Kali Security Tools Actor

Comprehensive security testing platform with 600+ Kali Linux tools for penetration testing, vulnerability scanning, and security research.

LICENSE

🔐 Overview

The Kali Security Tools Actor brings the power of Kali Linux's extensive security toolkit to the Apify platform. Run professional-grade penetration testing, vulnerability assessments, and security research directly in the cloud without managing local infrastructure.

Key Features

• 🛡️ 600+ Security Tools - Complete Kali Linux arsenal including Nmap, Metasploit, Gobuster, SQLmap, and more
• 🤖 AI Integration - Natural language interface for complex security workflows via AGENTS.md
• ☁️ Cloud-Native - Run resource-intensive scans without local infrastructure
• 📊 Structured Output - JSON-formatted results with severity scoring and CVSS ratings
• 🎯 Multiple Scan Modes - Reconnaissance, vulnerability scanning, web application testing, network analysis
• 📈 Comprehensive Reporting - Executive summaries and detailed technical reports
• 🔒 Built-in Safeguards - Authorization controls and ethical hacking best practices

---

⚠️ Legal & Ethical Use

🆕 NEW: User-Friendly Authorization System

You are responsible for ensuring you have permission to scan all targets. This Actor now features a simplified authorization system that doesn't block scans but helps document your purpose.

📖 See ./AUTHORIZATION_GUIDE.md for complete details

Quick Start Authorization

Minimal scan (just 2 fields required):

{
  "mode": "reconnaissance",
  "targets": ["scanme.nmap.org"]
}

With authorization (recommended):

{
  "mode": "reconnaissance",
  "targets": ["scanme.nmap.org"],
  "authorization": {
    "purpose": "security_research",
    "notes": "Learning network scanning"
  }
}

This Actor is designed for:

• ✅ Authorized penetration testing engagements
• ✅ Bug bounty programs
• ✅ CTF (Capture The Flag) competitions
• ✅ Security research and learning labs
• ✅ Your own infrastructure and systems

Prohibited Uses:

• ❌ Scanning systems without authorization
• ❌ Malicious exploitation
• ❌ Denial of service attacks
• ❌ Unauthorized data access

Legal Compliance: Users must comply with all applicable laws including:

• Computer Fraud and Abuse Act (CFAA) - United States
• Computer Misuse Act - United Kingdom
• Local and international cybersecurity regulations

---

🚀 Quick Start

1. Basic Reconnaissance Scan

{
  "mode": "reconnaissance",
  "targets": ["scanme.nmap.org"],
  "authorization": {
    "confirmed": true,
    "scopeType": "research"
  },
  "portScan": {
    "enabled": true,
    "scanType": "version",
    "ports": "top-1000",
    "timing": "T3"
  }
}

2. Web Application Security Assessment

{
  "mode": "web_application_scan",
  "targets": ["https://example.com"],
  "authorization": {
    "confirmed": true,
    "scopeType": "penetration_test"
  },
  "webDiscovery": {
    "enabled": true,
    "wordlist": "/usr/share/wordlists/dirb/common.txt",
    "extensions": ["php", "html", "js", "txt"]
  },
  "vulnerabilityScan": {
    "nikto": true,
    "sqlmap": false,
    "wpscan": false
  }
}

3. Comprehensive Vulnerability Scan

{
  "mode": "vulnerability_scan",
  "targets": ["192.168.1.100"],
  "authorization": {
    "confirmed": true,
    "scopeType": "own_infrastructure"
  },
  "portScan": {
    "enabled": true,
    "scanType": "comprehensive",
    "ports": "all"
  },
  "vulnerabilityScan": {
    "nikto": true,
    "sqlmap": true,
    "wpscan": true
  }
}

---

📋 Input Schema

Required Fields

Field	Type	Description
mode	string	Scan mode: reconnaissance, vulnerability_scan, web_application_scan, network_scan, password_attack, custom_workflow
targets	array	List of targets (IPs, domains, URLs, or CIDR ranges)
authorization.confirmed	boolean	Confirmation that you have permission to scan (REQUIRED)
authorization.scopeType	string	Type of engagement: penetration_test, bug_bounty, ctf, research, own_infrastructure

Optional Configuration

Port Scanning

{
  "portScan": {
    "enabled": true,
    "scanType": "stealth|connect|version|aggressive|comprehensive",
    "ports": "top-1000|all|80,443|1-65535",
    "timing": "T0|T1|T2|T3|T4|T5"
  }
}

Web Discovery

{
  "webDiscovery": {
    "enabled": true,
    "wordlist": "/usr/share/wordlists/dirb/common.txt",
    "extensions": ["php", "html", "js", "txt"]
  }
}

Vulnerability Scanning

{
  "vulnerabilityScan": {
    "nikto": true,
    "sqlmap": true,
    "wpscan": true
  }
}

---

📊 Output Structure

Dataset

The Actor stores findings as structured JSON objects:

