tool_registry.py•39.9 kB
"""
Tool Registry - Organized catalog of all penetration testing tools
Provides categorization, metadata, and tool information
"""
from typing import Dict, List, Any
from mcp.types import Tool
class ToolCategory:
"""Tool category definition"""
def __init__(self, name: str, description: str, tools: List[str]):
self.name = name
self.description = description
self.tools = tools
# Define all tool categories
TOOL_CATEGORIES = {
"reconnaissance": ToolCategory(
name="Reconnaissance & OSINT",
description="Information gathering, subdomain enumeration, and open-source intelligence",
tools=[
"nmap_scan", "masscan_scan", "amass_enum", "theHarvester",
"recon_ng", "shodan_search", "whatweb", "wafw00f",
"dns_enum", "sublist3r", "fierce"
]
),
"web_scanning": ToolCategory(
name="Web Application Scanning",
description="Web vulnerability scanners and directory enumeration",
tools=[
"nikto_scan", "nuclei_scan", "wpscan", "joomscan", "droopescan",
"gobuster_scan", "dirb", "dirbuster", "wfuzz", "ffuf_fuzz"
]
),
"web_exploitation": ToolCategory(
name="Web Application Exploitation",
description="SQL injection, XSS, command injection, and web-specific attacks",
tools=[
"sqlmap_scan", "commix", "xsstrike", "ssrf_detector",
"burpsuite_scan", "owasp_zap_scan", "wfuzz"
]
),
"wireless": ToolCategory(
name="Wireless Security",
description="Wi-Fi assessment, WPA/WEP cracking, and wireless attacks",
tools=[
"aircrack_suite", "reaver", "wifite", "bettercap",
"kismet_scan", "aircrack_ng"
]
),
"network": ToolCategory(
name="Network Testing",
description="Network scanning, packet analysis, and network exploitation",
tools=[
"nmap_scan", "masscan_scan", "bettercap", "tcpdump_capture",
"wireshark_analyze", "snmp_check", "enum4linux", "smbclient_enum"
]
),
"brute_force": ToolCategory(
name="Brute Force & Authentication",
description="Password attacks and authentication testing",
tools=[
"hydra_bruteforce", "medusa", "patator", "crackmapexec",
"crowbar", "ncrack"
]
),
"password_cracking": ToolCategory(
name="Password Cracking",
description="Hash cracking and password recovery",
tools=[
"john_crack", "hashcat_crack", "ophcrack", "rainbowcrack"
]
),
"exploitation": ToolCategory(
name="Exploitation Frameworks",
description="Exploit databases and exploitation frameworks",
tools=[
"metasploit_search", "searchsploit", "exploit_db_search",
"commix", "crackmapexec"
]
),
"post_exploitation": ToolCategory(
name="Post-Exploitation",
description="Privilege escalation, lateral movement, and persistence",
tools=[
"mimikatz", "bloodhound_ingest", "empire_agent",
"crackmapexec", "linpeas", "winpeas"
]
),
"social_engineering": ToolCategory(
name="Social Engineering",
description="Phishing campaigns and social engineering attacks",
tools=[
"setoolkit", "gophish_campaign", "king_phisher"
]
),
"mobile": ToolCategory(
name="Mobile Application Security",
description="Android and iOS security testing",
tools=[
"mobsf_scan", "drozer_scan", "frida_trace", "objection"
]
),
"api_testing": ToolCategory(
name="API Security Testing",
description="REST, GraphQL, and API vulnerability testing",
tools=[
"postman_scan", "rest_api_fuzzer", "graphql_scanner",
"nuclei_scan", "ffuf_fuzz"
]
),
"forensics": ToolCategory(
name="Digital Forensics",
description="Memory forensics, disk analysis, and incident response",
tools=[
"volatility_analyze", "autopsy_case", "foremost", "scalpel"
]
),
"reverse_engineering": ToolCategory(
name="Reverse Engineering",
description="Binary analysis, decompilation, and malware analysis",
tools=[
"ghidra_decompile", "radare2_analyze", "binwalk_extract",
"strings_extract", "ida_pro", "hopper"
]
),
"cloud": ToolCategory(
name="Cloud Security",
description="AWS, Azure, GCP security assessment",
tools=[
"scout_suite", "cloudfox_enum", "pacu_module",
"prowler", "cloudmapper"
]
),
"container": ToolCategory(
name="Container Security",
description="Docker and Kubernetes security scanning",
tools=[
"trivy_scan", "docker_bench_security", "clair_scan",
"kube_hunter", "kube_bench"
]
),
"reporting": ToolCategory(
name="Reporting & Documentation",
description="Report generation and documentation tools",
tools=[
"generate_report", "dradis", "faraday", "serpico"
]
),
"autonomous": ToolCategory(
name="Autonomous Testing",
description="AI-powered automated penetration testing",
tools=[
"start_autonomous_pentest", "get_ai_suggestion",
"vulnerability_assessment", "auto_pentest_full"
