ClaudeBrain is a Python-powered AI-assisted pentest knowledge base and automation harness that turns an Obsidian vault into a wiki-driven offensive-security workflow for Claude Code. It ships a 500+ page wiki, per-vulnerability hunt skills, deterministic hooks, and MCP-driven search, with client-data boundaries.
What it is
ClaudeBrain is a red-team / bug-bounty knowledge base and automation harness built to integrate with Claude Code. It converts an Obsidian vault into an opinionated offensive-security workflow, featuring a 500+ page wiki, a library of hunt skills, and a Model Context Protocol (MCP) search layer. The project emphasizes that the wiki is indexed for semantic search and used before attacks to guide actions, with a state-first engagement model and per-machine state under targets/ which is git-ignored.
How it works
Key components include:
- Wiki-first methodology: 500+ markdown technique pages indexed by qmd for semantic search over an MCP server (wiki-search).
- Hunt skills: one per vulnerability class (e.g., XSS, SQLi, SSRF, IDOR, RCE, etc.), each wiki-first and emitting a FIND finding schema.
- Deterministic automation (hooks): Python scripts that respond to Claude Code lifecycle events (hunt-trigger.py, recon-capture.py, engagement-init.py, scope-guard.py) to route tests and manage state.
- State-first engagement model: engagements stored under targets/ with state, loot, paths, scope, coverage; analyzers rank next moves.
- Research loop and safety: dedicated research folder and safety boundaries around client data.
Getting started
- Prerequisites include Linux/WSL, bash, python3 (3.10+), Claude Code CLI, Node.js >= 18 and bun, and qmd with wiki-search MCP server.
- Quickstart steps shown in README include: "```bash git clone <this-repo> ClaudeBrain cd ClaudeBrain
One-time, per-machine setup. NOTE: bootstrap.sh mutates ~/.claude: it writes a
CLAUDE.md include, symlinks the hooks, registers the MCP servers, and installs
qmd + the official Claude plugins. Read it first; it is aggressive by design.
bash setup/bootstrap.sh
Build the search index (re-run after adding wiki pages)
qmd update
Restart Claude Code so it loads the hooks, skills, and MCP servers.
Start an engagement (pentest | bugbounty | ctf)
bash setup/new-engagement.sh acme pentest
Run the test suite
python3 -m pytest -q
Before any push, run the leak gate
bash scripts/check-leaks.sh
- The README notes per-machine configuration via CLAUDE.local.md and per-repo paths under CLAUDE.local.md/.claude, with bootstrap.sh configuring vaults and MCP servers.
## Recent releases
- Latest release: 0 (no releases listed). Version badge shows 1.0.3 in README, but RELEASES section states none.
## Traction
- Stars: 195 (as per repo metadata).
## License
- MIT
## What ships vs what stays private
- Ships: wiki/ (500+ page corpus), skills/, scripts/, setup/, docs/, tests/, CLAUDE.md, README.md, LICENSE, targets/ (git-ignored).
- Private: client data and per-machine state under targets/ is git-ignored; CLAUDE.local.md stores per-machine hostnames and paths.
## Requirements
- Linux or WSL, bash, python3 (3.10+)
- Claude Code CLI
- Node.js >= 18 and bun
- qmd (installed by bootstrap via bun install -g @qmd/cli), providing wiki-search MCP server via qmd mcp
## License
- MIT
