Kali Docker Pentesting

Trust Score 42/100

Provides a Kali Linux Docker container with 200+ penetration-testing tools and guidance for running scans, exploitation, and forensics via direct docker exec co

triggers:kalidockerpentestnmapsqlmapmetasploitwirelessforensics

GitHub SKILL.md

What it does

Provides an end-to-end skill that gives agents direct, efficient access to a Kali Linux Docker container preloaded with 200+ pentesting, forensic, and analysis tools. It documents container lifecycle commands (start, stop, remove), file copy patterns, and detailed usage examples for major tools like nmap, masscan, sqlmap, metasploit, aircrack-ng, hashcat, and many others. The skill includes common workflows (network reconnaissance, web app assessment, password cracking, wireless testing, exploitation) and pragmatic troubleshooting tips for container and network issues.

When to use it

Use this skill when performing authorized penetration tests, vulnerability assessments, security research, forensic analysis, or when you need a self-contained environment to run security tools without a full MCP server. Trigger when you need to run fast scans, enumerate services, fuzz web endpoints, perform wireless attacks (authorized), or run forensics and reverse-engineering tools.

What's included

Scripts: none bundled, but the SKILL provides explicit docker run and docker exec command patterns to manage the container and run tools. (has_scripts=false)
References: none included in the repo (has_references=false)
Instructions: step-by-step commands for container lifecycle, examples for dozens of tools (nmap, gobuster, sqlmap, nikto, john, hashcat, metasploit, aircrack-ng, tcpdump, tshark, binwalk, radare2, gdb, etc.), and five common pentesting workflows with command sequences.

Compatible agents

Best used with agents that offer shell/batch execution abilities (Claude Code, Copilot/Codex-style shell tools, Cursor) where docker exec and direct command invocation are available.

Audit Summary

A comprehensive Kali Linux Docker pentesting reference skill that catalogs 200+ security tools via docker exec commands. No scripts included — it's purely instructional markdown. The skill instructs the agent to run offensive security tools (exploit generation, reverse shells, brute force attacks, WiFi cracking, MITM attacks) without any target authorization verification. Includes msfvenom payload generation for Windows/Linux/Android/PHP reverse shells, deauth attacks, and credential dumping. While pentesting is legitimate, this skill provides no guardrails and could be misused for unauthorized attacks. Architecture is monolithic — a single massive SKILL.md with no scripts, references, or separation of concerns.

Watch Out

No authorization checks before running offensive tools — agent could attack unauthorized targets
Reverse shell payload generation (msfvenom) is a high-risk capability with no scoping
Docker --cap-add=NET_RAW --cap-add=NET_ADMIN grants dangerous host capabilities
chmod -R 777 on workspace/results is a lazy permissions fix
No scripts directory — purely reference documentation, no automation

Notes

Security score is borderline (38, just under 40 threshold but not flagged as malicious since this is a legitimate pentesting toolkit, not intentionally malicious). However, the lack of authorization verification, target scoping, or any safety guardrails around offensive tools is concerning. The skill essentially gives an agent unrestricted access to a full Kali arsenal. The 'Best Practices' section mentions getting written authorization, but this is informational only — there's no enforcement mechanism. Architecture is poor: a single 500+ line SKILL.md dump with no scripts, no references/ directory, and no structured output contracts. Usefulness is moderate — pentesters might find it handy, but it's essentially a man page collection that could be replaced by Kali's own docs.

Information

Repository: kali-docker-pentesting
Stars: 14
Installs: 0

Trust Score

Overall42

Security38

Code Quality52

Architecture35

Usefulness45

Related Skills

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Sync Production Database to Development

Run a safe, scripted workflow to download production database dumps and restore them into a development environment (download-only and restore options).

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Azure External Attack Surface Management

Provides expert guidance for Azure External Attack Surface Management (EASM): quotas, configuration, integrations, and exporting inventory to analytics platform

Node.js Best Practices

Guidelines and decision-making for Node.js architecture, runtime, async patterns, security, validation, and testing to inform framework and system choices.

radar — Smart Contract AST & Security Analysis

Multi-framework AST generator and static analysis tool for smart contracts (Rust/Anchor/Stylus and Solidity/Foundry) with a template DSL for writing detection r

Bash Pro

Defensive, production-grade Bash scripting patterns and CI/CD best practices: strict mode, safe argument parsing, testing with Bats, and tooling (ShellCheck/shf

Back to Skills