Container-Backed Pentest Toolkit
Search the offline Exploit-DB for known exploits matching a product, version, or CVE.
kali_searchsploitLocal exploit-DB query. Useful when you need to know whether a fingerprinted service has known public exploits.
Built from KaliToolbox.searchsploit(). avoidWhen: vague queries return many false positives — pass version when known.
When a user asks:
Are there known exploits for Apache 2.4.49?
the agent calls the tool:
kali_searchsploit(query="apache 2.4.49")and gets back: Exploit Title Path -------------------------------------------------- ---- Apache 2.4.49 - Path Traversal & RCE (Authenticate multiple/remote/50383.py Apache 2.4.49 - Path Traversal RCE (CVE-2021-41773 multiple/remote/50406.sh
Set these before calling the tool. Values marked required must be present or the tool call will fail.
swarmai.skill.container.runtime required Shared ContainerSkillRuntime.
Wire this tool into a SwarmAI crew. Use the YAML DSL for declarative workflows, or the Java builder API when you want full programmatic control.
YAML DSL
# Reactive enrichment after fingerprinting:
# 1. kali_whatweb identifies Apache 2.4.49
# 2. agent calls kali_searchsploit(query='apache 2.4.49')
# 3. agent surfaces CVE-2021-41773 in the reportJava
import ai.intelliswarm.swarmai.skill.runtime.KaliToolbox;
import ai.intelliswarm.swarmai.skill.runtime.ContainerSkillRuntime;
var searchsploit = new KaliToolbox(new ContainerSkillRuntime()).searchsploit();
String matches = (String) searchsploit.execute(java.util.Map.of("query", "apache 2.4.49"));Real scenarios where agents put this tool to work.
Implementation lives at swarmai-core/src/main/java/ai/intelliswarm/swarmai/skill/runtime/KaliToolbox.java in the swarm-ai repository.