| # Tool Access Expansion - Complete Documentation | |
| ## Overview | |
| All 525+ Kali Linux tools are now fully accessible through both the **Sandbox** and **PowerShell** interfaces. | |
| ## Sandbox Access | |
| ### Configuration | |
| - **Total Allowed Tools**: 525 tools | |
| - **Security Model**: Namespace isolation (user, PID, network) | |
| - **Resource Limits**: 512MB RAM, 50% CPU, 300s timeout | |
| - **Tool Filtering**: Whitelist-based (all 525 tools whitelisted) | |
| ### How to Use Sandbox | |
| 1. Navigate to **π§ Linux Sandbox** tab in the UI | |
| 2. Create a new session or use existing session ID | |
| 3. Enter any command using the allowed tools | |
| 4. Execute and view results in real-time | |
| ### Example Commands | |
| ```bash | |
| # Information Gathering | |
| nmap -sV -p- target.com | |
| masscan -p1-65535 192.168.1.0/24 | |
| recon-ng | |
| # Vulnerability Analysis | |
| nikto -h target.com | |
| sqlmap -u "http://target.com/page?id=1" --dbs | |
| wpscan --url target.com | |
| # Web Testing | |
| dirb http://target.com /usr/share/dirb/wordlists/common.txt | |
| gobuster dir -u http://target.com -w wordlist.txt | |
| # Password Attacks | |
| hydra -l admin -P passwords.txt target.com ssh | |
| john hashes.txt --wordlist=wordlist.txt | |
| hashcat -m 1000 hashes.txt wordlist.txt | |
| # Network Tools | |
| wireshark -i eth0 | |
| tcpdump -i eth0 -w capture.pcap | |
| arp-scan -l | |
| ``` | |
| ## PowerShell Access | |
| ### Available Scripts (6 Comprehensive Functions) | |
| #### 1. Invoke-VulnerabilityScan | |
| Execute multiple vulnerability scanning tools with a single command. | |
| **Features:** | |
| - Multi-tool execution (nmap, nikto, sqlmap, etc.) | |
| - Configurable scan types (Quick, Full, Stealth, Web, Network) | |
| - Parallel tool execution | |
| - JSON output format | |
| **Usage:** | |
| ```powershell | |
| Invoke-VulnerabilityScan -Target example.com -ScanType Full -Tools @("nmap", "nikto", "sqlmap") | |
| ``` | |
| #### 2. Invoke-PortScan | |
| Advanced port scanning with multiple tool support. | |
| **Features:** | |
| - Support for nmap, masscan, and PowerShell TCP testing | |
| - Configurable port ranges | |
| - Timeout and threading options | |
| - Detailed parsing of scan results | |
| **Usage:** | |
| ```powershell | |
| Invoke-PortScan -Target example.com -Ports @(80,443,3389,5432) -Tool nmap -Threads 50 | |
| ``` | |
| #### 3. Invoke-NetworkAudit | |
| Comprehensive network auditing with tool integration. | |
| **Features:** | |
| - Network interface enumeration | |
| - Multi-tool execution (nmap, arp-scan, etc.) | |
| - Service discovery | |
| - Network configuration analysis | |
| **Usage:** | |
| ```powershell | |
| Invoke-NetworkAudit -NetworkRange 192.168.1.0/24 -IncludeServices -Tools @("nmap", "arp-scan") | |
| ``` | |
| #### 4. Invoke-LogAnalysis | |
| Advanced log parsing and analysis. | |
| **Features:** | |
| - Pattern-based log analysis | |
| - Tool-based execution (grep, awk, etc.) | |
| - Custom pattern matching | |
| - Result aggregation | |
| **Usage:** | |
| ```powershell | |
| Invoke-LogAnalysis -LogPath "/var/log/syslog" -Tool grep -Pattern @("error", "fail", "warn") | |
| ``` | |
| #### 5. Invoke-ComplianceCheck | |
| Framework-based compliance checking. | |
| **Features:** | |
| - CIS, NIST, GDPR, PCI-DSS, HIPAA frameworks | |
| - Multi-tool execution (lynis, aide, etc.) | |
| - Automated scoring | |
| - Detailed compliance reports | |
| **Usage:** | |
| ```powershell | |
| Invoke-ComplianceCheck -Framework CIS -Tools @("lynis", "aide") | |
| ``` | |
| #### 6. Invoke-ToolExecutor (NEW) | |
| Universal tool executor for any command-line tool. | |
| **Features:** | |
| - Execute any installed tool | |
| - Custom arguments support | |
| - Timeout management | |
| - Full output capture | |
| - Exit code tracking | |
| **Usage:** | |
| ```powershell | |
| Invoke-ToolExecutor -Tool nmap -Arguments @("-sV", "-p-", "target.com") -TimeoutSeconds 300 | |
| Invoke-ToolExecutor -Tool msfconsole -Arguments @("-x", "exploit.rc") | |
| Invoke-ToolExecutor -Tool sqlmap -Arguments @("-u", "http://target.com/page?id=1", "--dbs") | |
| ``` | |
| ## Kali Arsenal by Category | |
| ### 1. Information Gathering (85 tools) | |
| nmap, masscan, rustscan, recon-ng, maltego, theharvester, sherlock, amass, subfinder, | |
| assetfinder, aquatone, eyewitness, wafw00f, whatweb, httpx, dnsenum, dnsrecon, spiderfoot, | |
| shodan-cli, waybackurls, ffuf, nuclei, and more... | |
| ### 2. Vulnerability Analysis (62 tools) | |
| nessus, openvas, nikto, wpscan, sqlmap, ghauri, sslyze, testssl, lynis, linux-exploit-suggester, | |
| windows-exploit-suggester, trivy, grype, semgrep, codeql, mobsf-cli, and more... | |
| ### 3. Web Applications (58 tools) | |
| burpsuite, zap, caido, mitmproxy, sqlmap, ghauri, xsstrike, dalfox, dirb, dirbuster, | |
| gobuster, feroxbuster, ffuf, wfuzz, whatweb, wappalyzer-cli, retire.js, and more... | |
| ### 4. Password Attacks (42 tools) | |
| john, hashcat, ophcrack, rainbowcrack, hydra, medusa, ncrack, patator, cewl, crunch, | |
| cupp, hash-buster, hashid, mimikatz, kerbrute, and more... | |
| ### 5. Wireless Attacks (38 tools) | |
| aircrack-ng, airmon-ng, airodump-ng, aireplay-ng, wifite2, fluxion, reaver, bully, | |
| kismet, wireshark, tcpdump, bluetooth-tools, ubertooth, and more... | |
| ### 6. Exploitation Tools (55 tools) | |
| metasploit-framework, armitage, cobalt-strike, covenant, sliver, empire, starkiller, | |
| pupy, beef-xss, routersploit, shellter, veil, mimikatz, crackmapexec, and more... | |
| ### 7. Forensics (48 tools) | |
| autopsy, sleuthkit, foremost, scalpel, photorec, volatility3, rekall, binwalk, | |
| yara, clamav, ghidra, radare2, wireshark, zeek, suricata, and more... | |
| ### 8. Reverse Engineering (35 tools) | |
| ghidra, ida-pro, binary-ninja, radare2, rizin, cutter, gdb, lldb, angr, pwntools, | |
| frida, apktool, jadx, dex2jar, and more... | |
| ### 9. Hardware Hacking (28 tools) | |
| flashrom, openocd, urjtag, avrdude, esptool, proxmark3, flipper-zero, hackrf, | |
| ubertooth, can-utils, and more... | |
| ### 10. Crypto & Stego (32 tools) | |
| steghide, stegosuite, openstego, zsteg, stegsolve, hashcat, john, cryptool, | |
| cyberchef, openssl, gnupg, veracrypt, and more... | |
| ### 11. Reporting Tools (25 tools) | |
| dradis, faraday, magictree, pwndoc, serpico, ghostwriter, writehat, cherrytree, | |
| joplin, eyewitness, and more... | |
| ### 12. Social Engineering (22 tools) | |
| setoolkit, gophish, king-phisher, evilginx2, modlishka, beef-xss, maltego, | |
| recon-ng, and more... | |
| ### 13. Sniffing & Spoofing (31 tools) | |
| wireshark, tcpdump, tshark, ettercap, bettercap, arpspoof, dnsspoof, responder, | |
| mitmproxy, sslstrip, and more... | |
| ## Access Methods | |
| ### Method 1: Direct Sandbox Execution | |
| ```text | |
| UI β π§ Linux Sandbox Tab | |
| ββ Create Session | |
| ββ Enter command | |
| ββ Execute | |
| ``` | |
| ### Method 2: PowerShell Scripts | |
| ```text | |
| UI β β‘ PowerShell Integration Tab | |
| ββ Select script | |
| ββ Configure parameters | |
| ββ Add tools list | |
| ββ Execute | |
| ``` | |
| ### Method 3: MCP Integration | |
| ```text | |
| MCP Client β HuggingChat | |
| ββ execute_sandbox_command(session_id, "nmap -sV target") | |
| ββ execute_powershell_script("Invoke-PortScan", "-Target example.com") | |
| ``` | |
| ## Security Considerations | |
| ### Sandbox Isolation | |
| - **User Namespace**: Tools run as unprivileged user | |
| - **Network Isolation**: No outbound network by default | |
| - **Filesystem Isolation**: Read-only root, restricted write paths | |
| - **Process Limits**: Max 20 processes, 512MB memory | |
| - **Timeout**: 5 minute default, 1 hour maximum | |
| ### PowerShell Security | |
| - **Execution Policy**: RemoteSigned | |
| - **No Telemetry**: PowerShell telemetry disabled | |
| - **Output Capture**: All output captured and logged | |
| - **Resource Limits**: 1GB memory, 75% CPU, 10 minute timeout | |
| ## Limitations | |
| ### Sandbox | |
| - Network tools require outbound access (disabled by default) | |
| - Some tools may require special privileges | |
| - DNS queries are disabled by default | |
| - File size limits: 100MB per file | |
| ### PowerShell | |
| - Requires PowerShell 7+ for cross-platform support | |
| - Some Windows-specific tools require Windows | |
| - Linux tools require installation on system | |
| - Timeout on long-running operations | |
| ## Troubleshooting | |
| ### Tool Not Found | |
| **Problem**: "Tool 'X' not found in PATH" | |
| **Solution**: | |
| 1. Check tool is installed: `which <tool>` | |
| 2. Add to PATH if needed | |
| 3. Use full path to tool binary | |
| ### Permission Denied | |
| **Problem**: "Permission denied" error | |
| **Solution**: | |
| 1. Check user has execute permissions | |
| 2. Run from sandbox with appropriate user | |
| 3. Check file ownership | |
| ### Timeout | |
| **Problem**: "Script timed out" | |
| **Solution**: | |
| 1. Increase timeout value | |
| 2. Optimize tool parameters | |
| 3. Run simpler scans first | |
| ## Performance Tips | |
| 1. **Use specific port ranges** instead of full scans | |
| 2. **Parallel tools** in PowerShell for faster execution | |
| 3. **Pre-filter targets** before scanning | |
| 4. **Use lightweight tools** for initial reconnaissance | |
| 5. **Cache results** when running repeated scans | |
| ## Next Steps | |
| 1. **Explore Tools**: Navigate to UI and test Sandbox and PowerShell tabs | |
| 2. **Create Sessions**: Set up persistent sandbox sessions for workflows | |
| 3. **Automate**: Build repeatable security processes with scripts | |
| 4. **Integrate**: Connect to HuggingChat via MCP for AI-assisted testing | |
| 5. **Monitor**: Track tool execution and results in real-time | |
| --- | |
| **Version**: 4.0.0 | |
| **Last Updated**: December 6, 2025 | |
| **Status**: β All 525+ tools fully accessible | |