mblanke/StrikePackageGPT
1
0
Fork 0
mirror of https://github.com/mblanke/StrikePackageGPT.git synced 2026-03-01 14:20:21 -05:00
Code Issues Packages Projects Releases Wiki Activity

Install complete Kali Linux tool suite (600+ tools) via kali-linux-everything

Browse Source 
Co-authored-by: mblanke <9078342+mblanke@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-12-03 13:49:56 +00:00
parent 4028c6326e
commit aa64383530
4 changed files with 90 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
INSTALL.md
View File

@@ -18,13 +18,15 @@ This guide walks you through installing and setting up the new features added to
### Required
- **Docker & Docker Compose** - Already installed if you're using StrikePackageGPT
- **Python 3.12+** - Included in the containers
- **8GB+ RAM** - For running the services
- **16GB+ RAM** - Recommended for running services + full Kali tools (8GB minimum)
- **20GB+ Disk Space** - For complete Kali Linux tool suite (kali-linux-everything)
### Optional (for enhanced features)
- **Node.js & npm** - Only if you want to build React components from source
- **NVIDIA GPU** - For faster local Whisper transcription
- **OpenAI API Key** - For cloud-based voice and LLM features
- **Anthropic API Key** - For Claude LLM support
- **Physical WiFi Adapter** - For wireless penetration testing (requires USB passthrough)
---
@@ -36,11 +38,13 @@ This gets you running with **all backend features** and **basic frontend** (no b
```bash
cd /path/to/StrikePackageGPT
docker-compose up -d
docker-compose up -d --build
```
This starts all services including the new API endpoints.
**Note:** First-time build will take 20-30 minutes as it installs the complete Kali Linux tool suite (600+ tools, ~10GB download). Subsequent starts are instant.
### Step 2: Verify Installation
```bash
@@ -78,7 +82,33 @@ http://localhost:8080/static/unknown.svg
http://localhost:8080
```
**That's it for basic setup!** All backend features are now available via API endpoints.
### Step 5: Access All Kali Tools
The Kali container now includes **ALL 600+ Kali Linux tools** via the `kali-linux-everything` metapackage:
```bash
# Access the Kali container
docker exec -it strikepackage-kali bash
# Available tools include:
# - Reconnaissance: nmap, masscan, recon-ng, maltego, amass
# - Web Testing: burpsuite, zaproxy, sqlmap, nikto, wpscan
# - Wireless: aircrack-ng, wifite, reaver, kismet
# - Password Attacks: john, hashcat, hydra, medusa
# - Exploitation: metasploit, searchsploit, armitage
# - Post-Exploitation: mimikatz, bloodhound, crackmapexec
# - Forensics: autopsy, volatility, sleuthkit
# - Reverse Engineering: ghidra, radare2, gdb
# - And 500+ more tools!
# Example: Run aircrack-ng
aircrack-ng --help
# Example: Use wifite
wifite --help
```
**That's it for basic setup!** All backend features and 600+ Kali tools are now available.
---

