logo
Login
MCP cover image
Simple-WSL-Kali-Enum-MCP-Agent logo
Private

Simple-WSL-Kali-Enum-MCP-Agent

See in Github
2025-04-14

0

Github Watches

0

Github Forks

0

Github Stars

Simple Enum WSL Kali Pentest Agent

A Python-based utility for running penetration testing tools from Kali Linux through Windows Subsystem for Linux (WSL).

Overview

This tool creates a bridge between Python applications running on Windows and security tools available in the Kali Linux WSL distribution. It exposes common penetration testing utilities as callable functions through a simple API.

Prerequisites

  • Windows 10/11 with WSL2 installed
  • Kali Linux WSL distribution
  • Python 3.7+
  • Required Python packages: mcp-fastmcp

Installation

  1. Install Kali Linux on WSL:

    wsl --install -d kali-linux

  2. Update Kali and install required tools:

    wsl -d kali-linux -- apt update && apt upgrade -y
wsl -d kali-linux -- apt install -y nmap gobuster nikto exploitdb

  3. Install the required Python package:

    pip install mcp-fastmcp

Usage

Import the module and use the provided tools:

from wsl_kali_pentest_agent import nmap_scan, gobuster_scan, nikto_scan, search_exploit, metasploit_stub

# Run an Nmap scan
results = nmap_scan("192.168.1.1", "-sV -p 1-1000")
print(results)

# Directory enumeration with Gobuster
dirs = gobuster_scan("http://example.com", "path_of_the_wordlist/common.txt")
print(dirs)

# Web server analysis with Nikto
vulns = nikto_scan("http://example.com")
print(vulns)

# Search for exploits
exploits = search_exploit("apache 2.4.49")
print(exploits)

# Example stub for Metasploit (to be expanded)
metasploit_stub("exploit/multi/http/apache_log4j_cve_2021_44228_rce")

Available Tools

Function Description Default Options
nmap_scan(target, options) Network scanning with Nmap -sV
gobuster_scan(url, wordlist) Directory enumeration /usr/share/wordlists/dirb/common.txt
nikto_scan(target) Web server vulnerability scanning N/A
search_exploit(query) Search for exploits in ExploitDB N/A
metasploit_stub(module) Stub for future Metasploit integration N/A

Implementation Details

The agent uses the FastMCP framework to expose WSL commands as callable tools. Each function executes commands inside the Kali Linux WSL environment using the subprocess module.

import subprocess
from mcp.server.fastmcp import FastMCP

mcp = FastMCP("WSL-Kali-Pentest-Agent")

def run_kali_command(command: str) -> str:
    """Run a shell command inside WSL Kali"""
    try:
        # Uses 'wsl -d kali-linux' to run inside Kali distro
        result = subprocess.run(
            ["wsl", "-d", "kali-linux", "--", "bash", "-c", command],
            capture_output=True,
            text=True
        )
        return result.stdout if result.stdout else result.stderr
    except Exception as e:
        return f"Error: {str(e)}"

@mcp.tool()
def nmap_scan(target: str, options: str = "-sV") -> str:
    """Run Nmap inside WSL Kali"""
    return run_kali_command(f"nmap {options} {target}")

# Additional tools defined similarly...

Security Considerations

  • This tool executes commands in WSL with the permissions of the current user
  • Be cautious when scanning targets - ensure you have permission to test them
  • Consider sanitizing inputs to prevent command injection attacks

Future Improvements

  • Add more security tools from Kali Linux
  • Implement proper Metasploit integration via RPC
  • Add output parsers to convert tool results to structured data
  • Create a web interface for easier interaction

License

MIT License

相关推荐

awesome-LLM-resourses

awesome-LLM-resourses

  • WangRongsheng

    • 🧑‍🚀 全世界最好的LLM资料总结(Agent框架、辅助编程、数据处理、模型训练、模型推理、o1 模型、MCP、小语言模型、视觉语言模型) | Summary of the world's best LLM resources.

    3.5 (4)
    harbor

    harbor

  • av

    • Effortlessly run LLM backends, APIs, frontends, and services with one command.

    2 (1)
    1Panel

    1Panel

  • 1Panel-dev

    • 🔥 1Panel provides an intuitive web interface and MCP Server to manage websites, files, containers, databases, and LLMs on a Linux server.

    2 (1)
    dify

    dify

  • langgenius

    • Dify is an open-source LLM app development platform. Dify's intuitive interface combines AI workflow, RAG pipeline, agent capabilities, model management, observability features and more, letting you quickly go from prototype to production.

    5 (0)
    nacos

    nacos

  • alibaba

    • an easy-to-use dynamic service discovery, configuration and service management platform for building AI cloud native applications.

    5 (0)
    rulego

    rulego

  • rulego

    • ⛓️RuleGo is a lightweight, high-performance, embedded, next-generation component orchestration rule engine framework for Go.

    3.7 (10)
    witsy

    witsy

  • nbonamy

    • Witsy: desktop AI assistant / universal MCP client

    3.1 (10)
    llm-functions

    llm-functions

  • sigoden

    • Easily create LLM tools and agents using plain Bash/JavaScript/Python functions.

    1 (1)
    nerve

    nerve

  • evilsocket

    • The Simple Agent Development Kit.

    3.4 (5)
    agentscope

    agentscope

  • modelscope

    • Start building LLM-empowered multi-agent applications in an easier way.

    2 (1)
    LangBot

    LangBot

  • RockChinQ

    • 🤩 Easy-to-use global IM bot platform designed for the LLM era / 简单易用的大模型即时通信机器人平台 ⚡️ Bots for QQ / Discord / WeChat(企业微信、个人微信)/ Telegram / 飞书 / 钉钉 / Slack 🧩 Integrated with ChatGPT、DeepSeek、Dify、n8n、Claude、Google Gemini、xAI、PPIO、Ollama、阿里云百炼、SiliconFlow、Qwen、Moonshot、SillyTraven、MCP、WeClone etc. LLM & Agent

    5 (1)

    Reviews

    5 (0)