souleyez 2.40.0__tar.gz → 2.43.2__tar.gz

souleyez-2.43.2/PKG-INFO

@@ -0,0 +1,269 @@
+Metadata-Version: 2.4
+Name: souleyez
+Version: 2.43.2
+Summary: AI-Powered Penetration Testing Platform with 40+ integrated tools
+Author-email: CyberSoul Security <contact@cybersoulsecurity.com>
+Maintainer-email: CyberSoul Security <contact@cybersoulsecurity.com>
+License: MIT
+Project-URL: Homepage, https://github.com/cyber-soul-security/SoulEyez
+Project-URL: Documentation, https://github.com/cyber-soul-security/SoulEyez#readme
+Project-URL: Repository, https://github.com/cyber-soul-security/SoulEyez.git
+Project-URL: Issues, https://github.com/cyber-soul-security/SoulEyez/issues
+Keywords: pentesting,security,hacking,penetration-testing,cybersecurity,nmap,metasploit
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Environment :: Console :: Curses
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Operating System :: MacOS
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: System :: Networking
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: anthropic>=0.40.0
+Requires-Dist: click>=8.0.0
+Requires-Dist: cryptography>=3.4.0
+Requires-Dist: defusedxml>=0.7.0
+Requires-Dist: impacket>=0.11.0
+Requires-Dist: markdown>=3.4.0
+Requires-Dist: msgpack>=1.0.0
+Requires-Dist: ollama>=0.1.0
+Requires-Dist: psycopg2-binary>=2.9.0
+Requires-Dist: psutil>=5.9.0
+Requires-Dist: python-json-logger>=2.0.0
+Requires-Dist: requests>=2.28.0
+Requires-Dist: rich>=10.0.0
+Requires-Dist: wcwidth>=0.2.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0.0; extra == "dev"
+Dynamic: license-file
+
+# SoulEyez — AI-Powered Penetration Testing Platform
+
+[![CI](https://github.com/cyber-soul-security/souleyez/actions/workflows/python-ci.yml/badge.svg)](https://github.com/cyber-soul-security/souleyez/actions/workflows/python-ci.yml)
+[![codecov](https://codecov.io/gh/cyber-soul-security/souleyez/branch/main/graph/badge.svg)](https://codecov.io/gh/cyber-soul-security/souleyez)
+[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/)
+[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
+[![Security: bandit](https://img.shields.io/badge/security-bandit-yellow.svg)](https://github.com/PyCQA/bandit)
+
+---
+
+## What is SoulEyez?
+
+**SoulEyez is your penetration testing command center.** Instead of juggling dozens of terminal windows and text files, SoulEyez gives you one organized place to:
+
+- **Run security scans** — Execute tools like Nmap, Gobuster, SQLMap with simple commands
+- **Auto-discover next steps** — When one scan finds something interesting, SoulEyez automatically suggests (or runs) the next logical tool
+- **Stay organized** — Keep all your targets, findings, and credentials in one searchable database
+- **Generate reports** — Export professional reports when you're done
+
+---
+
+## Who is this for?
+
+- **Security professionals** conducting authorized penetration tests
+- **CTF players** who want better organization during competitions
+- **Students** learning penetration testing methodology
+
+> **Important:** Only use SoulEyez on systems you have explicit authorization to test. Unauthorized scanning or exploitation is illegal.
+
+---
+
+## Features
+
+### Core Capabilities
+
+- 🎯 **Interactive Dashboard** — Real-time engagement monitoring with live updates
