Private
Simple-WSL-Kali-Enum-MCP-Agent
2025-04-14
3 years
Works with Finder
0
Github Watches
0
Github Forks
0
Github Stars
Simple Enum WSL Kali Pentest Agent
A Python-based utility for running penetration testing tools from Kali Linux through Windows Subsystem for Linux (WSL).
Overview
This tool creates a bridge between Python applications running on Windows and security tools available in the Kali Linux WSL distribution. It exposes common penetration testing utilities as callable functions through a simple API.
Prerequisites
- Windows 10/11 with WSL2 installed
- Kali Linux WSL distribution
- Python 3.7+
- Required Python packages:
mcp-fastmcp
Installation
-
Install Kali Linux on WSL:
wsl --install -d kali-linux -
Update Kali and install required tools:
wsl -d kali-linux -- apt update && apt upgrade -y wsl -d kali-linux -- apt install -y nmap gobuster nikto exploitdb -
Install the required Python package:
pip install mcp-fastmcp
Usage
Import the module and use the provided tools:
from wsl_kali_pentest_agent import nmap_scan, gobuster_scan, nikto_scan, search_exploit, metasploit_stub
# Run an Nmap scan
results = nmap_scan("192.168.1.1", "-sV -p 1-1000")
print(results)
# Directory enumeration with Gobuster
dirs = gobuster_scan("http://example.com", "path_of_the_wordlist/common.txt")
print(dirs)
# Web server analysis with Nikto
vulns = nikto_scan("http://example.com")
print(vulns)
# Search for exploits
exploits = search_exploit("apache 2.4.49")
print(exploits)
# Example stub for Metasploit (to be expanded)
metasploit_stub("exploit/multi/http/apache_log4j_cve_2021_44228_rce")
Available Tools
| Function | Description | Default Options |
|---|---|---|
nmap_scan(target, options) |
Network scanning with Nmap | -sV |
gobuster_scan(url, wordlist) |
Directory enumeration | /usr/share/wordlists/dirb/common.txt |
nikto_scan(target) |
Web server vulnerability scanning | N/A |
search_exploit(query) |
Search for exploits in ExploitDB | N/A |
metasploit_stub(module) |
Stub for future Metasploit integration | N/A |
Implementation Details
The agent uses the FastMCP framework to expose WSL commands as callable tools. Each function executes commands inside the Kali Linux WSL environment using the subprocess module.
import subprocess
from mcp.server.fastmcp import FastMCP
mcp = FastMCP("WSL-Kali-Pentest-Agent")
def run_kali_command(command: str) -> str:
"""Run a shell command inside WSL Kali"""
try:
# Uses 'wsl -d kali-linux' to run inside Kali distro
result = subprocess.run(
["wsl", "-d", "kali-linux", "--", "bash", "-c", command],
capture_output=True,
text=True
)
return result.stdout if result.stdout else result.stderr
except Exception as e:
return f"Error: {str(e)}"
@mcp.tool()
def nmap_scan(target: str, options: str = "-sV") -> str:
"""Run Nmap inside WSL Kali"""
return run_kali_command(f"nmap {options} {target}")
# Additional tools defined similarly...
Security Considerations
- This tool executes commands in WSL with the permissions of the current user
- Be cautious when scanning targets - ensure you have permission to test them
- Consider sanitizing inputs to prevent command injection attacks
Future Improvements
- Add more security tools from Kali Linux
- Implement proper Metasploit integration via RPC
- Add output parsers to convert tool results to structured data
- Create a web interface for easier interaction
License
MIT License
相关推荐
🔥 1Panel provides an intuitive web interface and MCP Server to manage websites, files, containers, databases, and LLMs on a Linux server.
🧑🚀 全世界最好的LLM资料总结(数据处理、模型训练、模型部署、o1 模型、MCP、小语言模型、视觉语言模型) | Summary of the world's best LLM resources.
⛓️RuleGo is a lightweight, high-performance, embedded, next-generation component orchestration rule engine framework for Go.
Easily create LLM tools and agents using plain Bash/JavaScript/Python functions.
😎简单易用、🧩丰富生态 - 大模型原生即时通信机器人平台 | 适配 QQ / 微信(企业微信、个人微信)/ 飞书 / 钉钉 / Discord / Telegram / Slack 等平台 | 支持 ChatGPT、DeepSeek、Dify、Claude、Gemini、xAI、PPIO、Ollama、LM Studio、阿里云百炼、火山方舟、SiliconFlow、Qwen、Moonshot、ChatGLM、SillyTraven、MCP 等 LLM 的机器人 / Agent | LLM-based instant messaging bots platform, supports Discord, Telegram, WeChat, Lark, DingTalk, QQ, Slack
📦 Repomix (formerly Repopack) is a powerful tool that packs your entire repository into a single, AI-friendly file. Perfect for when you need to feed your codebase to Large Language Models (LLMs) or other AI tools like Claude, ChatGPT, DeepSeek, Perplexity, Gemini, Gemma, Llama, Grok, and more.
Reviews
5
(0)