kali-pentest
Health Uyari
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Uyari
- Code scan incomplete — No supported source files were scanned during light audit
Permissions Gecti
- Permissions — No dangerous permissions requested
This tool is an AI agent skill that connects to a Kali Linux environment to autonomously conduct penetration tests. It uses 199 command-line utilities to plan attack paths, execute security scans, and generate reports.
Security Assessment
The overall risk is High. By design, this tool executes arbitrary shell commands and makes extensive network requests against target infrastructure via SSH or Docker. It accesses highly sensitive data, including target credentials and server SSH keys. While the light audit scan found no hardcoded secrets and no explicitly dangerous permissions, the source code was not scanned during the audit. The true security of the tool relies entirely on the LLM's ability to follow its built-in authorization checks and human approval gates. Because it acts as an autonomous agent, prompt injection or misconfiguration could easily lead to unauthorized network attacks.
Quality Assessment
The project is very new, with recent updates but extremely low community visibility (only 5 stars). It carries a standard Apache-2.0 license. However, community trust is difficult to gauge. The lack of scanned source code means its internal safety mechanisms and guardrails cannot be verified automatically. Trust ultimately depends entirely on the reputation of the developers and the end-user's ability to review the configuration files.
Verdict
Use with extreme caution, only against authorized targets by experienced professionals who have manually reviewed the agent's workflows.
AI agent skill for autonomous penetration testing via Kali Linux — 199 CLI tools, 15 scenario playbooks, depth-enforced workflows over SSH or Docker. Works with Claude Code, OpenClaw, and Hermes Agent.
kali-pentest
An intelligent penetration testing skill built on Kali Linux, with 199 CLI tools across 14 categories. Covers internal/external networks, web/API, AD, wireless, cloud, mobile, forensics, and more. Built-in coverage matrices, zero-findings fallbacks, and objective stopping conditions ensure testing depth.
The AI agent connects to a Kali environment via SSH or Docker, autonomously plans the attack path based on the target, selects and executes tools, integrates and analyzes results across phases to adapt the penetration strategy, and produces a structured report — with mandatory authorization checks and human approval gates for high-risk actions.
Getting Started
1. Install the skill
Copy the skill directory into your AI agent's skills folder:
cp -r kali-pentest /path/to/your/agent/skills/kali-pentest
| Agent | Skills path |
|---|---|
| Claude Code | ~/.claude/skills/ (personal) or .claude/skills/ (project) |
| OpenClaw | ~/.openclaw/skills/ |
| Hermes Agent | ~/.hermes/skills/ |
2. Provide Kali access
The agent needs a Kali Linux environment. Two options:
- Server mode (recommended): full Kali over SSH — avoids Docker networking, raw-socket, wireless, and GPU limitations. See server mode guide.
- Docker mode: pre-build a persistent container with tools installed. Best for CLI recon, scanning, web/API testing, and reporting. See Docker mode guide.
Tell the agent how to connect:
My Kali server is at 192.168.1.100, SSH user root, key at ~/.ssh/kali_key.
Or use Docker locally:
I have Docker installed locally. Use Docker to run Kali tools.
For OpenClaw and similar AI assistants, you can also configure Kali connection details in TOOLS.md so the agent reads them automatically without asking each time.
3. Invoke
Use natural language to assign a penetration testing task. The agent confirms scope and proceeds autonomously.
Slash command:
For Claude Code and compatible agents.
/kali-pentest
Conversational:
For OpenClaw, Hermes Agent, and other AI assistants.
Tested Models
The skill workflow has been optimized and tested with:
claude-sonnet-4.6deepseek-v4-proqwen3.6:27b— local fallback for air-gapped environments (requires context length ≥ 128K)
Usage Examples
Kali server: ssh -i ~/.ssh/kali_key [email protected]
First run a full port scan and service fingerprinting against 192.168.1.50, then plan and execute an in-depth penetration test based on the results — do not overlook any potential weakness. After testing, produce a detailed report.
I have authorization.
Kali server: ssh -i ~/.ssh/kali_key [email protected]
Target: 10.0.0.0/24
Quickly scan the target network for open ports along with their service/protocol names and versions, then produce a report.
I have authorization.
The persistent Docker container `kali-pentest` is initialized with the full toolset.
Use Docker mode to run a web application penetration test against http://192.168.1.50 and produce a detailed HTML report.
I have authorization.
Target domain: corp.example.com, domain controller 10.0.0.5
Perform an Active Directory security assessment covering enumeration, Kerberoasting, ACL abuse, and certificate template checks.
Target API: https://api.example.com, OpenAPI spec at /tmp/openapi.yaml
Perform an API security assessment covering authentication, authorization, and schema-driven testing.
Target: Kubernetes cluster context prod-audit and container registry registry.example.com
Run a read-only cloud-native security assessment and produce a findings report.
Target app: /tmp/app.apk with test account [email protected]
Perform an Android application security assessment, including static analysis, runtime checks, and backend endpoint mapping.
Authorized SSID: CorpWiFi, BSSID: AA:BB:CC:DD:EE:FF, channel 6
Perform a wireless security assessment including passive discovery, handshake capture, WPS detection, and evil twin testing.