+- 🔗 **Smart Tool Chaining** — Automatic follow-up scans based on discoveries
+- 📊 **Findings Management** — Track and categorize vulnerabilities by severity
+- 🔑 **Credential Vault** — Encrypted storage for discovered credentials
+- 🌐 **Network Mapping** — Host discovery and service enumeration
+- 📈 **Progress Tracking** — Monitor scan completion and tool execution
+- 💾 **SQLite Storage** — Local database for all engagement data
+- 🔄 **Background Jobs** — Queue-based tool execution with status monitoring
+
+### Integrated Tools (40+)
+
+- **Reconnaissance**: nmap, masscan, theHarvester, whois, dnsrecon
+- **Web Testing**: nikto, gobuster, ffuf, sqlmap, nuclei, wpscan
+- **Enumeration**: enum4linux-ng, smbmap, crackmapexec, snmpwalk
+- **Exploitation**: Metasploit integration, searchsploit
+- **Password Attacks**: hydra, hashcat, john
+- **Post-Exploitation**: impacket suite, bloodhound
+
+### Pentest Workflow & Intelligence
+
+- 📁 **Evidence Vault** — Unified artifact collection organized by PTES phases
+- 🎯 **Attack Surface Dashboard** — Track what's exploited vs pending with priority scoring
+- 💣 **Exploit Suggestions** — Automatic CVE/Metasploit recommendations for discovered services
+- 🔗 **Correlation Engine** — Cross-phase attack tracking and gap analysis
+- 📝 **Report Generator** — Professional reports in Markdown/HTML/PDF formats
+- ✅ **Deliverable Tracking** — Manage testing requirements and acceptance criteria
+- 📸 **Screenshot Management** — Organized visual evidence by methodology phase
+
+### SIEM Integration
+
+- 🛡️ **SIEM Connectors** — Connect to Wazuh, Splunk, and other SIEM platforms
+- ✓ **Detection Validation** — Verify if your attacks triggered SIEM alerts
+- 🔍 **Vulnerability Management** — View CVEs from SIEM vulnerability data
+- ⚖️ **Gap Analysis** — Compare passive (SIEM) vs active (scan) findings
+- 🗺️ **MITRE ATT&CK Reports** — Detection coverage heatmaps by technique
+- 📡 **Real-time Alerts** — Monitor SIEM alerts during live engagements
+
+### FREE vs PRO
+
+| Feature | FREE | PRO |
+|---------|------|-----|
+| Core features (scans, findings, credentials) | ✅ | ✅ |
+| Report generation | ✅ | ✅ |
+| AI-powered suggestions & auto-chaining | ❌ | ✅ |
+| Metasploit integration & exploit suggestions | ❌ | ✅ |
+| SIEM integration & detection validation | ❌ | ✅ |
+| MITRE ATT&CK reports | ❌ | ✅ |
+
+---
+
+## Quick Start
+
+### Step 1: Install Prerequisites
+
+```bash
+sudo apt install pipx    # Install pipx
+pipx ensurepath          # Add pipx apps to your PATH
+source ~/.bashrc         # Reload shell (Kali: use ~/.zshrc)
+```
+
+### Step 2: Install SoulEyez
+
+```bash
+pipx install souleyez
+```
+
+### Step 3: Launch SoulEyez
+
+```bash
+souleyez interactive
+```
+
+### Step 4: First-Time Setup
+
+On your first run, the setup wizard guides you through:
+
+1. **Vault Password** — Create a master password that encrypts sensitive data
+2. **First Engagement** — Set up your first project and select engagement type
+3. **Tool Check** — Detect and optionally install missing security tools
+4. **AI Setup** — Configure Ollama for AI features (optional)
+5. **Tutorial** — Option to run the interactive tutorial (recommended)
+
+### Step 5: You're Ready!
+
