Container-Backed Pentest Toolkit
Probe a TLS endpoint's cipher suites, protocols, and certificate details; flag known weaknesses.
kali_sslscanRead-only TLS audit. Hits the target with handshake probes, parses the response.
Built from KaliToolbox.sslscan(). triggerWhen: after kali_nmap finds a TLS service (443, 8443, etc.).
When a user asks:
Audit the TLS posture of example.com:443
the agent calls the tool:
kali_sslscan(target="example.com:443")and gets back: Supported Server Ciphers: TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Subject: CN=example.com Valid From: 2026-01-15 Valid To: 2027-01-15
Set these before calling the tool. Values marked required must be present or the tool call will fail.
swarmai.skill.container.runtime required Shared ContainerSkillRuntime.
Wire this tool into a SwarmAI crew. Use the YAML DSL for declarative workflows, or the Java builder API when you want full programmatic control.
YAML DSL
# Composes with kali_nmap for end-to-end TLS audit:
# 1. nmap finds 443 open
# 2. kali_sslscan(target='host:443') reports cipher postureJava
import ai.intelliswarm.swarmai.skill.runtime.KaliToolbox;
import ai.intelliswarm.swarmai.skill.runtime.ContainerSkillRuntime;
var sslscan = new KaliToolbox(new ContainerSkillRuntime()).sslscan();
String report = (String) sslscan.execute(java.util.Map.of("target", "example.com:443"));Real scenarios where agents put this tool to work.
Implementation lives at swarmai-core/src/main/java/ai/intelliswarm/swarmai/skill/runtime/KaliToolbox.java in the swarm-ai repository.