diff --git a/config.yaml b/config.yaml index b234103..7c3f660 100644 --- a/config.yaml +++ b/config.yaml @@ -17,6 +17,7 @@ llm: model_path: "" ollama_host: "http://localhost:11434" +skills_directory: "./skills" # 新增:SKILL.md 文件所在目录 # ── 本地 MCP Server 配置 ─────────────────────────────────────── mcp: server_name: "DemoMCPServer" diff --git a/config/settings.py b/config/settings.py index 039ac79..a9c90aa 100644 --- a/config/settings.py +++ b/config/settings.py @@ -283,6 +283,7 @@ class AppConfig: memory: MemoryConfig, logging: LoggingConfig, agent: AgentConfig, + skills_directory: str = "./skills" ): self.llm = llm self.mcp = mcp @@ -291,6 +292,7 @@ class AppConfig: self.memory = memory self.logging = logging self.agent = agent + self.skills_directory = skills_directory @property def enabled_mcp_skills(self) -> list[MCPSkillConfig]: @@ -373,6 +375,7 @@ class ConfigLoader: memory=cls._build_memory(raw.get("memory", {})), logging=cls._build_logging(raw.get("logging", {})), agent=cls._build_agent(raw.get("agent", {})), + skills=raw.get("skills", []) ) # ── LLM ─────────────────────────────────────────────────── diff --git a/logs/agent.log b/logs/agent.log index a4b53dd..10b9c49 100644 --- a/logs/agent.log +++ b/logs/agent.log @@ -2349,3 +2349,3794 @@ The function `get_system_name()` uses `platform.system()` to determine the syste 重试 : 1 次 2026-03-30 16:06:11 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: npx -y @modelcontextprotocol/server-filesystem /tmp 2026-03-30 16:06:41 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: timed out +2026-04-13 15:18:27 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:18:27 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:18:27 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:18:27 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:18:27 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=2 +2026-04-13 15:18:27 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [everything] + 传输协议: sse + 地址 : http://localhost:3001/sse + 超时 : 30s + 重试 : 2 次 +2026-04-13 15:18:28 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:18:28 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:18:38 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 1/3),1s 后重试: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:18:40 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:18:40 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:18:50 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 2/3),2s 后重试: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:18:52 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:18:52 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:19:02 [ERROR ] agent.MCP.SkillRegistry │ ❌ Skill [everything] 连接失败,跳过 + 错误: ❌ MCP Skill [everything] 连接失败(已重试 2 次) + 最后错误: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:19:02 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [everything] 已断开 +2026-04-13 15:19:02 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:19:02 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:19:02 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=40245 +2026-04-13 15:19:11 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:19:11 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:19:11 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:19:11 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:19:11 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:19:13 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:19:57 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机192.168.0.1 +2026-04-13 15:19:57 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:20:14 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:20:14 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:20:14 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:22:07 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:22:07 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:22:07 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:22:07 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:22:07 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=2 +2026-04-13 15:22:07 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [everything] + 传输协议: sse + 地址 : http://localhost:3001/sse + 超时 : 30s + 重试 : 2 次 +2026-04-13 15:22:08 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:22:08 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:22:18 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 1/3),1s 后重试: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:22:19 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:22:19 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:22:29 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 2/3),2s 后重试: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:22:31 [INFO ] agent.MCP.SkillClient │ 🔌 SSE 连接: http://localhost:3001/sse timeout=30s +2026-04-13 15:22:31 [ERROR ] agent.MCP.SkillClient │ ❌ SSE 监听异常: Expected response header Content-Type to contain 'text/event-stream', got '' +2026-04-13 15:22:41 [ERROR ] agent.MCP.SkillRegistry │ ❌ Skill [everything] 连接失败,跳过 + 错误: ❌ MCP Skill [everything] 连接失败(已重试 2 次) + 最后错误: SSE 连接超时:未收到 endpoint 事件 + URL: http://localhost:3001/sse + 请检查 MCP Server 是否正常运行 +2026-04-13 15:22:41 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [everything] 已断开 +2026-04-13 15:22:41 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:22:41 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:22:41 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=41006 +2026-04-13 15:22:53 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:22:53 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:22:54 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:22:54 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:22:54 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:22:56 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:22:56 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:22:57 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:22:57 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:23:00 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:23:00 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:23:00 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:23:00 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:23:00 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:23:00 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:23:00 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:23:00 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=41304 +2026-04-13 15:23:09 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:23:09 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:23:09 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:23:09 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:23:09 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:23:11 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:23:38 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机192.168.0.1的80端口 +2026-04-13 15:23:38 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:23:52 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:23:52 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:23:52 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:25:13 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:25:13 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:25:13 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:25:13 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:25:13 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:25:13 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:25:13 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:25:22 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=41926 +2026-04-13 15:25:29 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 1/3),1s 后重试: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:25:30 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:25:30 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:25:30 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=41937 +2026-04-13 15:25:35 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 2/3),2s 后重试: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:25:37 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:25:37 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:25:37 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=41944 +2026-04-13 15:26:07 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:26:07 [ERROR ] agent.MCP.SkillRegistry │ ❌ Skill [hexstrike-ai] 连接失败,跳过 + 错误: ❌ MCP Skill [hexstrike-ai] 连接失败(已重试 2 次) + 最后错误: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:26:07 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:26:07 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 0 个 [] +2026-04-13 15:26:13 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 4 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor +2026-04-13 15:26:18 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:26:26 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:26:26 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:26:26 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:26:26 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:26:26 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:26:26 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:26:26 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:26:26 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42040 +2026-04-13 15:26:53 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 