+Once setup completes, you'll see the main menu.
+
+---
+
+## System Requirements
+
+| Component | Minimum | Recommended |
+|-----------|---------|-------------|
+| **OS** | Ubuntu 22.04+ | Kali Linux |
+| **Python** | 3.9+ | 3.11+ |
+| **RAM** | 4GB | 8GB+ |
+| **Disk** | 10GB | 50GB+ |
+
+### Supported Operating Systems
+
+| OS | Status | Notes |
+|----|--------|-------|
+| **Kali Linux** | ✅ Recommended | All pentesting tools pre-installed |
+| **Ubuntu 22.04+** | ✅ Supported | Tools installed via `souleyez setup` |
+| **Parrot OS** | ✅ Supported | Security-focused distro |
+| **Debian 12+** | ✅ Supported | Stable base system |
+| **macOS/Windows** | ❌ Not Supported | Use Linux in a VM |
+
+---
+
+## Common Commands
+
+| Command | What it does |
+|---------|--------------|
+| `souleyez interactive` | Launch the main interface |
+| `souleyez dashboard` | Real-time monitoring view |
+| `souleyez doctor` | Check if everything is set up correctly |
+| `souleyez setup` | Install/update pentesting tools |
+| `souleyez --help` | Show all available commands |
+
+---
+
+## Security & Encryption
+
+SoulEyez encrypts all stored credentials using **Fernet (AES-128-CBC + HMAC-SHA256)** with PBKDF2 key derivation (600k iterations).
+
+- Master password is never stored (cannot be recovered if lost)
+- Credentials encrypted at rest with industry-standard cryptography
+- Sensitive data is masked in the UI until explicitly revealed
+
+See [SECURITY.md](SECURITY.md) for complete security guidelines.
+
+---
+
+## Documentation
+
+- **[Getting Started](souleyez/docs/user-guide/getting-started.md)** — Your first engagement in 10 minutes
+- **[Installation Guide](souleyez/docs/user-guide/installation.md)** — Detailed setup instructions
+- **[Workflows](souleyez/docs/user-guide/workflows.md)** — Complete pentesting workflows
+- **[Auto-Chaining](souleyez/docs/user-guide/auto-chaining.md)** — Automatic follow-up scans
+- **[Configuration](souleyez/docs/user-guide/configuration.md)** — All configuration options
+- **[Troubleshooting](souleyez/docs/user-guide/troubleshooting.md)** — Common issues and fixes
+
+---
+
+## Troubleshooting
+
+| Problem | Solution |
+|---------|----------|
+| "command not found: souleyez" | Run `pipx ensurepath` then restart terminal |
+| "Tool not found" errors | Run `souleyez setup` to install missing tools |
+| Forgot vault password | Data is encrypted — start fresh with `rm -rf ~/.souleyez` |
+| Something seems broken | Run `souleyez doctor` to diagnose |
+
+---
+
+## Glossary
+
+New to pentesting? Here are some common terms:
+
+| Term | Meaning |
+|------|---------|
+| **Engagement** | A project or assessment — contains all data for one test |
+| **Target/Host** | A computer, server, or device you're testing |
+| **Finding** | A security issue or vulnerability you discovered |
+| **Credential** | Username/password combo found during testing |
+
+---
+
+## Support & Feedback
+
+- **Issues**: https://github.com/cyber-soul-security/souleyez/issues
+- **Security Issues**: cysoul.secit@gmail.com (see [SECURITY.md](SECURITY.md))
+- **General**: cysoul.secit@gmail.com
+
+---
+
+## License
+
+See [LICENSE](LICENSE) for details.
+
+---
+
+**Version**: 2.43.1 | **Maintainer**: [CyberSoul Security](https://www.cybersoulsecurity.com)