]
)
}
def get_all_tool_definitions() -> List[Tool]:
"""Get comprehensive list of all tool definitions for MCP"""
tools = [
# ============ RECONNAISSANCE ============
Tool(
name="nmap_scan",
description="Advanced port scanning and service detection using Nmap. Supports TCP/UDP, OS detection, script scanning, and version detection.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP address or hostname"},
"scan_type": {"type": "string", "enum": ["quick", "full", "stealth", "aggressive", "udp"], "default": "quick"},
"ports": {"type": "string", "description": "Port range (e.g., '1-1000', '80,443,8080')"},
"scripts": {"type": "array", "items": {"type": "string"}, "description": "NSE scripts to run"}
},
"required": ["target"]
}
),
Tool(
name="masscan_scan",
description="Ultra-fast port scanner capable of scanning the entire Internet in minutes. Much faster than Nmap for large-scale scans.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP, CIDR, or range"},
"ports": {"type": "string", "default": "0-65535", "description": "Port range"},
"rate": {"type": "integer", "default": 1000, "description": "Packets per second"}
},
"required": ["target"]
}
),
Tool(
name="amass_enum",
description="Advanced subdomain enumeration using OSINT, brute-forcing, and DNS techniques.",
inputSchema={
"type": "object",
"properties": {
"domain": {"type": "string", "description": "Target domain"},
"passive": {"type": "boolean", "default": True, "description": "Use only passive techniques"}
},
"required": ["domain"]
}
),
Tool(
name="theHarvester",
description="Email addresses, subdomains, and hosts harvester from public sources.",
inputSchema={
"type": "object",
"properties": {
"domain": {"type": "string", "description": "Target domain"},
"sources": {"type": "string", "default": "all", "description": "Data sources (google, bing, linkedin, etc.)"}
},
"required": ["domain"]
}
),
Tool(
name="recon_ng",
description="Full-featured reconnaissance framework with modules for OSINT gathering.",
inputSchema={
"type": "object",
"properties": {
"workspace": {"type": "string", "description": "Workspace name"},
"module": {"type": "string", "description": "Module to run"},
"target": {"type": "string", "description": "Target"}
},
"required": ["workspace", "module", "target"]
}
),
Tool(
name="shodan_search",
description="Search Shodan for exposed devices and services.",
inputSchema={
"type": "object",
"properties": {
"query": {"type": "string", "description": "Search query"},
"api_key": {"type": "string", "description": "Shodan API key"}
},
"required": ["query", "api_key"]
}
),
Tool(
name="whatweb",
description="Web technology fingerprinting tool. Identifies CMS, frameworks, JavaScript libraries, and more.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"aggression": {"type": "integer", "minimum": 1, "maximum": 4, "default": 1}
},
"required": ["target"]
}
),
Tool(
name="wafw00f",
description="Web Application Firewall (WAF) detection and identification.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"}
},
"required": ["target"]
}
),
# ============ WEB SCANNING ============
Tool(
name="nikto_scan",
description="Comprehensive web server vulnerability scanner checking for 6700+ potentially dangerous files/programs.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"ssl": {"type": "boolean", "default": False},
"port": {"type": "integer", "default": 80}
},
"required": ["target"]
}
),
Tool(
name="nuclei_scan",
description="Fast vulnerability scanner using community-powered templates. Detects CVEs, misconfigurations, and security issues.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL or IP"},
"templates": {"type": "array", "items": {"type": "string"}, "description": "Specific templates to use"},
"severity": {"type": "array", "items": {"type": "string"}, "description": "Severity levels to scan"}
},
"required": ["target"]
}
),
Tool(
name="wpscan",
description="WordPress security scanner. Detects vulnerable plugins, themes, and WordPress core issues.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "WordPress site URL"},
"enumerate": {"type": "string", "enum": ["vp", "ap", "tt", "cb", "dbe", "u"], "description": "What to enumerate"},
"api_token": {"type": "string", "description": "WPScan API token"}
},
"required": ["target"]
}
),
Tool(
name="joomscan",
description="Joomla vulnerability scanner detecting version, modules, and security issues.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Joomla site URL"}
},
"required": ["target"]
}
),
Tool(
name="droopescan",
description="Drupal and SilverStripe security scanner.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"plugin": {"type": "string", "enum": ["drupal", "silverstripe"], "default": "drupal"}
},
"required": ["target"]
}
),
Tool(
name="gobuster_scan",
description="Fast directory and file brute-forcing tool written in Go.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"wordlist": {"type": "string", "description": "Path to wordlist file"},
"extensions": {"type": "array", "items": {"type": "string"}, "description": "File extensions to search"}
},
"required": ["target"]
}
),
Tool(
name="dirb",
description="Web content scanner looking for hidden web objects.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"wordlist": {"type": "string", "description": "Path to wordlist"}
},
"required": ["target"]
}
),
Tool(
name="dirbuster",
description="Multi-threaded Java application designed to brute force directories and files.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"wordlist": {"type": "string", "description": "Path to wordlist"},
"threads": {"type": "integer", "default": 10}
},
"required": ["target", "wordlist"]
}
),
Tool(
name="wfuzz",
description="Advanced web application fuzzer for discovering hidden resources and parameters.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL with FUZZ keyword"},
"wordlist": {"type": "string", "description": "Path to wordlist"},
"filter_codes": {"type": "array", "items": {"type": "integer"}, "description": "HTTP codes to filter out"}
},
"required": ["target", "wordlist"]
}
),
# ============ WEB EXPLOITATION ============
Tool(
name="sqlmap_scan",
description="Automatic SQL injection and database takeover tool. Tests for SQLi and can extract database contents.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"data": {"type": "string", "description": "POST data"},
"cookie": {"type": "string", "description": "HTTP Cookie header"},
"level": {"type": "integer", "minimum": 1, "maximum": 5, "default": 1},
"risk": {"type": "integer", "minimum": 1, "maximum": 3, "default": 1}
},
"required": ["target"]
}
),
Tool(
name="commix",
description="Automated command injection exploitation tool.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"data": {"type": "string", "description": "POST data"}
},
"required": ["target"]
}
),
Tool(
name="xsstrike",
description="Advanced XSS (Cross-Site Scripting) detection and exploitation suite.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"}
},
"required": ["target"]
}
),
Tool(
name="ssrf_detector",
description="Server-Side Request Forgery (SSRF) vulnerability detection.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"callback_url": {"type": "string", "description": "Your callback server URL"}
},
"required": ["target", "callback_url"]
}
),
Tool(
name="burpsuite_scan",
description="Burp Suite Professional automated scanner. Requires Burp Suite Pro license and REST API.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"api_key": {"type": "string", "description": "Burp Suite API key"},
"scan_type": {"type": "string", "enum": ["crawl_and_audit", "crawl", "audit"], "default": "crawl_and_audit"}
},
"required": ["target", "api_key"]
}
),
Tool(
name="owasp_zap_scan",
description="OWASP ZAP automated web application security scanner.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL"},
"scan_type": {"type": "string", "enum": ["quick", "full", "api"], "default": "quick"}
},
"required": ["target"]
}
),
# ============ WIRELESS ============
Tool(
name="aircrack_suite",
description="Complete aircrack-ng workflow for WPA/WEP cracking.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Wireless interface"},
"target_bssid": {"type": "string", "description": "Target BSSID"},
"channel": {"type": "integer", "description": "Wi-Fi channel"}
},
"required": ["interface", "target_bssid", "channel"]
}
),
Tool(
name="reaver",
description="WPS (Wi-Fi Protected Setup) brute-force attack tool.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Wireless interface"},
"bssid": {"type": "string", "description": "Target BSSID"}
},
"required": ["interface", "bssid"]
}
),
Tool(
name="wifite",
description="Automated wireless auditor. Automatically attacks multiple WEP, WPA, and WPS encrypted networks.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Wireless interface"},
"wpa_only": {"type": "boolean", "default": True}
},
"required": ["interface"]
}
),
Tool(
name="bettercap",
description="Swiss Army knife for WiFi, Bluetooth, and Ethernet networks reconnaissance and attacks.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Network interface"},
"caplet": {"type": "string", "description": "Caplet script to run"}
},
"required": ["interface"]
}
),
Tool(
name="kismet_scan",
description="Wireless network and device detector, sniffer, and intrusion detection system.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Wireless interface"}
},
"required": ["interface"]
}
),
# ============ BRUTE FORCE ============
Tool(
name="hydra_bruteforce",
description="Fast network login brute-forcer supporting 50+ protocols (SSH, FTP, HTTP, RDP, SMB, etc.).",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP or hostname"},
"service": {"type": "string", "enum": ["ssh", "ftp", "http", "rdp", "smb", "mysql", "postgres"]},
"username": {"type": "string", "description": "Single username or path to username list"},
"password_list": {"type": "string", "description": "Path to password list"},
"port": {"type": "integer", "description": "Custom port"}
},
"required": ["target", "service", "password_list"]
}
),
Tool(
name="crackmapexec",
description="Post-exploitation tool for Active Directory environments. Supports SMB, MSSQL, SSH, WinRM.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP or range"},
"username": {"type": "string", "description": "Username"},
"password": {"type": "string", "description": "Password or hash"},
"module": {"type": "string", "description": "Module to execute"}
},
"required": ["target", "username", "password", "module"]
}
),
Tool(
name="ffuf_fuzz",
description="Fast web fuzzer for discovering files, directories, and parameters.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target URL with FUZZ keyword"},
"wordlist": {"type": "string", "description": "Path to wordlist"},
"method": {"type": "string", "enum": ["GET", "POST", "PUT", "DELETE"], "default": "GET"}
},
"required": ["target", "wordlist"]
}
),
# ============ PASSWORD CRACKING ============
Tool(
name="john_crack",
description="John the Ripper password cracker. Supports hundreds of hash types.",
inputSchema={
"type": "object",
"properties": {
"hash_file": {"type": "string", "description": "Path to file containing hashes"},
"wordlist": {"type": "string", "description": "Path to wordlist"},
"format": {"type": "string", "description": "Hash format (e.g., md5, sha256, ntlm)"}
},
"required": ["hash_file"]
}
),
Tool(
name="hashcat_crack",
description="Advanced GPU-accelerated password recovery. Fastest hash cracker available.",
inputSchema={
"type": "object",
"properties": {
"hash": {"type": "string", "description": "Hash to crack"},
"hash_type": {"type": "integer", "description": "Hashcat hash mode number"},
"wordlist": {"type": "string", "description": "Path to wordlist"},
"attack_mode": {"type": "integer", "enum": [0, 1, 3, 6, 7], "default": 0}
},
"required": ["hash", "hash_type"]
}
),
# ============ EXPLOITATION ============
Tool(
name="metasploit_search",
description="Search Metasploit Framework database for exploits and modules.",
inputSchema={
"type": "object",
"properties": {
"query": {"type": "string", "description": "Search query"},
"type": {"type": "string", "enum": ["exploit", "auxiliary", "post", "payload"], "description": "Module type"}
},
"required": ["query"]
}
),
Tool(
name="searchsploit",
description="Search Exploit-DB for public exploits and vulnerability POCs.",
inputSchema={
"type": "object",
"properties": {
"query": {"type": "string", "description": "Search query (software name, CVE, etc.)"}
},
"required": ["query"]
}
),
# ============ POST-EXPLOITATION ============
Tool(
name="bloodhound_ingest",
description="Active Directory attack path analysis. Identifies privilege escalation paths.",
inputSchema={
"type": "object",
"properties": {
"domain": {"type": "string", "description": "Target domain"},
"username": {"type": "string", "description": "Domain username"},
"password": {"type": "string", "description": "Domain password"}
},
"required": ["domain", "username", "password"]
}
),
Tool(
name="linpeas",
description="Linux privilege escalation awesome script. Automated enumeration.",
inputSchema={
"type": "object",
"properties": {
"target_ip": {"type": "string", "description": "Target system IP"}