1/3),1s 后重试: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:26:54 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:26:54 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8888 +2026-04-13 15:26:54 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42075 +2026-04-13 15:27:36 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:27:36 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:27:36 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:27:36 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:27:36 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:27:36 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:27:36 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:27:36 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42136 +2026-04-13 15:27:43 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 1/3),1s 后重试: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:27:44 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:27:44 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:27:44 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42147 +2026-04-13 15:27:56 [WARNING ] agent.MCP.SkillClient │ ⚠️ 连接失败 (attempt 2/3),2s 后重试: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:27:58 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:27:58 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:27:58 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42165 +2026-04-13 15:28:02 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:28:02 [ERROR ] agent.MCP.SkillRegistry │ ❌ Skill [hexstrike-ai] 连接失败,跳过 + 错误: ❌ MCP Skill [hexstrike-ai] 连接失败(已重试 2 次) + 最后错误: stdio 子进程无响应 skill=hexstrike-ai method=initialize +2026-04-13 15:28:02 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:28:02 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 0 个 [] +2026-04-13 15:28:05 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 4 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor +2026-04-13 15:28:16 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:28:44 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:28:44 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:28:44 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:28:44 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:28:44 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:28:44 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:28:44 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:29:14 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:29:14 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:29:14 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:29:14 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:29:14 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:29:14 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:29:14 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:29:14 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=42274 +2026-04-13 15:29:44 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:29:44 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:29:44 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:29:44 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:29:44 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:29:47 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:31:08 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机192.168.0.1,端口80 +2026-04-13 15:31:08 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:31:25 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:31:25 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:31:25 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:32:12 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:32:12 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:32:12 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:32:12 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:32:12 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:32:12 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:32:12 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:32:12 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=43004 +2026-04-13 15:32:23 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:32:23 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:32:23 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:32:23 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:32:23 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:32:25 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:34:14 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机192.168.0.1,端口80 +2026-04-13 15:34:14 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:34:18 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 15:34:18 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 