souleyez-2.43.2/README.md

@@ -0,0 +1,218 @@
+# SoulEyez — AI-Powered Penetration Testing Platform
+
+[![CI](https://github.com/cyber-soul-security/souleyez/actions/workflows/python-ci.yml/badge.svg)](https://github.com/cyber-soul-security/souleyez/actions/workflows/python-ci.yml)
+[![codecov](https://codecov.io/gh/cyber-soul-security/souleyez/branch/main/graph/badge.svg)](https://codecov.io/gh/cyber-soul-security/souleyez)
+[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/)
+[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
+[![Security: bandit](https://img.shields.io/badge/security-bandit-yellow.svg)](https://github.com/PyCQA/bandit)
+
+---
+
+## What is SoulEyez?
+
+**SoulEyez is your penetration testing command center.** Instead of juggling dozens of terminal windows and text files, SoulEyez gives you one organized place to:
+
+- **Run security scans** — Execute tools like Nmap, Gobuster, SQLMap with simple commands
+- **Auto-discover next steps** — When one scan finds something interesting, SoulEyez automatically suggests (or runs) the next logical tool
+- **Stay organized** — Keep all your targets, findings, and credentials in one searchable database
+- **Generate reports** — Export professional reports when you're done
+
+---
+
+## Who is this for?
+
+- **Security professionals** conducting authorized penetration tests
+- **CTF players** who want better organization during competitions
+- **Students** learning penetration testing methodology
+
+> **Important:** Only use SoulEyez on systems you have explicit authorization to test. Unauthorized scanning or exploitation is illegal.
+
+---
+
+## Features
+
+### Core Capabilities
+
+- 🎯 **Interactive Dashboard** — Real-time engagement monitoring with live updates
+- 🔗 **Smart Tool Chaining** — Automatic follow-up scans based on discoveries
+- 📊 **Findings Management** — Track and categorize vulnerabilities by severity
+- 🔑 **Credential Vault** — Encrypted storage for discovered credentials
+- 🌐 **Network Mapping** — Host discovery and service enumeration
+- 📈 **Progress Tracking** — Monitor scan completion and tool execution
+- 💾 **SQLite Storage** — Local database for all engagement data
+- 🔄 **Background Jobs** — Queue-based tool execution with status monitoring
+
+### Integrated Tools (40+)
+
+- **Reconnaissance**: nmap, masscan, theHarvester, whois, dnsrecon
+- **Web Testing**: nikto, gobuster, ffuf, sqlmap, nuclei, wpscan
+- **Enumeration**: enum4linux-ng, smbmap, crackmapexec, snmpwalk
+- **Exploitation**: Metasploit integration, searchsploit
+- **Password Attacks**: hydra, hashcat, john
+- **Post-Exploitation**: impacket suite, bloodhound
+
+### Pentest Workflow & Intelligence
+
+- 📁 **Evidence Vault** — Unified artifact collection organized by PTES phases
+- 🎯 **Attack Surface Dashboard** — Track what's exploited vs pending with priority scoring
+- 💣 **Exploit Suggestions** — Automatic CVE/Metasploit recommendations for discovered services
+- 🔗 **Correlation Engine** — Cross-phase attack tracking and gap analysis
+- 📝 **Report Generator** — Professional reports in Markdown/HTML/PDF formats
+- ✅ **Deliverable Tracking** — Manage testing requirements and acceptance criteria
+- 📸 **Screenshot Management** — Organized visual evidence by methodology phase
+
+### SIEM Integration
+
+- 🛡️ **SIEM Connectors** — Connect to Wazuh, Splunk, and other SIEM platforms
+- ✓ **Detection Validation** — Verify if your attacks triggered SIEM alerts
+- 🔍 **Vulnerability Management** — View CVEs from SIEM vulnerability data
+- ⚖️ **Gap Analysis** — Compare passive (SIEM) vs active (scan) findings
+- 🗺️ **MITRE ATT&CK Reports** — Detection coverage heatmaps by technique
+- 📡 **Real-time Alerts** — Monitor SIEM alerts during live engagements
+
+### FREE vs PRO
+
+| Feature | FREE | PRO |
+|---------|------|-----|
+| Core features (scans, findings, credentials) | ✅ | ✅ |
+| Report generation | ✅ | ✅ |
+| AI-powered suggestions & auto-chaining | ❌ | ✅ |
+| Metasploit integration & exploit suggestions | ❌ | ✅ |
+| SIEM integration & detection validation | ❌ | ✅ |
+| MITRE ATT&CK reports | ❌ | ✅ |
+
+---
+
+## Quick Start