Target repository: /tmp/source-repo (including Git history)
Perform a source code and dependency audit including secret scanning, SAST, and CI/CD pipeline security checks.
Target: SIP service 10.10.20.15 and Modbus host 10.10.30.20
Conservative read-only specialized protocol assessment. Do not place calls or write PLC/Modbus values.
Architecture
kali-pentest/
├── SKILL.md ← Agent entry point: planning, execution, error handling
└── references/
├── playbooks/ ← 15 scenario workflows (AD, web, internal, cloud, wireless, ...)
├── environment/ ← Server mode and Docker mode setup
├── reconnaissance/ ← 38 tools
├── scanning/ ← 18 tools
├── web/ ← 22 tools
├── api/ ← 7 tools
├── exploitation/ ← 17 tools
├── password/ ← 16 tools
├── wireless/ ← 22 tools
├── cloud-native/ ← 7 tools
├── mobile/ ← 5 tools
├── hardware-access/ ← 5 tools
├── specialized-protocols/ ← 5 tools
├── forensics/ ← 10 tools
├── post-exploitation/ ← 24 tools
└── reporting/ ← 3 tools
The kali-pentest-zh/ directory is the Chinese mirror and stays structurally synchronized with kali-pentest/.
Document Layering
The skill uses a four-layer document hierarchy. Each layer has a distinct responsibility, and the agent reads top-down:
| Layer | Files | Responsibility |
|---|---|---|
| Entry point | SKILL.md |
Global workflow (Steps 1–5), execution standards, general testing principles |
| Scenario workflows | playbooks/*.md |
Phase-by-phase procedures, decision trees, concrete command pipelines, depth-enforcement directives, stopping conditions |
| Tool selection | <category>/README.md |
Category overview, tool comparison, selection guidance |
| Tool reference | <category>/tools/<name>.md |
Parameters, command examples, installation, notes, official links |
General principles live in SKILL.md (brief, no code blocks). Scenario-specific implementations live in playbooks (concrete commands, test matrices, coverage requirements). The layered structure prevents duplication while ensuring both global coverage and per-scenario depth.
Depth Enforcement
Each playbook includes bold-labeled directives at key workflow decision points to prevent the agent from doing shallow, surface-level work:
- Coverage requirements — test ALL discovered items (endpoints, services, credentials), not just a sample.
- Zero-findings fallback — escalate or manually verify when automated tools report no findings.
- Coverage matrices — build explicit item × test matrices and complete every cell.
- Attack escalation — progress through multiple attack techniques of increasing depth.
Every playbook has objective, verifiable stopping conditions — not "testing is complete" but specific artifacts, matrices, and checklists that must be filled. Every confirmed finding must include the complete reproducible command and its actual output as evidence.
Cross-Reference Logic
Playbooks form a connected graph. When a workflow phase discovers targets that belong to a different scenario (e.g., AD signals during internal network scanning, API endpoints during web testing), the playbook directs the agent to switch. All such handoffs are listed in each playbook's Cross-References section.
Reusable methodology (e.g., the port scanning and service testing procedures in internal-network.md) can be referenced from other playbooks.
Playbooks
15 scenario workflows with phases, decision trees, risk gates, and stopping conditions:
| Playbook | Scenario |
|---|---|
internal-network.md |
Host discovery, port scanning, service enumeration, pivoting |
external-attack-surface.md |
OSINT, subdomain enumeration, exposed service scanning |
web-application.md |
OWASP Top 10, CMS, injection, auth, business logic |
api-security.md |
REST, GraphQL, gRPC, WebSocket, JWT, BOLA/IDOR |
active-directory.md |
Kerberoasting, ADCS, relay, ACL abuse, DCSync |
password-audit.md |
Hash cracking, spraying, credential reuse, capture |
wireless-assessment.md |
WPA/WPA3, WPS, evil twin, Bluetooth/BLE |
cloud-native-assessment.md |
AWS/Azure/GCP IAM, Kubernetes, containers, serverless |
mobile-application.md |
Android/iOS static + dynamic analysis, SSL pinning bypass |
post-exploitation.md |
Privilege escalation, lateral movement, persistence, C2 |
forensics-triage.md |
Disk imaging, memory forensics, log analysis, steganography |
hardware-access.md |
NFC/RFID cloning, smart cards, firmware extraction |
specialized-protocols.md |
VoIP/SIP, ICS/OT/Modbus, IPMI/BMC (safety-first) |
source-code-audit.md |
Secret scanning, SAST, dependency audit, CI/CD checks |
reporting-workflow.md |
Evidence packaging, CVSS scoring, report generation |
Tool Selection Criteria
All tools are selected for autonomous agent operation:
- CLI-automatable only — GUI-only tools and interactive debuggers are excluded
- Headless binary analysis included —
strings,checksec,radare2one-shot, Ghidra Headless - CLI alternatives preferred — e.g.,
tsharkinstead of Wireshark
Contributing
Contributions are welcome — issues, pull requests, and new tool documentation.
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi