AI Integration in the Tester’s Terminal
A new open source tool called Nebula, created by BerylliumSec, embeds large language models directly into the command line interface used by penetration testers. This allows ethical hackers and security professionals to automate vulnerability assessments, generate exploit scripts, and maintain engagement documentation without leaving their terminal environment. The tool supports multiple AI backends, including OpenAI’s API models, Meta’s Llama 3.1 8B Instruct, Mistral AI’s Mistral 7B Instruct v0.2, and DeepSeek R1 Distill Llama 8B. Local inference runs through Ollama on CPU or GPU, while cloud models require API keys. Nebula works alongside existing security utilities like Nmap and Metasploit, so testers can integrate AI assistance into their current toolchains rather than replacing them.
Key Features and Installation Requirements
Nebula offers AI powered internet search agents that pull real time cybersecurity context, automated note taking that categorizes findings during live engagements, real time exploitation suggestions based on terminal output, and built in screenshot capture with annotation for documentation. A status feed panel refreshes every five minutes to show recent testing activity. Users interact with the AI by prefixing commands with an exclamation mark or toggling a dedicated AI/Terminal mode button. The tool requires at least 16GB RAM and Python 3.10 through 3.13.9 for CPU inference. Installation uses pip, and local models require Ollama. A Docker deployment option is available with X11 forwarding for GUI support.
Broader Context and Future Developments
BerylliumSec has also introduced the Deep Application Profiler, a complementary malware analysis service that uses neural networks to analyze executable structure and behavioral intent, enabling detection of zero day malware that signature based tools typically miss. The company plans to develop custom models built specifically for penetration testing tasks, moving beyond general purpose LLMs adapted for security. Nebula reflects a growing trend of AI integration into offensive security tooling, where LLMs assist with reconnaissance, note taking, and exploit ideation directly within existing tester workflows. By supporting both local and cloud based models, the tool addresses varying operational security requirements from air gapped environments to convenient API access.
Source: Cyber Security News