+
+### Step 1: Install Prerequisites
+
+```bash
+sudo apt install pipx    # Install pipx
+pipx ensurepath          # Add pipx apps to your PATH
+source ~/.bashrc         # Reload shell (Kali: use ~/.zshrc)
+```
+
+### Step 2: Install SoulEyez
+
+```bash
+pipx install souleyez
+```
+
+### Step 3: Launch SoulEyez
+
+```bash
+souleyez interactive
+```
+
+### Step 4: First-Time Setup
+
+On your first run, the setup wizard guides you through:
+
+1. **Vault Password** — Create a master password that encrypts sensitive data
+2. **First Engagement** — Set up your first project and select engagement type
+3. **Tool Check** — Detect and optionally install missing security tools
+4. **AI Setup** — Configure Ollama for AI features (optional)
+5. **Tutorial** — Option to run the interactive tutorial (recommended)
+
+### Step 5: You're Ready!
+
+Once setup completes, you'll see the main menu.
+
+---
+
+## System Requirements
+
+| Component | Minimum | Recommended |
+|-----------|---------|-------------|
+| **OS** | Ubuntu 22.04+ | Kali Linux |
+| **Python** | 3.9+ | 3.11+ |
+| **RAM** | 4GB | 8GB+ |
+| **Disk** | 10GB | 50GB+ |
+
+### Supported Operating Systems
+
+| OS | Status | Notes |
+|----|--------|-------|
+| **Kali Linux** | ✅ Recommended | All pentesting tools pre-installed |
+| **Ubuntu 22.04+** | ✅ Supported | Tools installed via `souleyez setup` |
+| **Parrot OS** | ✅ Supported | Security-focused distro |
+| **Debian 12+** | ✅ Supported | Stable base system |
+| **macOS/Windows** | ❌ Not Supported | Use Linux in a VM |
+
+---
+
+## Common Commands
+
+| Command | What it does |
+|---------|--------------|
+| `souleyez interactive` | Launch the main interface |
+| `souleyez dashboard` | Real-time monitoring view |
+| `souleyez doctor` | Check if everything is set up correctly |
+| `souleyez setup` | Install/update pentesting tools |
+| `souleyez --help` | Show all available commands |
+
+---
+
+## Security & Encryption
+
+SoulEyez encrypts all stored credentials using **Fernet (AES-128-CBC + HMAC-SHA256)** with PBKDF2 key derivation (600k iterations).
+
+- Master password is never stored (cannot be recovered if lost)
+- Credentials encrypted at rest with industry-standard cryptography
+- Sensitive data is masked in the UI until explicitly revealed
+
+See [SECURITY.md](SECURITY.md) for complete security guidelines.
+
+---
+
+## Documentation
+
+- **[Getting Started](souleyez/docs/user-guide/getting-started.md)** — Your first engagement in 10 minutes
+- **[Installation Guide](souleyez/docs/user-guide/installation.md)** — Detailed setup instructions
+- **[Workflows](souleyez/docs/user-guide/workflows.md)** — Complete pentesting workflows
+- **[Auto-Chaining](souleyez/docs/user-guide/auto-chaining.md)** — Automatic follow-up scans
+- **[Configuration](souleyez/docs/user-guide/configuration.md)** — All configuration options
+- **[Troubleshooting](souleyez/docs/user-guide/troubleshooting.md)** — Common issues and fixes
+
+---
+
+## Troubleshooting
+
+| Problem | Solution |
+|---------|----------|
+| "command not found: souleyez" | Run `pipx ensurepath` then restart terminal |
+| "Tool not found" errors | Run `souleyez setup` to install missing tools |
+| Forgot vault password | Data is encrypted — start fresh with `rm -rf ~/.souleyez` |
+| Something seems broken | Run `souleyez doctor` to diagnose |
+
+---
+
+## Glossary
+
+New to pentesting? Here are some common terms:
+
+| Term | Meaning |
+|------|---------|
+| **Engagement** | A project or assessment — contains all data for one test |
+| **Target/Host** | A computer, server, or device you're testing |
+| **Finding** | A security issue or vulnerability you discovered |
+| **Credential** | Username/password combo found during testing |
+
+---
+
+## Support & Feedback
+
+- **Issues**: https://github.com/cyber-soul-security/souleyez/issues
+- **Security Issues**: cysoul.secit@gmail.com (see [SECURITY.md](SECURITY.md))
+- **General**: cysoul.secit@gmail.com
+
+---
+
+## License
+
+See [LICENSE](LICENSE) for details.
+
+---
+
+**Version**: 2.43.1 | **Maintainer**: [CyberSoul Security](https://www.cybersoulsecurity.com)