{
  "findingId": "nmap_192.168.1.1_80",
  "timestamp": "2025-11-07T12:00:00.000Z",
  "target": "192.168.1.1",
  "category": "reconnaissance",
  "severity": "info",
  "title": "Open Port: 80/tcp",
  "description": "Port 80/tcp is open on 192.168.1.1. Service: http",
  "tool": "nmap",
  "port": 80,
  "protocol": "tcp",
  "service": "http",
  "version": "Apache/2.4.41"
}

Severity Levels

Level	Description	Action Required
critical	Immediate exploitation possible	Fix immediately
high	Serious vulnerability	Address quickly
medium	Moderate risk	Remediate soon
low	Minor issue	Fix when possible
info	Informational	No immediate action

Key-Value Store Outputs

• executive-summary - High-level overview with counts and statistics
• technical-report - Detailed findings with remediation recommendations
• raw/ - Unprocessed tool outputs (if enabled)

---

🛠️ Available Tools

Currently Implemented

Tool	Category	Purpose
Nmap	Reconnaissance	Network scanning, port discovery, OS detection
Gobuster	Web Discovery	Directory and file brute-forcing
Nikto	Vulnerability	Web server vulnerability scanning
SQLmap	Vulnerability	SQL injection detection (coming soon)
WPScan	Vulnerability	WordPress security scanning (coming soon)

Full Kali Arsenal (600+ Tools)

• Reconnaissance (150+ tools): Nmap, Masscan, DNSenum, Sublist3r, Fierce
• Vulnerability Analysis (80+ tools): Nikto, Nuclei, OpenVAS, WPScan
• Web Applications (60+ tools): Burp Suite, OWASP ZAP, SQLmap, XSSer
• Password Attacks (40+ tools): Hydra, John the Ripper, Hashcat, Medusa
• Wireless Attacks (30+ tools): Aircrack-ng, Reaver, Wifite
• Exploitation (50+ tools): Metasploit, Armitage, SET
• Forensics (40+ tools): Volatility, Binwalk, Foremost
• Reverse Engineering (35+ tools): Ghidra, Radare2, OllyDbg

---

🎯 Use Cases

1. Penetration Testing

Comprehensive security assessments for organizations with proper authorization.

2. Bug Bounty Hunting

Automated reconnaissance and vulnerability discovery for bug bounty programs.

3. CTF Competitions

Rapid enumeration and exploitation for Capture The Flag challenges.

4. Security Research

Academic and professional security research with ethical constraints.

5. Infrastructure Auditing

Regular security assessments of your own systems and networks.

6. Red Team Operations

Offensive security operations for authorized engagements.

---

📚 Documentation

For Developers

• AGENTS.md - AI agent instructions for Cursor, Copilot, and other coding assistants
• claude.md - Comprehensive development plan and architecture guide

For Users

• Input Examples - See Quick Start section above
• API Reference - https://docs.apify.com/api/v2

---

🔧 Development

Local Setup

# Clone the repository
git clone https://github.com/yourusername/kali-security-tools-actor.git
cd kali-security-tools-actor

# Install dependencies
npm install

# Run locally (requires Kali Linux or Docker)
apify run

# Push to Apify platform
apify login
apify push

Directory Structure

.actor/
├── actor.json              # Actor configuration
├── input_schema.json       # Input validation schema
├── output_schema.json      # Output configuration
└── dataset_schema.json     # Dataset structure
src/
└── main.js                 # Actor entry point
Dockerfile                  # Kali Linux container
AGENTS.md                   # AI integration guide
README.md                   # This file

Testing Targets

Use these authorized targets for testing:

• scanme.nmap.org - Nmap's official test server
• testphp.vulnweb.com - Acunetix vulnerable test site
• TryHackMe.com - Cybersecurity training platform
• HackTheBox.com - Penetration testing labs

---

🤝 Contributing

Contributions are welcome! Please follow these guidelines:

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

Development Roadmap

• Complete SQLmap integration
• Add WPScan functionality
• Implement Metasploit RPC client
• Add AI-powered vulnerability analysis
• Create PDF report generation
• Implement real-time notifications
• Add custom workflow support
• Integrate CVE/CWE databases

---

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

---

⚡ Support

Getting Help

• Documentation: https://docs.apify.com
• Issues: https://github.com/yourusername/kali-security-tools-actor/issues
• Apify Support: support@apify.com

Reporting Security Issues

If you discover a security vulnerability, please email security@yourdomain.com instead of using the issue tracker.

---

🙏 Acknowledgments

• Kali Linux Team - For the comprehensive security toolkit
• Apify - For the cloud platform and Actor framework
• Security Community - For continuous improvements and feedback

---

⚠️ Disclaimer

This Actor is provided for educational and authorized security testing purposes only. The developers and Apify are not responsible for any misuse or damage caused by this tool. Users are solely responsible for ensuring they have proper authorization before scanning any systems.

USE AT YOUR OWN RISK. ALWAYS OBTAIN EXPLICIT PERMISSION BEFORE SCANNING.

---

📊 Statistics

• 600+ Security Tools available
• Sub-second initialization time
• Cloud-scalable infrastructure
• JSON-structured output
• Multiple scan modes supported

---

Built with ❤️ by the Security Tools Team

Powered by Kali Linux • Apify • Claude AI