},
"required": ["target_ip"]
}
),
Tool(
name="winpeas",
description="Windows privilege escalation awesome script. Automated enumeration.",
inputSchema={
"type": "object",
"properties": {
"target_ip": {"type": "string", "description": "Target system IP"}
},
"required": ["target_ip"]
}
),
# ============ MOBILE ============
Tool(
name="mobsf_scan",
description="Mobile Security Framework - Android/iOS app security scanner.",
inputSchema={
"type": "object",
"properties": {
"apk_path": {"type": "string", "description": "Path to APK/IPA file"},
"api_url": {"type": "string", "default": "http://localhost:8000"}
},
"required": ["apk_path"]
}
),
Tool(
name="drozer_scan",
description="Android security assessment framework for app testing.",
inputSchema={
"type": "object",
"properties": {
"package": {"type": "string", "description": "Android package name"}
},
"required": ["package"]
}
),
Tool(
name="frida_trace",
description="Dynamic instrumentation toolkit for reverse engineering mobile apps.",
inputSchema={
"type": "object",
"properties": {
"package": {"type": "string", "description": "App package name"},
"function": {"type": "string", "description": "Function to trace"}
},
"required": ["package", "function"]
}
),
# ============ API TESTING ============
Tool(
name="postman_scan",
description="API testing with Postman/Newman. Run collections for API security testing.",
inputSchema={
"type": "object",
"properties": {
"collection_path": {"type": "string", "description": "Postman collection file"},
"environment": {"type": "string", "description": "Environment file"}
},
"required": ["collection_path", "environment"]
}
),
Tool(
name="graphql_scanner",
description="GraphQL security scanner checking for introspection, injection, and misconfiguration.",
inputSchema={
"type": "object",
"properties": {
"endpoint": {"type": "string", "description": "GraphQL endpoint URL"}
},
"required": ["endpoint"]
}
),
# ============ FORENSICS ============
Tool(
name="volatility_analyze",
description="Advanced memory forensics framework for RAM dump analysis.",
inputSchema={
"type": "object",
"properties": {
"memory_dump": {"type": "string", "description": "Path to memory dump"},
"profile": {"type": "string", "description": "Memory profile"},
"plugin": {"type": "string", "description": "Volatility plugin to run"}
},
"required": ["memory_dump", "profile", "plugin"]
}
),
Tool(
name="binwalk_extract",
description="Firmware analysis tool for extracting embedded files and code.",
inputSchema={
"type": "object",
"properties": {
"firmware_file": {"type": "string", "description": "Path to firmware file"}
},
"required": ["firmware_file"]
}
),
# ============ REVERSE ENGINEERING ============
Tool(
name="radare2_analyze",
description="Open-source reverse engineering framework and disassembler.",
inputSchema={
"type": "object",
"properties": {
"binary_path": {"type": "string", "description": "Path to binary"},
"command": {"type": "string", "default": "aaa", "description": "r2 command"}
},
"required": ["binary_path"]
}
),
Tool(
name="strings_extract",
description="Extract printable strings from binary files.",
inputSchema={
"type": "object",
"properties": {
"file_path": {"type": "string", "description": "Path to file"},
"min_length": {"type": "integer", "default": 4}
},
"required": ["file_path"]
}
),
# ============ CLOUD SECURITY ============
Tool(
name="scout_suite",
description="Multi-cloud security auditing tool for AWS, Azure, GCP, and more.",
inputSchema={
"type": "object",
"properties": {
"provider": {"type": "string", "enum": ["aws", "azure", "gcp", "oci"]},
"profile": {"type": "string", "description": "Cloud profile/credentials"}
},
"required": ["provider", "profile"]
}
),
Tool(
name="cloudfox_enum",
description="AWS enumeration and privilege escalation tool.",
inputSchema={
"type": "object",
"properties": {
"profile": {"type": "string", "description": "AWS profile"},
"service": {"type": "string", "description": "AWS service to enumerate"}
},
"required": ["profile", "service"]
}
),
# ============ CONTAINER SECURITY ============
Tool(
name="trivy_scan",
description="Container vulnerability scanner for Docker images and file systems.",
inputSchema={
"type": "object",
"properties": {
"image": {"type": "string", "description": "Container image name"}
},
"required": ["image"]
}
),
Tool(
name="docker_bench_security",
