -0
  78. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/keys.py +0 -0
  79. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/preseeds.py +0 -0
  80. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/scanners.py +0 -0
  81. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/schedules.py +0 -0
  82. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/schema.py +0 -0
  83. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/seeds.py +0 -0
  84. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/settings.py +0 -0
  85. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/statistics.py +0 -0
  86. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/webhook.py +0 -0
  87. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/entities/webpage.py +0 -0
  88. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/guard.py +0 -0
  89. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/keychain.py +0 -0
  90. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/mcp_server.py +0 -0
  91. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/model/__init__.py +0 -0
  92. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/model/aegis.py +0 -0
  93. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/model/globals.py +0 -0
  94. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/model/query.py +0 -0
  95. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/model/utils.py +0 -0
  96. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/__init__.py +0 -0
  97. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/pytest.ini +0 -0
  98. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_account.py +0 -0
  99. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_agent.py +0 -0
  100. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_asset.py +0 -0
  101. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_attribute.py +0 -0
  102. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_capabilities.py +0 -0
  103. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_configuration.py +0 -0
  104. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_conversation.py +0 -0
  105. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_definition.py +0 -0
  106. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_extend.py +0 -0
  107. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_file.py +0 -0
  108. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_job.py +0 -0
  109. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_key.py +0 -0
  110. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_mcp.py +0 -0
  111. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_preseed.py +0 -0
  112. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_risk.py +0 -0
  113. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_search.py +0 -0
  114. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_seed.py +0 -0
  115. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_setting.py +0 -0
  116. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_webhook.py +0 -0
  117. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/test_webpage.py +0 -0
  118. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/ui_mocks.py +0 -0
  119. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/sdk/test/utils.py +0 -0
  120. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/__init__.py +0 -0
  121. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/__init__.py +0 -0
  122. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/__init__.py +0 -0
  123. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/cp.py +0 -0
  124. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/help.py +0 -0
  125. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/info.py +0 -0
  126. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/job.py +0 -0
  127. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/list.py +0 -0
  128. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/proxy.py +0 -0
  129. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/schedule.py +0 -0
  130. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/schedule_helpers.py +0 -0
  131. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/set.py +0 -0
  132. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/commands/ssh.py +0 -0
  133. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/constants.py +0 -0
  134. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/menu.py +0 -0
  135. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/aegis/utils.py +0 -0
  136. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/conversation/__init__.py +0 -0
  137. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli/ui/conversation/textual_chat.py +0 -0
  138. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli.egg-info/dependency_links.txt +0 -0
  139. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli.egg-info/entry_points.txt +0 -0
  140. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli.egg-info/requires.txt +0 -0
  141. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/praetorian_cli.egg-info/top_level.txt +0 -0
  142. {praetorian_cli-2.3.5 → praetorian_cli-2.4.1}/pyproject.toml +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: praetorian-cli
3
- Version: 2.3.5
3
+ Version: 2.4.1
4
4
  Summary: For interacting with the Guard API
5
5
  Home-page: https://github.com/praetorian-inc/praetorian-cli
6
6
  Author: Praetorian
@@ -38,16 +38,23 @@ Dynamic: license-file
38
38
  # Table of Contents
39
39
 
40
40
  - [Description](#description)
41
- - [Getting started](#getting-started)
41
+ - [Getting Started](#getting-started)
42
42
  - [Prerequisites](#prerequisites)
43
43
  - [Installation](#installation)
44
- - [Signing up](#signing-up-and-configuration)
44
+ - [Signing up](#signing-up)
45
+ - [Authentication](#authentication)
45
46
  - [Using the CLI](#using-the-cli)
46
- - [Using scripts](#using-scripts)
47
+ - [Operators](#operators)
48
+ - [Interactive Console](#interactive-console)
49
+ - [Install local security tools (optional)](#install-local-security-tools-optional)
50
+ - [Marcus Aurelius AI](#marcus-aurelius-ai)
51
+ - [Security Tools](#security-tools)
47
52
  - [Developers](#developers)
48
- - [Contributing](#contributing)
49
- - [Support](#support)
50
- - [License](#license)
53
+ - [SDK](#sdk)
54
+ - [Developing external scripts](#developing-external-scripts)
55
+ - [Contributing](#contributing)
56
+ - [Support](#support)
57
+ - [License](#license)
51
58
  - [Backwards Compatibility](#backwards-compatibility)
52
59
 
