PentestMCP

Overview Schema Related Servers Score Discussions

spider_smb_shares

Enumerate and download SMB shares using credentials to discover readable files containing valuable information like hard-coded secrets and misconfigurations for security assessments.

Instructions

enumerate smb shares having username and password credentials and dump them into ~/.nxc/modules/nxc_spider_plus/{ip}.json and you'll find the directory inside ~/.nxc/modules/nxc_spider_plus/{ip} that has the data so you could read that. read readable files after you check what files exists and pull valuable information like old versions , hard coded secrets , misconfigurations .. If you see items listed in the share but didn't get downloaded raise the max_size and download again.

Input Schema

TableJSON Schema

Name	Required	Default
`ips`	Yes
`username`	Yes
`password`	Yes
`ntlm`	No
`kerberos`	No
`max_size`	No	100000

Implementation Reference

src/pentestmcp/server.py:267-275 (handler)

The main handler function for the 'spider_smb_shares' tool. It is registered via the @mcp.tool decorator and implements the logic to spider SMB shares using netexec's spider_plus module with options for NTLM, Kerberos authentication, and max file size.

@mcp.tool(name="spider_smb_shares",description="enumerate smb shares having username and password credentials and dump them into ~/.nxc/modules/nxc_spider_plus/{ip}.json and you'll find the directory inside ~/.nxc/modules/nxc_spider_plus/{ip} that has the data so you could read that. read readable files after you check what files exists and pull valuable information like old versions , hard coded secrets , misconfigurations .. If you see items listed in the share but didn't get downloaded raise the max_size and download again.")
def spider_smb_shares(ips:List[str],username:str,password:str,ntlm:bool=False,kerberos:bool=False,max_size="100000"):
    if(ntlm):
        return run_command(["netexec","smb"]+ips+["-u",username,"-H",password,"-M","spider_plus","-o","DOWNLOAD_FLAG=True",f"MAX_FILE_SIZE={max_size}"])
    elif(kerberos):
        return run_command(["netexec","smb"]+ips+["-u",username,"-p",password,'-k',"-M","spider_plus","-o","DOWNLOAD_FLAG=True",f"MAX_FILE_SIZE={max_size}"])

    return run_command(["netexec","smb"]+ips+["-u",username,"-p",password,"-M","spider_plus","-o","DOWNLOAD_FLAG=True",f"MAX_FILE_SIZE={max_size}"])

src/pentestmcp/server.py:267-267 (registration)

The @mcp.tool decorator registers the spider_smb_shares function as an MCP tool with the specified name and description.

@mcp.tool(name="spider_smb_shares",description="enumerate smb shares having username and password credentials and dump them into ~/.nxc/modules/nxc_spider_plus/{ip}.json and you'll find the directory inside ~/.nxc/modules/nxc_spider_plus/{ip} that has the data so you could read that. read readable files after you check what files exists and pull valuable information like old versions , hard coded secrets , misconfigurations .. If you see items listed in the share but didn't get downloaded raise the max_size and download again.")

Tool Definition Quality

C2.5/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full burden but is incomplete. It mentions downloading files to a specific directory and adjusting 'max_size' for retries, but omits critical behaviors like error handling, permission requirements, rate limits, or whether it's read-only/destructive. The focus on 'valuable information' like secrets suggests potential security implications not fully disclosed.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness2/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is verbose and poorly structured, with run-on sentences mixing operational details (e.g., file paths) with instructions. It lacks front-loading of key purpose and includes extraneous details like directory paths that could be streamlined.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 6 parameters with 0% schema coverage, no annotations, and no output schema, the description is inadequate. It fails to explain parameter meanings, return values, error conditions, or security behaviors, leaving significant gaps for a complex tool with potential destructive actions.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate but adds minimal param semantics. It references 'max_size' for retrying downloads but doesn't explain its units or default. Other parameters like 'ips', 'username', 'password', 'ntlm', and 'kerberos' are not addressed, leaving their purposes unclear beyond the schema titles.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool enumerates SMB shares using credentials and downloads/analyzes files, specifying the verb 'enumerate' and resource 'SMB shares'. It distinguishes from siblings like 'check_SMB_signing' by focusing on data extraction rather than security checks, though it doesn't explicitly name alternatives.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance on when to use this tool versus alternatives like 'read_files' or 'check_SMB_signing' is provided. The description implies usage for credential-based SMB share exploration but lacks context on prerequisites or exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/YoussefSahnoun/PentestMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server