description="Docker security best practices checker based on CIS benchmark.",
inputSchema={
"type": "object",
"properties": {},
"required": []
}
),
# ============ NETWORK ANALYSIS ============
Tool(
name="tcpdump_capture",
description="Packet capture and network traffic analysis tool.",
inputSchema={
"type": "object",
"properties": {
"interface": {"type": "string", "description": "Network interface"},
"filter": {"type": "string", "description": "BPF filter"},
"duration": {"type": "integer", "description": "Capture duration in seconds"},
"output_file": {"type": "string", "description": "PCAP output file"}
},
"required": ["interface"]
}
),
Tool(
name="wireshark_analyze",
description="Network protocol analyzer for packet inspection.",
inputSchema={
"type": "object",
"properties": {
"pcap_file": {"type": "string", "description": "Path to PCAP file"}
},
"required": ["pcap_file"]
}
),
Tool(
name="snmp_check",
description="SNMP enumeration tool for extracting system information.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP address"},
"community": {"type": "string", "default": "public", "description": "SNMP community string"}
},
"required": ["target"]
}
),
Tool(
name="enum4linux",
description="SMB/Samba enumeration tool for Windows/Linux systems.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP address"},
"username": {"type": "string", "description": "Username for authentication"},
"password": {"type": "string", "description": "Password for authentication"}
},
"required": ["target"]
}
),
Tool(
name="dns_enum",
description="DNS enumeration and subdomain discovery tool.",
inputSchema={
"type": "object",
"properties": {
"domain": {"type": "string", "description": "Target domain"},
"record_types": {"type": "array", "items": {"type": "string"}, "default": ["A", "AAAA", "MX", "NS", "TXT"]}
},
"required": ["domain"]
}
),
Tool(
name="ssl_scan",
description="SSL/TLS configuration analyzer for security assessment.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target hostname"},
"port": {"type": "integer", "default": 443}
},
"required": ["target"]
}
),
# ============ AUTONOMOUS ============
Tool(
name="start_autonomous_pentest",
description="Start fully autonomous AI-powered penetration test with intelligent decision-making.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target IP, hostname, or URL"},
"scope": {"type": "array", "items": {"type": "string"}, "description": "Additional IPs/subnets in scope"},
"rules_of_engagement": {"type": "object", "description": "Constraints and permissions"},
"depth": {"type": "string", "enum": ["reconnaissance", "vulnerability_scan", "exploitation", "post_exploitation"], "default": "vulnerability_scan"}
},
"required": ["target"]
}
),
Tool(
name="get_ai_suggestion",
description="Get AI-powered suggestions for next penetration testing steps based on current findings.",
inputSchema={
"type": "object",
"properties": {
"session_id": {"type": "string", "description": "Pentest session ID"},
"context": {"type": "string", "description": "Additional context for the AI"}
},
"required": ["session_id"]
}
),
Tool(
name="vulnerability_assessment",
description="Comprehensive automated vulnerability assessment using multiple tools and AI analysis.",
inputSchema={
"type": "object",
"properties": {
"target": {"type": "string", "description": "Target to assess"},
"assessment_type": {"type": "string", "enum": ["web", "network", "wireless", "comprehensive"], "default": "comprehensive"}
},
"required": ["target"]
}
),
Tool(
name="generate_report",
description="Generate comprehensive penetration test report with findings, risk ratings, and remediation.",
inputSchema={
"type": "object",
"properties": {
"session_id": {"type": "string", "description": "Pentest session ID"},
"format": {"type": "string", "enum": ["json", "html", "pdf", "markdown"], "default": "json"}
},
"required": ["session_id"]
}
),
]
return tools
def get_tools_by_category(category: str) -> List[str]:
"""Get list of tools in a specific category"""
if category in TOOL_CATEGORIES:
return TOOL_CATEGORIES[category].tools
return []
def get_all_categories() -> Dict[str, ToolCategory]:
"""Get all tool categories"""
return TOOL_CATEGORIES
def get_category_for_tool(tool_name: str) -> Optional[str]:
"""Find which category a tool belongs to"""
for category_name, category in TOOL_CATEGORIES.items():
if tool_name in category.tools:
return category_name
return None