High-risk tools in Hacking Buddy MCP
9 of the 11 tools in Hacking Buddy MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
run_banner_grabbingExecuteRunning nmap banner grab on a target.
-
run_kubectl_enumerationExecuteRun basic kubectl enumeration commands.
-
run_masscan_defined_portsExecuteRunning masscan defined port scan given port(s) of ip range
-
run_masscan_discoveryExecuteRunning masscan scan all port scan of ip range
-
run_masscan_top_portsExecuteRunning masscan top-port scan given a top-ports integer of ip range
-
run_nmapExecuteRunning nmap service scan on a target.
-
run_nmap_discoveryExecuteRunning nmap discovery scan of ip range
-
run_smb_scanExecuteRunning nmap smb scan on a target.
-
run_sqlmapExecuteRunning sqlmap on a target.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.