Private
Simple-WSL-KALI-ENUM-MCP-ENSENT
2025-04-14
3 years
Works with Finder
0
Github Watches
0
Github Forks
0
Github Stars
Simple Enum WSL Kali Pentest Agent
A Python-based utility for running penetration testing tools from Kali Linux through Windows Subsystem for Linux (WSL).
Overview
This tool creates a bridge between Python applications running on Windows and security tools available in the Kali Linux WSL distribution. It exposes common penetration testing utilities as callable functions through a simple API.
Prerequisites
- Windows 10/11 with WSL2 installed
- Kali Linux WSL distribution
- Python 3.7+
- Required Python packages:
mcp-fastmcp
Installation
-
Install Kali Linux on WSL:
wsl --install -d kali-linux -
Update Kali and install required tools:
wsl -d kali-linux -- apt update && apt upgrade -y wsl -d kali-linux -- apt install -y nmap gobuster nikto exploitdb -
Install the required Python package:
pip install mcp-fastmcp
Usage
Import the module and use the provided tools:
from wsl_kali_pentest_agent import nmap_scan, gobuster_scan, nikto_scan, search_exploit, metasploit_stub
# Run an Nmap scan
results = nmap_scan("192.168.1.1", "-sV -p 1-1000")
print(results)
# Directory enumeration with Gobuster
dirs = gobuster_scan("http://example.com", "path_of_the_wordlist/common.txt")
print(dirs)
# Web server analysis with Nikto
vulns = nikto_scan("http://example.com")
print(vulns)
# Search for exploits
exploits = search_exploit("apache 2.4.49")
print(exploits)
# Example stub for Metasploit (to be expanded)
metasploit_stub("exploit/multi/http/apache_log4j_cve_2021_44228_rce")
Available Tools
| Function | Description | Default Options |
|---|---|---|
nmap_scan(target, options) |
Network scanning with Nmap | -sV |
gobuster_scan(url, wordlist) |
Directory enumeration | /usr/share/wordlists/dirb/common.txt |
nikto_scan(target) |
Web server vulnerability scanning | N/A |
search_exploit(query) |
Search for exploits in ExploitDB | N/A |
metasploit_stub(module) |
Stub for future Metasploit integration | N/A |
Implementation Details
The agent uses the FastMCP framework to expose WSL commands as callable tools. Each function executes commands inside the Kali Linux WSL environment using the subprocess module.
import subprocess
from mcp.server.fastmcp import FastMCP
mcp = FastMCP("WSL-Kali-Pentest-Agent")
def run_kali_command(command: str) -> str:
"""Run a shell command inside WSL Kali"""
try:
# Uses 'wsl -d kali-linux' to run inside Kali distro
result = subprocess.run(
["wsl", "-d", "kali-linux", "--", "bash", "-c", command],
capture_output=True,
text=True
)
return result.stdout if result.stdout else result.stderr
except Exception as e:
return f"Error: {str(e)}"
@mcp.tool()
def nmap_scan(target: str, options: str = "-sV") -> str:
"""Run Nmap inside WSL Kali"""
return run_kali_command(f"nmap {options} {target}")
# Additional tools defined similarly...
Security Considerations
- This tool executes commands in WSL with the permissions of the current user
- Be cautious when scanning targets - ensure you have permission to test them
- Consider sanitizing inputs to prevent command injection attacks
Future Improvements
- Add more security tools from Kali Linux
- Implement proper Metasploit integration via RPC
- Add output parsers to convert tool results to structured data
- Create a web interface for easier interaction
License
MIT License
相关推荐
😎简单易用、🧩丰富生态 -大模型原生即时通信机器人平台| 适配QQ / 微信(企业微信、个人微信) /飞书 /钉钉 / discord / telegram / slack等平台| 支持chatgpt,deepseek,dify,claude,基于LLM的即时消息机器人平台,支持Discord,Telegram,微信,Lark,Dingtalk,QQ,Slack
📦ropomix(以前是repopack)是一种功能强大的工具,可将整个存储库包装到一个单一的AI友好文件中。非常适合当您需要将代码库提供给大型语言模型(LLMS)或其他AI工具(例如Claude,Chatgpt,Deepseek,Cllexity,Gemini,Gemini,Gemma,Gemma,Lllama,Grok等)等其他AI工具。
Reviews
5
(0)