53
60
  # Description
@@ -67,12 +74,32 @@ offensive security platform.
67
74
 
68
75
  ## Installation
69
76
 
70
- Install the Python package using this command:
77
+ Install the Python package:
71
78
 
72
79
  ```zsh
73
80
  pip install praetorian-cli
74
81
  ```
75
82
 
83
+ ### Install from source (for console branch features)
84
+
85
+ ```zsh
86
+ git clone https://github.com/praetorian-inc/praetorian-cli.git
87
+ cd praetorian-cli
88
+ pip install -e .
89
+ ```
90
+
91
+ ### Configure authentication
92
+
93
+ ```zsh
94
+ guard configure
95
+ ```
96
+
97
+ Or set environment variables:
98
+ ```zsh
99
+ export PRAETORIAN_CLI_API_KEY_ID=your-api-key-id
100
+ export PRAETORIAN_CLI_API_KEY_SECRET=your-api-key-secret
101
+ ```
102
+
76
103
  ## Signing up
77
104
 
78
105
  Register for an account for [Guard](https://guard.praetorian.com) using the instructions
@@ -80,13 +107,13 @@ in [our documentation](https://docs.praetorian.com/hc/en-us/articles/38048335323
80
107
 
81
108
  ## Authentication
82
109
 
83
- Once you can properly access Guard through the UI, you can obtain API credentials by clicking the
84
- Praetorian icon in the top right corner -> User Profile -> API Keys. Be sure to carefully copy the
85
- API credentials you created as you will need to provide them to the CLI for interacting with Guard.
110
+ Once you can properly access Guard through the UI, you can obtain API credentials by clicking the
111
+ Praetorian icon in the top right corner -> User Profile -> API Keys. Be sure to carefully copy the
112
+ API credentials you created as you will need to provide them to the CLI for interacting with Guard.
86
113
 
87
114
  **Note**: SSO Organizations should provision access through API Keys as well.
88
115
 
89
- ### Using API Keys
116
+ ### Using API Keys
90
117
 
91
118
  This is the authentication method for CLI. You can authenticate using either a keychain file or environment variables.
92
119
 
@@ -94,11 +121,11 @@ This is the authentication method for CLI. You can authenticate using either a k
94
121
 
95
122
  This method stores your API key in a keychain file.
96
123
 
97
- 1. Run `guard configure` and follow the prompts to set up authentication.
124
+ 1. Run `guard configure` and follow the prompts to set up authentication.
98
125
  Use the default values for `profile name`, `URL of backend API`, and `client ID`.
99
126
  2. It creates `~/.praetorian/keychain.ini`, which should read like this:
100
127
 
101
- ```
128
+ ```text
102
129
  [United States]
103
130
  name = guard
104
131
  client_id = 795dnnr45so7m17cppta0b295o
@@ -147,6 +174,156 @@ To get detailed information about a specific asset, run:
147
174
  guard --account guard+example@praetorian.com get asset <ASSET_KEY>
148
175
  ```
149
176
 
177
+ # Operators
178
+
179
+ ## Interactive Console
180
+
181
+ The Guard CLI includes a Metasploit-style interactive console for operator-focused engagement workflows.
182
+
183
+ ```zsh
184
+ guard console
185
+ guard console --account client@example.com
186
+ ```
187
+
188
+ The console provides:
189
+
190
+ - **Engagement management** — switch between accounts, view stats (seeds/assets/risks), create customers, manage vaults
191
+ - **Metasploit-style tool selection** — `use <tool>`, `show targets`, `set target`, `execute`
192
+ - **All 141 backend capabilities** — any capability can be selected via `use <name>` or `use <#>`
193
+ - **Marcus Aurelius AI** — inline queries (`ask`) and multi-turn conversation (`marcus`)
194
+ - **Fulltext search** — `find` for Neo4j graph search across all entity types
195
+ - **Evidence hydration** — `evidence <risk>` fetches all scattered evidence in one view
196
+ - **Report generation** — `report generate` / `report validate`
197
+ - **Local tool execution** — run installed Praetorian binaries locally, upload results to Guard
198
+ - **Live job tracking** — `status`, `jobs`, real-time tool output from Marcus
199
+
200
+ ### Example session
201
+
202
+ ```
203
+ guard > accounts # list engagements
204
+ guard > use 5 # switch to engagement #5
205
+ guard > assets # list assets (scoped to engagement)
206
+ guard > risks # list risks
207
+ guard > show 1 # drill into risk #1
208
+
209
+ guard > use brutus # select credential tester
210
+ guard (brutus) > show targets # show valid port targets
211
+ guard (brutus) > set target 3 # pick target #3
212
+ guard (brutus) > run # execute (local if installed, remote otherwise)
213
+ guard (brutus) > status # check job results
214
+ guard (brutus) > exit # back to main prompt
215
+
216
+ guard > ask "summarize critical risks" # one-shot Marcus query
217
+ guard > marcus # enter multi-turn conversation
218
+ marcus > @aurelius scan cloud infra # delegate to specialist agent
219
+ marcus > back
220
+
221
+ guard > marcus read "vault/sow.pdf" # have Marcus analyze a file
222
+ guard > marcus do "add example.com as seed" # direct instruction
223
+ guard > download proofs # download all proof files locally
224
+ guard > home # return to your own account
225
+ ```
226
+
227
+ ## Install local security tools (optional)
228
+
229
+ Requires the [GitHub CLI](https://cli.github.com/) (`gh`) to be installed and authenticated:
230
+
231
+ ```zsh
232
+ guard run install brutus # install a specific tool
233
+ guard run install all # install all Praetorian tools
234
+ guard run installed # check what's installed
235
+ ```
236
+
237
+ Binaries are downloaded from `praetorian-inc` GitHub releases to `~/.praetorian/bin/`.
238
+
239
+ ## Marcus Aurelius AI
240
+
241
+ Marcus is Guard's AI operator, accessible from both the CLI and the interactive console.
242
+
243
+ ```zsh
244
+ # One-shot queries
245
+ guard ask "how many critical risks are there?"
246
+ guard ask "show me all assets with port 22 open" --mode query
247
+
248
+ # File analysis and ingestion
249
+ guard marcus read "vault/engagement/sow.pdf"