{souleyez-2.40.0 → souleyez-2.43.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "souleyez"
-version = "2.40.0"
+version = "2.43.2"
 description = "AI-Powered Penetration Testing Platform with 40+ integrated tools"
 readme = "README.md"
 license = {text = "MIT"}

souleyez-2.43.2/souleyez/__init__.py

@@ -0,0 +1,2 @@
+__version__ = '2.43.2'
+

{souleyez-2.40.0 → souleyez-2.43.2}/souleyez/commands/license.py

@@ -93,7 +93,7 @@ def status():
         click.echo(click.style("  No active license", fg='yellow'))
         click.echo()
         click.echo("  You are using the FREE tier.")
-        click.echo("  Upgrade to Pro: https://souleyez.com/pricing")
+        click.echo("  Upgrade to Pro: https://www.cybersoulsecurity.com/souleyez")
         click.echo()
         click.echo("  Activate with: souleyez license activate <key>")
         click.echo()

{souleyez-2.40.0 → souleyez-2.43.2}/souleyez/docs/README.md

@@ -1,7 +1,7 @@
 # SoulEyez Documentation
 
-**Version:** 2.40.0
-**Last Updated:** January 9, 2026
+**Version:** 2.43.2
+**Last Updated:** January 11, 2026
 **Organization:** CyberSoul Security
 
 Welcome to the SoulEyez documentation! This documentation covers architecture, development, user guides, and operational information for the SoulEyez penetration testing platform.
@@ -240,8 +240,8 @@ Legal and compliance documentation.
 
 - **Issues**: https://github.com/cybersoul-security/souleyez/issues
 - **Discussions**: https://github.com/cybersoul-security/souleyez/discussions
-- **Security**: security@cybersoul.io
-- **General**: support@cybersoul.io
+- **Security**: cysoul.secit@gmail.com
+- **General**: cysoul.secit@gmail.com
 
 ---
 

{souleyez-2.40.0 → souleyez-2.43.2}/souleyez/docs/architecture/decisions/001-local-llm-over-cloud.md

@@ -167,7 +167,7 @@ SoulEyez's tagline: *"See through the soul's eyes — perceive what others canno
 **Messaging Opportunity**:
 > "SoulEyez AI never sends your data to the cloud. Your engagement stays between you and your client — always."
 
-This positions CyberSoul as **security-first, privacy-respecting** — aligned with Soul Hackers brand values.
+This positions CyberSoul as **security-first, privacy-respecting** — aligned with SoulEyez brand values.
 
 ---
 
@@ -283,7 +283,7 @@ Sanitized: "[USER]:[PASS] on [IP] port 3306 MySQL"
    - ✅ Predictable performance
 
 4. **Brand**
-   - ✅ Reinforces "Soul Hackers" identity (ethical, privacy-respecting)
+   - ✅ Reinforces "SoulEyez" identity (ethical, privacy-respecting)
    - ✅ Differentiation in crowded market
    - ✅ Thought leadership opportunity (blog: "Why We Built Privacy-First AI")
 

{souleyez-2.40.0 → souleyez-2.43.2}/souleyez/docs/architecture/decisions/002-master-password-approach.md

