High-risk tools in MCP Kali Pentest
39 of the 61 tools in MCP Kali Pentest are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
aircrack_suiteExecuteComplete aircrack-ng workflow for WPA/WEP cracking.
-
bettercapExecuteSwiss Army knife for WiFi, Bluetooth, and Ethernet networks reconnaissance and attacks.
-
binwalk_extractExecuteFirmware analysis tool for extracting embedded files and code.
-
bloodhound_ingestExecuteActive Directory attack path analysis. Identifies privilege escalation paths.
-
burpsuite_scanExecuteBurp Suite Professional automated scanner. Requires Burp Suite Pro license and REST API.
-
cloudfox_enumExecuteAWS enumeration and privilege escalation tool.
-
commixExecuteAutomated command injection exploitation tool.
-
crackmapexecExecutePost-exploitation tool for Active Directory environments. Supports SMB, MSSQL, SSH, WinRM.
-
dirbusterExecuteMulti-threaded Java application designed to brute force directories and files.
-
droopescanExecuteDrupal and SilverStripe security scanner.
-
drozer_scanExecuteAndroid security assessment framework for app testing.
-
ffuf_fuzzExecuteFast web fuzzer for discovering paths, parameters, and vulnerabilities.
-
frida_traceExecuteDynamic instrumentation toolkit for reverse engineering mobile apps.
-
gobuster_scanExecuteDirectory and file brute-forcing tool. Discovers hidden paths and files on web servers.
-
graphql_scannerExecuteGraphQL security scanner checking for introspection, injection, and misconfiguration.
-
hashcat_crackExecuteAdvanced password recovery using GPU acceleration.
-
hydra_bruteforceExecuteNetwork login brute-force tool. Supports SSH, FTP, HTTP, RDP, and many other protocols.
-
john_crackExecuteJohn the Ripper password cracker. Cracks password hashes using wordlists and rules.
-
joomscanExecuteJoomla vulnerability scanner detecting version, modules, and security issues.
-
kismet_scanExecuteWireless network and device detector, sniffer, and intrusion detection system.
-
linpeasExecuteLinux privilege escalation awesome script. Automated enumeration.
-
masscan_scanExecuteUltra-fast port scanner capable of scanning the entire Internet in minutes. Much faster than Nmap for large-scale scans.
-
mobsf_scanExecuteMobile Security Framework - Android/iOS app security scanner.
-
nikto_scanExecuteWeb server vulnerability scanner. Checks for outdated software, dangerous files, and misconfigurations.
-
nmap_scanExecuteAdvanced port scanning and service detection using Nmap. Supports TCP/UDP, OS detection, script scanning, and version detection.
-
nuclei_scanExecuteFast vulnerability scanner using templates. Detects CVEs, misconfigurations, and security issues.
-
owasp_zap_scanExecuteOWASP ZAP automated security scanner. Performs active and passive scanning of web applications.
-
postman_scanExecuteAPI testing with Postman/Newman. Run collections for API security testing.
-
radare2_analyzeExecuteOpen-source reverse engineering framework and disassembler.
-
reaverExecuteWPS (Wi-Fi Protected Setup) brute-force attack tool.
-
sqlmap_scanExecuteAutomated SQL injection detection and exploitation. Tests for SQLi vulnerabilities and can extract database contents.
-
ssrf_detectorExecuteServer-Side Request Forgery (SSRF) vulnerability detection.
-
start_autonomous_pentestExecuteStart a fully autonomous penetration test. The AI will make decisions and suggest next steps automatically.
-
vulnerability_assessmentExecuteComprehensive vulnerability assessment using multiple tools and AI analysis.
-
wfuzzExecuteAdvanced web application fuzzer for discovering hidden resources and parameters.
-
wifiteExecuteAutomated wireless auditor. Automatically attacks multiple WEP, WPA, and WPS encrypted networks.
-
winpeasExecuteWindows privilege escalation awesome script. Automated enumeration.
-
wpscanExecuteWordPress vulnerability scanner. Detects vulnerable plugins, themes, and WordPress core issues.
-
xsstrikeExecuteAdvanced XSS (Cross-Site Scripting) detection and exploitation suite.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.