250
+ guard marcus ingest "vault/nessus-export.csv" --findings
251
+ guard marcus do "generate an executive summary"
252
+ ```
253
+
254
+ In the console, Marcus shows live tool execution:
255
+ ```
256
+ guard > ask "analyze the top risks"
257
+ Thinking...
258
+ → query — 14 risks done
259
+ → query — 5 assets done
260
+ Found 14 risks across 5 assets...
261
+ ```
262
+
263
+ ## Security Tools
264
+
265
+ All 141 Guard capabilities are available through the CLI. Named tools include:
266
+
267
+ | Agent | Description |
268
+ |-------|-------------|
269
+ | `asset-analyzer` | Deep-dive reconnaissance & risk mapping |
270
+ | `brutus` | Credential attacks (SSH, RDP, FTP, SMB) |
271
+ | `julius` | LLM/AI service fingerprinting |
272
+ | `augustus` | LLM jailbreak & prompt injection attacks |
273
+ | `aurelius` | Cloud infrastructure discovery (AWS/Azure/GCP) |
274
+ | `trajan` | CI/CD pipeline security scanning |
275
+ | `priscus` | Remediation retesting |
276
+ | `seneca` | CVE research & exploit intelligence |
277
+ | `titus` | Secret scanning & credential leak detection |
278
+
279
+ ### Local execution
280
+
281
+ Tools can run locally if the binary is installed, with results uploaded to Guard:
282
+
283
+ ```zsh
284
+ guard run install brutus # download from praetorian-inc GitHub
285
+ guard run install all # install everything
286
+ guard run tool brutus 10.0.1.5 # runs locally (default if installed)
287
+ guard run tool brutus 10.0.1.5 --remote # force remote execution
288
+ guard run installed # show what's installed locally
289
+ ```
290
+
291
+ ### Additional CLI Commands
292
+
293
+ Beyond the standard CRUD commands, the CLI includes:
294
+
295
+ ```zsh
296
+ # Fulltext search (Neo4j graph queries)
297
+ guard find "example.com"
298
+ guard find "CVE-2024" --type risk
299
+
300
+ # Evidence hydration
301
+ guard get risk "#risk#example.com#CVE-2024-1234" --evidence
302
+
303
+ # Reports
304
+ guard report generate --title "Q1 Pentest" --client "Acme Corp" --risks "status:OH"
305
+ guard report validate --risks "status:OH"
306
+
307
+ # One-shot Marcus AI query
308
+ guard ask "what assets have port 22 open?"
309
+
310
+ # Marcus subcommands
311
+ guard marcus read "vault/sow.pdf"
312
+ guard marcus ingest "vault/scope.md" --scope --findings
313
+ guard marcus do "add example.com as a seed and start discovery"
314
+
315
+ # Security tools (local or remote)
316
+ guard run tool brutus 10.0.1.5
317
+ guard run tool nuclei example.com --remote
318
+ guard run install brutus
319
+ guard run installed
320
+
321
+ # Engagement management
322
+ guard engagement list
323
+ guard engagement create-customer --email ops@acme.com --name "ACME Corp"
324
+ guard engagement create-vault --client acme --sow SOW-1234 --sku WAPT --github-user jdoe
325
+ ```
326
+
150
327
  # Developers
151
328
 
152
329
  Both CLI and SDK is open-source in this repository. The SDK is installed along with the `praetorian-cli`
@@ -14,16 +14,23 @@
14
14
  # Table of Contents
15
15
 
16
16
  - [Description](#description)
17
- - [Getting started](#getting-started)
17
+ - [Getting Started](#getting-started)
18
18
  - [Prerequisites](#prerequisites)
19
19
  - [Installation](#installation)
20
- - [Signing up](#signing-up-and-configuration)
20
+ - [Signing up](#signing-up)
21
+ - [Authentication](#authentication)
21
22
  - [Using the CLI](#using-the-cli)
22