15:34:18 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 15:46:39 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 15:46:39 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 15:46:39 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 15:46:39 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 15:46:39 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 15:46:39 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 15:46:39 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 15:46:39 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=44847 +2026-04-13 15:47:12 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 15:47:12 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 15:47:12 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 15:47:12 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:47:12 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 15:47:16 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 15:47:27 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机192.168.0.1的80端口 +2026-04-13 15:47:27 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:47:42 [DEBUG ] agent.Agent │ LLM 响应: finish=tool_calls tool_calls=1 content= +2026-04-13 15:47:42 [INFO ] agent.Agent │ 🔧 执行工具: nmap_scan + 来源: {'name': 'nmap_scan', 'source': 'remote:hexstrike-ai', 'description': '\n Execute an enhanced Nmap scan against a target with real-time logging.\n\n Args:\n target: The IP address or hostname to scan\n scan_type: Scan type (e.g., -sV for version detection, -sC for scripts)\n ports: Comma-separated list of ports or port ranges\n additional_args: Additional Nmap arguments\n\n Returns:\n Scan results with enhanced telemetry\n '} + 参数: {"target": "192.168.0.1", "ports": "80"} +2026-04-13 15:47:42 [INFO ] agent.MCP.SkillRegistry │ 🌐 调用远端工具: [hexstrike-ai] / nmap_scan 参数={'target': '192.168.0.1', 'ports': '80'} +2026-04-13 15:47:42 [INFO ] agent.MCP.SkillClient │ 🔧 调用远端工具: [hexstrike-ai] / nmap_scan + 参数: {"target": "192.168.0.1", "ports": "80"} +2026-04-13 15:47:45 [INFO ] agent.MCP.SkillClient │ ✅ 工具调用成功: nmap_scan 耗时=3.81s + 结果: { + "execution_time": 3.7700958251953125, + "partial_results": false, + "recovery_info": { + "attempts_made": 1, + "recovery_applied": false, + +2026-04-13 15:47:45 [INFO ] agent.Agent │ ✅ 工具结果: nmap_scan source=remote:hexstrike-ai 耗时=3.81s + { + "execution_time": 3.7700958251953125, + "partial_results": false, + "recovery_info": { + "attempts_made": 1, + "recovery_applied": false, + "recovery_history": [] + }, + "return_code": 0, + +2026-04-13 15:47:45 [INFO ] agent.Agent │ 🔁 推理步骤 2/10 +2026-04-13 15:47:50 [DEBUG ] agent.Agent │ LLM 响应: finish=stop tool_calls=0 content=扫描主机192.168.0.1的80端口时,Nmap返回以下结果: + +- **主机状态**: 主机似乎处于离线状态。如果主机确实在线,但阻止了Nmap的ping +2026-04-13 15:49:14 [INFO ] agent.Agent │ 💬 用户输入: 扫描主机10.10.10.229 +2026-04-13 15:49:14 [INFO ] agent.Agent │ 🔁 推理步骤 1/10 +2026-04-13 15:49:18 [DEBUG ] agent.Agent │ LLM 响应: finish=tool_calls tool_calls=1 content= +2026-04-13 15:49:18 [INFO ] agent.Agent │ 🔧 执行工具: nmap_scan + 来源: {'name': 'nmap_scan', 'source': 'remote:hexstrike-ai', 'description': '\n Execute an enhanced Nmap scan against a target with real-time logging.\n\n Args:\n target: The IP address or hostname to scan\n scan_type: Scan type (e.g., -sV for version detection, -sC for scripts)\n ports: Comma-separated list of ports or port ranges\n additional_args: Additional Nmap arguments\n\n Returns:\n Scan results with enhanced telemetry\n '} + 参数: {"target": "10.10.10.229"} +2026-04-13 15:49:18 [INFO ] agent.MCP.SkillRegistry │ 🌐 调用远端工具: [hexstrike-ai] / nmap_scan 参数={'target': '10.10.10.229'} +2026-04-13 15:49:18 [INFO ] agent.MCP.SkillClient │ 🔧 调用远端工具: [hexstrike-ai] / nmap_scan + 参数: {"target": "10.10.10.229"} +2026-04-13 15:49:33 [INFO ] agent.MCP.SkillClient │ ✅ 工具调用成功: nmap_scan 耗时=14.57s + 结果: { + "execution_time": 14.536990880966187, + "partial_results": false, + "recovery_info": { + "attempts_made": 1, + "recovery_applied": false, + +2026-04-13 15:49:33 [INFO ] agent.Agent │ ✅ 工具结果: nmap_scan source=remote:hexstrike-ai 耗时=14.58s + { + "execution_time": 14.536990880966187, + "partial_results": false, + "recovery_info": { + "attempts_made": 1, + "recovery_applied": false, + "recovery_history": [] + }, + "return_code": 0, + +2026-04-13 15:49:33 [INFO ] agent.Agent │ 🔁 推理步骤 2/10 +2026-04-13 15:49:40 [DEBUG ] agent.Agent │ LLM 响应: finish=stop tool_calls=0 content=扫描主机 `10.10.10.229` 的结果如下: + +- **主机状态**: 在线 (延迟约 0.00066 秒) +- **端口信息**: + - **22/ +2026-04-13 16:11:22 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 16:11:22 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 16:11:22 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 16:11:32 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 