@@ -30,7 +30,7 @@ souleyez needs a **credential encryption strategy** that balances security with
 3. **Encryption**: Fernet (AES-128 in CBC mode + HMAC authentication)
 4. **Scope**: Encrypts `credentials.username` and `credentials.password` fields only
 5. **Unlock**: Session-based (key lives in memory, cleared on exit)
-6. **Optional**: Encryption is opt-in via migration script
+6. **Mandatory**: Encryption is configured during setup wizard
 
 ---
 
@@ -233,19 +233,23 @@ CREATE TABLE credentials (
 
 **Decision**: Fernet is the **safe, simple choice** for application-level encryption.
 
-### Why Optional Encryption?
+### Why Mandatory Encryption?
 
-Encryption is **opt-in** via migration script (`migrate_credentials.py`).
+Encryption is **required** and configured during the setup wizard.
 
 **Rationale**:
-1. **Lab Environments**: Operators testing against intentionally vulnerable VMs (HackTheBox, TryHackMe) don't need encryption
-2. **Usability**: Master password prompts add friction for quick scans
-3. **Backward Compatibility**: Existing databases work without migration
-4. **Transparency**: Users consciously choose to enable encryption
-
-**Default Behavior**: Credentials stored in **plaintext** unless user enables encryption.
-
-**Security Guidance**: Documentation recommends enabling encryption for **client engagements**.
+1. **Security First**: As a security company, we cannot allow plaintext credential storage
+2. **Consistency**: All users have the same security baseline
+3. **Compliance**: Encrypted storage is expected for professional pentesting tools
+4. **Simplicity**: One-time setup during wizard, no migration scripts needed
+
+**Default Behavior**: Credentials are **always encrypted** with the vault master password.
+
+**Password Requirements**:
+- At least 12 characters
+- Mix of uppercase and lowercase
+- At least one number
+- At least one special character
 
 ---
 

{souleyez-2.40.0 → souleyez-2.43.2}/souleyez/docs/architecture/overview.md

@@ -105,7 +105,7 @@ souleyez is a penetration testing automation framework designed to:
 1. **Plugin-First Architecture**: All security tools are wrapped in plugins with standardized interfaces
 2. **Engagement-Centric**: All data is scoped to engagements (workspaces) for isolation
 3. **Parse-Store-Correlate**: Tool output → Parser → Database → Correlation → Findings
-4. **Security-by-Default**: Optional credential encryption with industry-standard cryptography
+4. **Security-by-Default**: Mandatory credential encryption with industry-standard cryptography
 5. **File-Backed Job Queue**: Persistent, crash-resilient job tracking without external dependencies
 6. **Real-Time Monitoring**: Live dashboard with automatic refresh and status updates
 
@@ -176,7 +176,7 @@ souleyez is a penetration testing automation framework designed to:
 
 #### Credentials Manager (`souleyez/storage/credentials.py`)
 
-Stores and retrieves discovered credentials with optional encryption.
+Stores and retrieves discovered credentials with mandatory encryption.
 
 **Schema**:
 ```sql
@@ -499,7 +499,7 @@ class PluginBase:
 
 ### Overview
 
-souleyez implements **optional at-rest encryption** for discovered credentials using **Fernet** (symmetric encryption based on AES-128-CBC + HMAC-SHA256).
+souleyez implements **mandatory at-rest encryption** for discovered credentials using **Fernet** (symmetric encryption based on AES-128-CBC + HMAC-SHA256). Encryption is configured during the first-run setup wizard.
 
 **Note**: The README mentions AES-256, but the actual implementation uses **Fernet** which is AES-128 in CBC mode with HMAC authentication.
 
@@ -1264,9 +1264,8 @@ souleyez workspace create acme-pentest
 # Set as active
 souleyez workspace use acme-pentest
 
-# Enable encryption (optional but recommended)
-python3 migrate_credentials.py
-# Enter master password when prompted
+# Note: Encryption is configured during the setup wizard (mandatory)
+# Credentials are automatically encrypted with your vault master password
 ```
 
 ### Phase 2: Discovery