18
README.md
View File

@@ -64,12 +64,20 @@ StrikePackageGPT provides security researchers and penetration testers with an A
## 🛠️ Security Tools
The Kali container includes:
The Kali container includes **ALL Kali Linux tools** via the `kali-linux-everything` metapackage:
- **Reconnaissance**: nmap, masscan, amass, theHarvester, whatweb
- **Web Testing**: nikto, gobuster, dirb, sqlmap
- **Exploitation**: metasploit-framework, hydra, searchsploit
- **Network**: tcpdump, netcat, wireshark
- **600+ Security Tools**: Complete Kali Linux arsenal
- **Reconnaissance**: nmap, masscan, amass, theHarvester, whatweb, recon-ng, maltego
- **Web Testing**: nikto, gobuster, dirb, sqlmap, burpsuite, zaproxy, wpscan
- **Exploitation**: metasploit-framework, exploit-db, searchsploit, armitage
- **Password Attacks**: hydra, john, hashcat, medusa, ncrack
- **Wireless**: aircrack-ng, wifite, reaver, bully, kismet, fern-wifi-cracker
- **Sniffing/Spoofing**: wireshark, tcpdump, ettercap, bettercap, responder
- **Post-Exploitation**: mimikatz, powersploit, empire, covenant
- **Forensics**: autopsy, volatility, sleuthkit, foremost
- **Reverse Engineering**: ghidra, radare2, gdb, ollydbg, ida-free
- **Social Engineering**: set (Social Engineering Toolkit)
- **And hundreds more...**
Access the Kali container:
```bash

50
services/kali-executor/app/main.py
View File

@@ -17,23 +17,55 @@ from datetime import datetime
from contextlib import asynccontextmanager
# Allowed command prefixes (security whitelist)
# Expanded to support all Kali tools
ALLOWED_COMMANDS = {
# Reconnaissance
"nmap", "masscan", "amass", "theharvester", "whatweb", "dnsrecon", "fierce",
"dig", "nslookup", "host", "whois",
"dig", "nslookup", "host", "whois", "recon-ng", "maltego", "dmitry", "dnsenum",
"enum4linux", "nbtscan", "onesixtyone", "smbclient", "snmp-check", "wafw00f",
# Web testing
"nikto", "gobuster", "dirb", "sqlmap", "wpscan", "curl", "wget",
"nikto", "gobuster", "dirb", "sqlmap", "wpscan", "curl", "wget", "burpsuite",
"zaproxy", "zap-cli", "wfuzz", "ffuf", "dirbuster", "cadaver", "davtest",
"skipfish", "uniscan", "whatweb", "wapiti", "commix", "joomscan", "droopescan",
# Wireless
"aircrack-ng", "airodump-ng", "aireplay-ng", "airmon-ng", "airbase-ng",
"wifite", "reaver", "bully", "kismet", "fern-wifi-cracker", "wash", "cowpatty",
"mdk3", "mdk4", "pixiewps", "wifiphisher", "eaphammer", "hostapd-wpe",
# Password attacks
"hydra", "medusa", "john", "hashcat", "ncrack", "patator", "ophcrack",
"crunch", "cewl", "rsmangler", "hashid", "hash-identifier",
# Network utilities
"ping", "traceroute", "netcat", "nc", "tcpdump",
# Exploitation research
"searchsploit", "msfconsole", "msfvenom",
# Brute force
"hydra", "medusa",
"ping", "traceroute", "netcat", "nc", "tcpdump", "wireshark", "tshark",
"ettercap", "bettercap", "responder", "arpspoof", "dnsspoof", "macchanger",
"hping3", "arping", "fping", "masscan-web", "unicornscan",
# Exploitation
"searchsploit", "msfconsole", "msfvenom", "exploit", "armitage",
"beef-xss", "set", "setoolkit", "backdoor-factory", "shellnoob",
"commix", "routersploit", "linux-exploit-suggester",
# Post-exploitation
"mimikatz", "powersploit", "empire", "covenant", "crackmapexec", "cme",
"impacket-smbserver", "impacket-psexec", "evil-winrm", "bloodhound",
"sharphound", "powershell", "pwsh",
# Forensics
"autopsy", "volatility", "sleuthkit", "foremost", "binwalk", "bulk-extractor",
"scalpel", "dc3dd", "guymager", "chkrootkit", "rkhunter",
# Reverse engineering
"ghidra", "radare2", "r2", "gdb", "objdump", "strings", "ltrace", "strace",
"hexdump", "xxd", "file", "readelf", "checksec", "pwntools",
# Sniffing
"dsniff", "tcpflow", "tcpreplay", "tcpick", "ngrep", "p0f", "ssldump",
# System info
"ls", "cat", "head", "tail", "grep", "find", "pwd", "whoami", "id",
"uname", "hostname", "ip", "ifconfig", "netstat", "ss",
"uname", "hostname", "ip", "ifconfig", "netstat", "ss", "route",
# Analysis tools
"exiftool", "pdfid", "pdf-parser", "peepdf", "oletools", "olevba",
# VPN/Tunneling
"openvpn", "ssh", "sshuttle", "proxychains", "tor", "socat",
# Misc security tools
"openssl", "gpg", "steghide", "outguess", "covert", "stegosuite",
"yersinia", "responder", "chisel", "ligolo", "sliver",
# Python scripts
"python", "python3",
"python", "python3", "python2",
}
# Blocked patterns (dangerous commands)

37
services/kali/Dockerfile
View File

@@ -3,41 +3,10 @@ FROM kalilinux/kali-rolling
# Avoid prompts during package installation
ENV DEBIAN_FRONTEND=noninteractive
# Update and install essential security tools
# Update and install ALL Kali tools
# Using kali-linux-everything metapackage for complete tool suite
RUN apt-get update && apt-get install -y --no-install-recommends \
# Core utilities
curl \
wget \
git \
vim \
net-tools \
iputils-ping \
dnsutils \
# Reconnaissance tools
nmap \
masscan \
amass \
theharvester \
whatweb \
dnsrecon \
fierce \
# Web testing tools
nikto \
gobuster \
dirb \
sqlmap \
# Network tools
netcat-openbsd \
tcpdump \
wireshark-common \
hydra \
# Exploitation
metasploit-framework \
exploitdb \
# Scripting
python3 \
python3-pip \
python3-venv \
kali-linux-everything \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*