High-risk tools in Kali
9 of the 16 tools in Kali are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
dns_enumExecutePerform DNS enumeration to find subdomains and DNS records
-
host_discoveryExecuteDiscover live hosts on a network using nmap ping scan
-
hydra_bruteforceExecuteUse Hydra for password brute forcing (SSH, FTP, HTTP, etc.)
-
netcat_connectExecuteConnect to a host and port using netcat for banner grabbing
-
nikto_scanExecuteRun Nikto web vulnerability scanner against a target URL
-
nmap_scanExecuteRun an nmap port scan on a target IP or hostname. Can scan specific ports or ranges.
-
sqlmap_scanExecuteUse SQLMap to test for SQL injection vulnerabilities
-
ssl_scanExecuteAnalyze SSL/TLS configuration of a host
-
subdomain_enumExecuteDiscover subdomains using multiple methods (amass-style enumeration)
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.