- - [Using scripts](#using-scripts)
23
+ - [Operators](#operators)
24
+ - [Interactive Console](#interactive-console)
25
+ - [Install local security tools (optional)](#install-local-security-tools-optional)
26
+ - [Marcus Aurelius AI](#marcus-aurelius-ai)
27
+ - [Security Tools](#security-tools)
23
28
  - [Developers](#developers)
24
- - [Contributing](#contributing)
25
- - [Support](#support)
26
- - [License](#license)
29
+ - [SDK](#sdk)
30
+ - [Developing external scripts](#developing-external-scripts)
31
+ - [Contributing](#contributing)
32
+ - [Support](#support)
33
+ - [License](#license)
27
34
  - [Backwards Compatibility](#backwards-compatibility)
28
35
 
29
36
  # Description
@@ -43,12 +50,32 @@ offensive security platform.
43
50
 
44
51
  ## Installation
45
52
 
46
- Install the Python package using this command:
53
+ Install the Python package:
47
54
 
48
55
  ```zsh
49
56
  pip install praetorian-cli
50
57
  ```
51
58
 
59
+ ### Install from source (for console branch features)
60
+
61
+ ```zsh
62
+ git clone https://github.com/praetorian-inc/praetorian-cli.git
63
+ cd praetorian-cli
64
+ pip install -e .
65
+ ```
66
+
67
+ ### Configure authentication
68
+
69
+ ```zsh
70
+ guard configure
71
+ ```
72
+
73
+ Or set environment variables:
74
+ ```zsh
75
+ export PRAETORIAN_CLI_API_KEY_ID=your-api-key-id
76
+ export PRAETORIAN_CLI_API_KEY_SECRET=your-api-key-secret
77
+ ```
78
+
52
79
  ## Signing up
53
80
 
54
81
  Register for an account for [Guard](https://guard.praetorian.com) using the instructions
@@ -56,13 +83,13 @@ in [our documentation](https://docs.praetorian.com/hc/en-us/articles/38048335323
56
83
 
57
84
  ## Authentication
58
85
 
59
- Once you can properly access Guard through the UI, you can obtain API credentials by clicking the
60
- Praetorian icon in the top right corner -> User Profile -> API Keys. Be sure to carefully copy the
61
- API credentials you created as you will need to provide them to the CLI for interacting with Guard.
86
+ Once you can properly access Guard through the UI, you can obtain API credentials by clicking the
87
+ Praetorian icon in the top right corner -> User Profile -> API Keys. Be sure to carefully copy the
88
+ API credentials you created as you will need to provide them to the CLI for interacting with Guard.
62
89
 
63
90
  **Note**: SSO Organizations should provision access through API Keys as well.
64
91
 
65
- ### Using API Keys
92
+ ### Using API Keys
66
93
 
67
94
  This is the authentication method for CLI. You can authenticate using either a keychain file or environment variables.
68
95
 
@@ -70,11 +97,11 @@ This is the authentication method for CLI. You can authenticate using either a k
70
97
 
71
98
  This method stores your API key in a keychain file.
72
99
 
73
- 1. Run `guard configure` and follow the prompts to set up authentication.
100
+ 1. Run `guard configure` and follow the prompts to set up authentication.
74
101
  Use the default values for `profile name`, `URL of backend API`, and `client ID`.
75
102
  2. It creates `~/.praetorian/keychain.ini`, which should read like this:
76
103
 
77
- ```
104
+ ```text
78
105
  [United States]
79
106
  name = guard
80
107
  client_id = 795dnnr45so7m17cppta0b295o
@@ -123,6 +150,156 @@ To get detailed information about a specific asset, run:
123
150
  guard --account guard+example@praetorian.com get asset <ASSET_KEY>
124
151
  ```
125
152
 
