Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Schema
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| nmap_scan | Perform comprehensive port scan using Nmap |
| subdomain_enum | Enumerate subdomains of target domain using multiple methods |
| tech_detection | Detect technologies used by target website |
| directory_bruteforce | Bruteforce directories and files on web server |
| nuclei_scan | Run Nuclei vulnerability scanner |
| nikto_scan | Run Nikto web vulnerability scanner |
| sqlmap_scan | Test for SQL injection vulnerabilities |
| metasploit_search | Search for Metasploit modules based on detected services |
| exploit_attempt | Attempt exploitation using detected vulnerabilities |
| auto_pentest | Perform comprehensive automated penetration test |
| suggest_next_steps | Analyze current findings and suggest next steps |
| generate_report | Generate comprehensive penetration test report |
| cve_discovery | Discover CVEs based on detected technologies and versions |
| parameter_extraction | Extract parameters from web applications using Katana and manual methods |
| fuzzing_parameters | Fuzz extracted parameters with various payloads using ffuf/wfuzz |
| fuzzing_directories | Fuzz directories and files using ffuf/wfuzz |
| directory_scan | Advanced directory scanning with dirb/dirsearch/gobuster/feroxbuster |
| adaptive_strategy | Generate adaptive penetration testing strategy based on detected services and OS |
| test_active_directory | Comprehensive Active Directory penetration testing |
| test_web_application | Technology-specific web application penetration testing |
| test_smb_service | Comprehensive SMB/NetBIOS service testing |
| burp_start | Start Burp Suite Professional with API enabled |
| burp_stop | Stop Burp Suite instance |
| burp_active_scan | Perform active vulnerability scan using Burp Suite |
| burp_proxy_scan | Perform passive scan through Burp Suite proxy |
| burp_spider | Spider/crawl target using Burp Suite |
| burp_export | Export Burp Suite scan results |