Container-Backed Pentest Toolkit
Audit SSH algorithms, ciphers, KEX exchanges, and host keys; flag weak / deprecated crypto.
kali_ssh_auditContainer-backed ssh-audit. Produces a per-target report covering KEX, host-key, encryption, MAC, and compression algorithms.
Built from KaliToolbox.sshAudit(). 100% read-only — no auth attempts of any kind.
When a user asks:
Audit the SSH crypto on 192.168.1.5
the agent calls the tool:
kali_ssh_audit(target="192.168.1.5")and gets back: (banner) SSH-2.0-OpenSSH_9.2p1 (rec) -kex-rsa-sha1 -- remove weak KEX (rec) +diffie-hellman-group16-sha512 -- append modern KEX (info) [policy] Hardening Guide: Mozilla Modern profile
Set these before calling the tool. Values marked required must be present or the tool call will fail.
swarmai.skill.container.runtime required Shared ContainerSkillRuntime.
Wire this tool into a SwarmAI crew. Use the YAML DSL for declarative workflows, or the Java builder API when you want full programmatic control.
YAML DSL
# Reactive audit step:
# 1. kali_nmap finds 192.168.1.5:22 open (ssh)
# 2. agent calls kali_ssh_audit(target='192.168.1.5')
# 3. report flags weak ciphers — agent includes them in the findings reportJava
import ai.intelliswarm.swarmai.skill.runtime.KaliToolbox;
import ai.intelliswarm.swarmai.skill.runtime.ContainerSkillRuntime;
var sshAudit = new KaliToolbox(new ContainerSkillRuntime()).sshAudit();
String report = (String) sshAudit.execute(java.util.Map.of("target", "192.168.1.5"));Real scenarios where agents put this tool to work.
Implementation lives at swarmai-core/src/main/java/ai/intelliswarm/swarmai/skill/runtime/KaliToolbox.java in the swarm-ai repository.