153
+ # Operators
154
+
155
+ ## Interactive Console
156
+
157
+ The Guard CLI includes a Metasploit-style interactive console for operator-focused engagement workflows.
158
+
159
+ ```zsh
160
+ guard console
161
+ guard console --account client@example.com
162
+ ```
163
+
164
+ The console provides:
165
+
166
+ - **Engagement management** — switch between accounts, view stats (seeds/assets/risks), create customers, manage vaults
167
+ - **Metasploit-style tool selection** — `use <tool>`, `show targets`, `set target`, `execute`
168
+ - **All 141 backend capabilities** — any capability can be selected via `use <name>` or `use <#>`
169
+ - **Marcus Aurelius AI** — inline queries (`ask`) and multi-turn conversation (`marcus`)
170
+ - **Fulltext search** — `find` for Neo4j graph search across all entity types
171
+ - **Evidence hydration** — `evidence <risk>` fetches all scattered evidence in one view
172
+ - **Report generation** — `report generate` / `report validate`
173
+ - **Local tool execution** — run installed Praetorian binaries locally, upload results to Guard
174
+ - **Live job tracking** — `status`, `jobs`, real-time tool output from Marcus
175
+
176
+ ### Example session
177
+
178
+ ```
179
+ guard > accounts # list engagements
180
+ guard > use 5 # switch to engagement #5
181
+ guard > assets # list assets (scoped to engagement)
182
+ guard > risks # list risks
183
+ guard > show 1 # drill into risk #1
184
+
185
+ guard > use brutus # select credential tester
186
+ guard (brutus) > show targets # show valid port targets
187
+ guard (brutus) > set target 3 # pick target #3
188
+ guard (brutus) > run # execute (local if installed, remote otherwise)
189
+ guard (brutus) > status # check job results
190
+ guard (brutus) > exit # back to main prompt
191
+
192
+ guard > ask "summarize critical risks" # one-shot Marcus query
193
+ guard > marcus # enter multi-turn conversation
194
+ marcus > @aurelius scan cloud infra # delegate to specialist agent
195
+ marcus > back
196
+
197
+ guard > marcus read "vault/sow.pdf" # have Marcus analyze a file
198
+ guard > marcus do "add example.com as seed" # direct instruction
199
+ guard > download proofs # download all proof files locally
200
+ guard > home # return to your own account
201
+ ```
202
+
203
+ ## Install local security tools (optional)
204
+
205
+ Requires the [GitHub CLI](https://cli.github.com/) (`gh`) to be installed and authenticated:
206
+
207
+ ```zsh
208
+ guard run install brutus # install a specific tool
209
+ guard run install all # install all Praetorian tools
210
+ guard run installed # check what's installed
211
+ ```
212
+
213
+ Binaries are downloaded from `praetorian-inc` GitHub releases to `~/.praetorian/bin/`.
214
+
215
+ ## Marcus Aurelius AI
216
+
217
+ Marcus is Guard's AI operator, accessible from both the CLI and the interactive console.
218
+
219
+ ```zsh
220
+ # One-shot queries
221
+ guard ask "how many critical risks are there?"
222
+ guard ask "show me all assets with port 22 open" --mode query
223
+
224
+ # File analysis and ingestion
225
+ guard marcus read "vault/engagement/sow.pdf"
226
+ guard marcus ingest "vault/nessus-export.csv" --findings
227
+ guard marcus do "generate an executive summary"
228
+ ```
229
+
230
+ In the console, Marcus shows live tool execution:
231
+ ```
232
+ guard > ask "analyze the top risks"
233
+ Thinking...
234
+ → query — 14 risks done
235
+ → query — 5 assets done
236
+ Found 14 risks across 5 assets...
237
+ ```
238
+
239
+ ## Security Tools
240
+
241
+ All 141 Guard capabilities are available through the CLI. Named tools include:
242
+
243
+ | Agent | Description |
244
+ |-------|-------------|
245
+ | `asset-analyzer` | Deep-dive reconnaissance & risk mapping |
246
+ | `brutus` | Credential attacks (SSH, RDP, FTP, SMB) |
247
+ | `julius` | LLM/AI service fingerprinting |
248
+ | `augustus` | LLM jailbreak & prompt injection attacks |
249
+ | `aurelius` | Cloud infrastructure discovery (AWS/Azure/GCP) |
250
+ | `trajan` | CI/CD pipeline security scanning |
251
+ | `priscus` | Remediation retesting |
252
+ | `seneca` | CVE research & exploit intelligence |
253
+ | `titus` | Secret scanning & credential leak detection |
254
+
255
+ ### Local execution
256
+
257
+ Tools can run locally if the binary is installed, with results uploaded to Guard:
258
+
259
+ ```zsh
260
+ guard run install brutus # download from praetorian-inc GitHub
261
+ guard run install all # install everything
262
+ guard run tool brutus 10.0.1.5 # runs locally (default if installed)
263
+ guard run tool brutus 10.0.1.5 --remote # force remote execution
264
+ guard run installed # show what's installed locally
265
+ ```
266
+
267
+ ### Additional CLI Commands
268
+
269
+ Beyond the standard CRUD commands, the CLI includes:
270
+
271
+ ```zsh
272
+ # Fulltext search (Neo4j graph queries)
273
+ guard find "example.com"
274
+ guard find "CVE-2024" --type risk
275
+
276
+ # Evidence hydration
277
+ guard get risk "#risk#example.com#CVE-2024-1234" --evidence
278
+
279
+ # Reports
280
+ guard report generate --title "Q1 Pentest" --client "Acme Corp" --risks "status:OH"
281
+ guard report validate --risks "status:OH"
282
+
283
+ # One-shot Marcus AI query
284
+ guard ask "what assets have port 22 open?"
285
+
286
+ # Marcus subcommands
287
+ guard marcus read "vault/sow.pdf"
288
+ guard marcus ingest "vault/scope.md" --scope --findings
289
+ guard marcus do "add example.com as a seed and start discovery"
290
+
291
+ # Security tools (local or remote)
292
+ guard run tool brutus 10.0.1.5
293
+ guard run tool nuclei example.com --remote
294
+ guard run install brutus
295
+ guard run installed
296
+
297
+ # Engagement management
298
+ guard engagement list
299
+ guard engagement create-customer --email ops@acme.com --name "ACME Corp"
300
+ guard engagement create-vault --client acme --sow SOW-1234 --sku WAPT --github-user jdoe
301
+ ```
302
+
126
303
  # Developers
127
304
 
128
305
  Both CLI and SDK is open-source in this repository. The SDK is installed along with the `praetorian-cli`