Nebula AI-Powered Penetration Testing Platform Automates Vulnerability Assessments


A brand new open-source safety device is bringing massive language fashions instantly into the penetration tester’s terminal. Nebula, developed by BerylliumSec, integrates state-of-the-art AI fashions into the command-line interface, permitting moral hackers and safety professionals to automate vulnerability assessments, generate exploit scripts, and preserve engagement documentation with out switching contexts.

Nebula helps a number of AI backends, giving customers flexibility based mostly on infrastructure and privateness wants. Supported fashions embody OpenAI’s API-accessible fashions, Meta’s Llama-3.1-8B-Instruct, Mistral AI’s Mistral-7B-Instruct-v0.2, and DeepSeek-R1-Distill-Llama-8B.

Native inference is dealt with by way of Ollama, which helps each CPU and GPU execution, whereas cloud-based fashions may be accessed through API keys.

The device works alongside any CLI-invokable safety utility, which means testers can pair it with current toolchains like Nmap, Metasploit, or customized scripts reasonably than changing established workflows.

Nebula Penetration Testing Platform

  • AI-powered web search brokers that pull real-time cybersecurity context into responses
  • Automated note-taking that categorizes findings throughout stay engagements
  • Actual-time exploitation strategies based mostly on terminal device output
  • Exterior device information import for AI-assisted evaluation
  • Constructed-in screenshot seize and annotation for documentation
  • A standing feed panel that refreshes each 5 minutes to point out current testing exercise

Customers work together with the AI by prefixing instructions with “!” or toggling a devoted AI/Terminal mode button, letting them transfer fluidly between handbook terminal work and AI-assisted queries.

Set up and Necessities

Nebula requires at the least 16GB RAM and Python 3.10–3.13.9 for CPU-based inference through Ollama. Set up is dealt with by way of pip:

textual contentpython -m pip set up nebula-ai --upgrade

For native fashions, customers set up Ollama, pull a mannequin (e.g., ollama pull mistral), and reference the precise mannequin identify in Nebula’s engagement settings. OpenAI fashions require setting an API key as an setting variable (OPENAI_API_KEY) earlier than launching the device.

A Docker deployment possibility can also be obtainable, utilizing X11 forwarding for GUI assist alongside quantity mounts for logs and engagement folders.

Alongside Nebula, BerylliumSec has additionally launched the Deep Utility Profiler (DAP), a complementary malware evaluation service. Fairly than counting on conventional signature-based detection, DAP makes use of neural networks to investigate an executable’s inside construction and behavioral intent, enabling detection of zero-day malware that signature-based instruments usually miss. DAP is accessible as each an internet service and an API, offering detailed breakdowns for analyst assessment.

BerylliumSec has indicated plans to develop customized fashions purpose-built for penetration testing duties, reasonably than relying solely on general-purpose LLMs tailored for safety use instances.

This means future variations of Nebula could supply extra specialised, domain-tuned outputs for vulnerability discovery and exploitation steerage.

Nebula displays a broader pattern of AI integration into offensive safety tooling, the place LLMs help with reconnaissance, note-taking, and exploit ideation instantly contained in the workflows testers already use. The device may be downloaded from GitHub.

By supporting each native and cloud-based fashions, it addresses various operational safety necessities, from air-gapped native inference to convenience-driven API entry. Troubleshooting logs saved at ~/.native/share/nebula/logs ought to assist customers diagnose most runtime errors independently.

 Strengthen Your SOC by Accelerating Menace Detection & Fast Investigations. -> Integrate ANY.RUN With Your SOC Now.