Kali Security MCP

apt.md•2.02 kB

# APT 攻击模拟命令 **用法**: `/apt $ARGUMENTS` **参数**: `TARGET` - 目标IP/域名 --- ## 执行流程模拟高级持续性威胁(APT)攻击链，遵循MITRE ATT&CK框架： ### 1. 开始APT会话 ``` start_attack_session(target=TARGET, mode="apt", session_name="APT_Campaign") ``` ### 2. 执行完整APT攻击链 **阶段1: 侦察 (Reconnaissance)** ``` # 被动情报收集 theharvester_osint(domain=TARGET) sherlock_search(username=从目标提取的用户名) # 主动侦察 comprehensive_recon(target=TARGET, domain_enum=True, port_scan=True, web_scan=True) ``` **阶段2: 武器化 (Weaponization)** ``` # 根据侦察结果生成针对性Payload ai_smart_payload_generation( target_context=侦察结果, attack_type=识别的漏洞类型, ai_hypothesis="基于目标特征的攻击假设" ) ``` **阶段3: 投递 (Delivery)** ``` # 尝试多种投递方式 intelligent_parallel_attack(target_url=TARGET, max_concurrent=8) ``` **阶段4: 利用 (Exploitation)** ``` # 智能漏洞利用 apt_comprehensive_attack(target=TARGET) ``` **阶段5: 安装 (Installation)** ``` # 如果获得访问权限，尝试持久化 # 使用Metasploit模块或自定义脚本 ``` **阶段6: 命令与控制 (C2)** ``` # 建立反向连接（仅在授权测试中） ``` **阶段7: 目标达成 (Actions on Objectives)** ``` # 数据收集和模拟外泄 ``` ### 3. 自适应策略 ``` # 启动自适应攻击 start_adaptive_apt_attack( target=TARGET, attack_objective="full_compromise" ) ``` ### 4. 生成APT报告 ``` generate_poc_from_current_session() end_attack_session() ``` --- ## 报告内容 - APT攻击时间线 - 每个ATT&CK阶段的详细执行 - 成功的攻击向量 - 防御建议（按ATT&CK缓解措施） - 完整PoC和攻击脚本 --- ## 示例 - `/apt 192.168.1.100` - 对内网主机执行APT模拟 - `/apt target-corp.com` - 对企业域名执行APT模拟

Loading blob content...

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/SeaC-25/Kali-Security-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

apt.md•2.02 kB