← All tools

Container-Backed Pentest Toolkit

SSLScan TLS Inspector

Probe a TLS endpoint's cipher suites, protocols, and certificate details; flag known weaknesses.

kali_sslscan

Overview

Read-only TLS audit. Hits the target with handshake probes, parses the response.

How it works

Built from KaliToolbox.sslscan(). triggerWhen: after kali_nmap finds a TLS service (443, 8443, etc.).

Example

When a user asks:

Audit the TLS posture of example.com:443

the agent calls the tool:

kali_sslscan(target="example.com:443")

and gets back: Supported Server Ciphers: TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Subject: CN=example.com Valid From: 2026-01-15 Valid To: 2027-01-15

Configuration

Set these before calling the tool. Values marked required must be present or the tool call will fail.

swarmai.skill.container.runtime required

Shared ContainerSkillRuntime.

Use it in a workflow

Wire this tool into a SwarmAI crew. Use the YAML DSL for declarative workflows, or the Java builder API when you want full programmatic control.

YAML DSL

# Composes with kali_nmap for end-to-end TLS audit:
# 1. nmap finds 443 open
# 2. kali_sslscan(target='host:443') reports cipher posture

Java

import ai.intelliswarm.swarmai.skill.runtime.KaliToolbox;
import ai.intelliswarm.swarmai.skill.runtime.ContainerSkillRuntime;

var sslscan = new KaliToolbox(new ContainerSkillRuntime()).sslscan();
String report = (String) sslscan.execute(java.util.Map.of("target", "example.com:443"));

What it's good for

Real scenarios where agents put this tool to work.

TLS posture review across a fleet of HTTPS hosts
Pre-deployment cipher suite check
Composite TLS+SSH audit with kali_ssh_audit

Source

Implementation lives at swarmai-core/src/main/java/ai/intelliswarm/swarmai/skill/runtime/KaliToolbox.java in the swarm-ai repository.

Open kali_sslscan on GitHub →