16:11:32 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 16:11:32 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 16:11:32 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 16:11:32 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 16:11:32 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 16:11:32 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 16:11:32 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=47856 +2026-04-13 16:12:03 [INFO ] agent.MCP.SkillClient │ 🤝 MCP 握手成功 [hexstrike-ai] + 服务端: hexstrike-ai-mcp v1.26.0 + 协议版本: 2024-11-05 +2026-04-13 16:12:03 [INFO ] agent.MCP.SkillClient │ ✅ MCP Skill [hexstrike-ai] 连接成功 +2026-04-13 16:12:03 [INFO ] agent.MCP.SkillClient │ 📦 MCP Skill [hexstrike-ai] 工具列表: + • nmap_scan: + Execute an enhanced Nmap scan against a target with + • gobuster_scan: + Execute Gobuster to find directories, DNS subdomain + • nuclei_scan: + Execute Nuclei vulnerability scanner with enhanced + • prowler_scan: + Execute Prowler for comprehensive cloud security as + • trivy_scan: + Execute Trivy for container and filesystem vulnerab + • scout_suite_assessment: + Execute Scout Suite for multi-cloud security assess + • cloudmapper_analysis: + Execute CloudMapper for AWS network visualization a + • pacu_exploitation: + Execute Pacu for AWS exploitation framework. + + + • kube_hunter_scan: + Execute kube-hunter for Kubernetes penetration test + • kube_bench_cis: + Execute kube-bench for CIS Kubernetes benchmark che + • docker_bench_security_scan: + Execute Docker Bench for Security for Docker securi + • clair_vulnerability_scan: + Execute Clair for container vulnerability analysis. + • falco_runtime_monitoring: + Execute Falco for runtime security monitoring. + + + • checkov_iac_scan: + Execute Checkov for infrastructure as code security + • terrascan_iac_scan: + Execute Terrascan for infrastructure as code securi + • create_file: + Create a file with specified content on the HexStri + • modify_file: + Modify an existing file on the HexStrike server. + + + • delete_file: + Delete a file or directory on the HexStrike server. + • list_files: + List files in a directory on the HexStrike server. + + • generate_payload: + Generate large payloads for testing and exploitatio + • install_python_package: + Install a Python package in a virtual environment o + • execute_python_script: + Execute a Python script in a virtual environment on + • dirb_scan: + Execute Dirb for directory brute forcing with enhan + • nikto_scan: + Execute Nikto web vulnerability scanner with enhanc + • sqlmap_scan: + Execute SQLMap for SQL injection testing with enhan + • metasploit_run: + Execute a Metasploit module with enhanced logging. + + • hydra_attack: + Execute Hydra for password brute forcing with enhan + • john_crack: + Execute John the Ripper for password cracking with + • wpscan_analyze: + Execute WPScan for WordPress vulnerability scanning + • enum4linux_scan: + Execute Enum4linux for SMB enumeration with enhance + • ffuf_scan: + Execute FFuf for web fuzzing with enhanced logging. + • netexec_scan: + Execute NetExec (formerly CrackMapExec) for network + • amass_scan: + Execute Amass for subdomain enumeration with enhanc + • hashcat_crack: + Execute Hashcat for advanced password cracking with + • subfinder_scan: + Execute Subfinder for passive subdomain enumeration + • smbmap_scan: + Execute SMBMap for SMB share enumeration with enhan + • rustscan_fast_scan: + Execute Rustscan for ultra-fast port scanning with + • masscan_high_speed: + Execute Masscan for high-speed Internet-scale port + • nmap_advanced_scan: + Execute advanced Nmap scans with custom NSE scripts + • autorecon_comprehensive: + Execute AutoRecon for comprehensive automated recon + • enum4linux_ng_advanced: + Execute Enum4linux-ng for advanced SMB enumeration + • rpcclient_enumeration: + Execute rpcclient for RPC enumeration with enhanced + • nbtscan_netbios: + Execute nbtscan for NetBIOS name scanning with enha + • arp_scan_discovery: + Execute arp-scan for network discovery with enhance + • responder_credential_harvest: + Execute Responder for credential harvesting with en + • volatility_analyze: + Execute Volatility for memory forensics analysis wi + • msfvenom_generate: + Execute MSFVenom for payload generation with enhanc + • gdb_analyze: + Execute GDB for binary analysis and debugging with + • radare2_analyze: + Execute Radare2 for binary analysis and reverse eng + • binwalk_analyze: + Execute Binwalk for firmware and file analysis with + • ropgadget_search: + Search for ROP gadgets in a binary using ROPgadget + • checksec_analyze: + Check security features of a binary with enhanced l + • xxd_hexdump: + Create a hex dump of a file using xxd with enhanced + • strings_extract: + Extract strings from a binary file with enhanced lo + • objdump_analyze: + Analyze a binary using objdump with enhanced loggin + • ghidra_analysis: + Execute Ghidra for advanced binary analysis and rev + • pwntools_exploit: + Execute Pwntools for exploit development and automa + • one_gadget_search: + Execute one_gadget to find one-shot RCE gadgets in + • libc_database_lookup: + Execute libc-database for libc identification and o + • gdb_peda_debug: + Execute GDB with PEDA for enhanced debugging and ex + • angr_symbolic_execution: + Execute angr for symbolic execution and binary anal + • ropper_gadget_search: + Execute ropper for advanced ROP/JOP gadget searchin + • pwninit_setup: + Execute pwninit for CTF binary exploitation setup. + + • feroxbuster_scan: + Execute Feroxbuster for recursive content discovery + • dotdotpwn_scan: + Execute DotDotPwn for directory traversal testing w + • xsser_scan: + Execute XSSer for XSS vulnerability testing with en + • wfuzz_scan: + Execute Wfuzz for web application fuzzing with enha + • dirsearch_scan: + Execute Dirsearch for advanced directory and file d + • katana_crawl: + Execute Katana for next-generation crawling and spi + • gau_discovery: + Execute Gau (Get All URLs) for URL discovery from m + • waybackurls_discovery: + Execute Waybackurls for historical URL discovery wi + • arjun_parameter_discovery: + Execute Arjun for HTTP parameter discovery with enh + • paramspider_mining: + Execute ParamSpider for parameter mining from web a + • x8_parameter_discovery: + Execute x8 for hidden parameter discovery with enha + • jaeles_vulnerability_scan: + Execute Jaeles for advanced vulnerability scanning + • dalfox_xss_scan: + Execute Dalfox for advanced XSS vulnerability scann + • httpx_probe: + Execute httpx for fast HTTP probing and technology + • anew_data_processing: + Execute anew for appending new lines to files (usef + • qsreplace_parameter_replacement: + Execute qsreplace for query string parameter replac + • uro_url_filtering: + Execute uro for filtering out similar URLs. + + + • ai_generate_payload: + Generate AI-powered contextual payloads for securit + • ai_test_payload: + Test generated payload against target with AI analy + • ai_generate_attack_suite: + Generate comprehensive attack suite with multiple p + • api_fuzzer: + Advanced API endpoint fuzzing with intelligent para + • graphql_scanner: + Advanced GraphQL security scanning and introspectio + • jwt_analyzer: + Advanced JWT token analysis and vulnerability testi + • api_schema_analyzer: + Analyze API schemas and identify potential security + • comprehensive_api_audit: + Comprehensive API security audit combining multiple + • volatility3_analyze: + Execute Volatility3 for advanced memory forensics w + • foremost_carving: + Execute Foremost for file carving with enhanced log + • steghide_analysis: + Execute Steghide for steganography analysis with en + • exiftool_extract: + Execute ExifTool for metadata extraction with enhan + • hashpump_attack: + Execute HashPump for hash length extension attacks + • hakrawler_crawl: + Execute Hakrawler for web endpoint discovery with e + • paramspider_discovery: + Execute ParamSpider for parameter discovery with en + • burpsuite_scan: + Execute Burp Suite with enhanced logging. + + + • zap_scan: + Execute OWASP ZAP with enhanced logging. + + A + • arjun_scan: + Execute Arjun for parameter discovery with enhanced + • wafw00f_scan: + Execute wafw00f to identify and fingerprint WAF pro + • fierce_scan: + Execute fierce for DNS reconnaissance with enhanced + • dnsenum_scan: + Execute dnsenum for DNS enumeration with enhanced l + • autorecon_scan: + Execute AutoRecon for comprehensive target enumerat + • server_health: + Check the health status of the HexStrike AI server. + • get_cache_stats: + Get cache statistics from the HexStrike AI server. + + • clear_cache: + Clear the cache on the HexStrike AI server. + + + • get_telemetry: + Get system telemetry from the HexStrike AI server. + + • list_active_processes: + List all active processes on the HexStrike AI serve + • get_process_status: + Get the status of a specific process. + + Args + • terminate_process: + Terminate a specific running process. + + Args + • pause_process: + Pause a specific running process. + + Args: + + • resume_process: + Resume a paused process. + + Args: + + • get_process_dashboard: + Get enhanced process dashboard with visual status i + • execute_command: + Execute an arbitrary command on the HexStrike AI se + • monitor_cve_feeds: + Monitor CVE databases for new vulnerabilities with + • generate_exploit_from_cve: + Generate working exploits from CVE information usin + • discover_attack_chains: + Discover multi-stage attack chains for target softw + • research_zero_day_opportunities: + Automated zero-day vulnerability research using AI + • correlate_threat_intelligence: + Correlate threat intelligence across multiple sourc + • advanced_payload_generation: + Generate advanced payloads with AI-powered evasion + • vulnerability_intelligence_dashboard: + Get a comprehensive vulnerability intelligence dash + • threat_hunting_assistant: + AI-powered threat hunting assistant with vulnerabil + • get_live_dashboard: + Get a beautiful live dashboard showing all active p + • create_vulnerability_report: + Create a beautiful vulnerability report with severi + • format_tool_output_visual: + Format tool output with beautiful visual styling, s + • create_scan_summary: + Create a comprehensive scan summary report with bea + • display_system_metrics: + Display current system metrics and performance indi + • analyze_target_intelligence: + Analyze target using AI-powered intelligence to cre + • select_optimal_tools_ai: + Use AI to select optimal security tools based on ta + • optimize_tool_parameters_ai: + Use AI to optimize tool parameters based on target + • create_attack_chain_ai: + Create an intelligent attack chain using AI-driven + • intelligent_smart_scan: + Execute an intelligent scan using AI-driven tool se + • detect_technologies_ai: + Use AI to detect technologies and provide technolog + • ai_reconnaissance_workflow: + Execute AI-driven reconnaissance workflow with inte + • ai_vulnerability_assessment: + Perform AI-driven vulnerability assessment with int + • bugbounty_reconnaissance_workflow: + Create comprehensive reconnaissance workflow for bu + • bugbounty_vulnerability_hunting: + Create vulnerability hunting workflow prioritized b + • bugbounty_business_logic_testing: + Create business logic testing workflow for advanced + • bugbounty_osint_gathering: + Create OSINT (Open Source Intelligence) gathering w + • bugbounty_file_upload_testing: + Create file upload vulnerability testing workflow w + • bugbounty_comprehensive_assessment: + Create comprehensive bug bounty assessment combinin + • bugbounty_authentication_bypass_testing: + Create authentication bypass testing workflow for b + • http_framework_test: + Enhanced HTTP testing framework (Burp Suite alterna + • browser_agent_inspect: + AI-powered browser agent for comprehensive web appl + • http_set_rules: Set match/replace rules used to rewrite parts of URL/query/h + • http_set_scope: Define in-scope host (and optionally subdomains) so out-of-s + • http_repeater: Send a crafted request (Burp Repeater equivalent). request_s + • http_intruder: Simple Intruder (sniper) fuzzing. Iterates payloads over eac + • burpsuite_alternative_scan: + Comprehensive Burp Suite alternative combining HTTP + • error_handling_statistics: + Get intelligent error handling system statistics an + • test_error_recovery: + Test the intelligent error recovery system with sim +2026-04-13 16:12:03 [INFO ] agent.MCP.SkillRegistry │ ✅ Skill [hexstrike-ai] 注册完成 工具数=150: ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 16:12:03 [INFO ] agent.MCP.SkillRegistry │ 📊 SkillRegistry 初始化完成 + 本地工具 : 4 个 ['calculator', 'web_search', 'file_reader', 'code_executor'] + 远端工具 : 150 个 ['nmap_scan', 'gobuster_scan', 'nuclei_scan', 'prowler_scan', 'trivy_scan', 'scout_suite_assessment', 'cloudmapper_analysis', 'pacu_exploitation', 'kube_hunter_scan', 'kube_bench_cis', 'docker_bench_security_scan', 'clair_vulnerability_scan', 'falco_runtime_monitoring', 'checkov_iac_scan', 'terrascan_iac_scan', 'create_file', 'modify_file', 'delete_file', 'list_files', 'generate_payload', 'install_python_package', 'execute_python_script', 'dirb_scan', 'nikto_scan', 'sqlmap_scan', 'metasploit_run', 'hydra_attack', 'john_crack', 'wpscan_analyze', 'enum4linux_scan', 'ffuf_scan', 'netexec_scan', 'amass_scan', 'hashcat_crack', 'subfinder_scan', 'smbmap_scan', 'rustscan_fast_scan', 'masscan_high_speed', 'nmap_advanced_scan', 'autorecon_comprehensive', 'enum4linux_ng_advanced', 'rpcclient_enumeration', 'nbtscan_netbios', 'arp_scan_discovery', 'responder_credential_harvest', 'volatility_analyze', 'msfvenom_generate', 'gdb_analyze', 'radare2_analyze', 'binwalk_analyze', 'ropgadget_search', 'checksec_analyze', 'xxd_hexdump', 'strings_extract', 'objdump_analyze', 'ghidra_analysis', 'pwntools_exploit', 'one_gadget_search', 'libc_database_lookup', 'gdb_peda_debug', 'angr_symbolic_execution', 'ropper_gadget_search', 'pwninit_setup', 'feroxbuster_scan', 'dotdotpwn_scan', 'xsser_scan', 'wfuzz_scan', 'dirsearch_scan', 'katana_crawl', 'gau_discovery', 'waybackurls_discovery', 'arjun_parameter_discovery', 'paramspider_mining', 'x8_parameter_discovery', 'jaeles_vulnerability_scan', 'dalfox_xss_scan', 'httpx_probe', 'anew_data_processing', 'qsreplace_parameter_replacement', 'uro_url_filtering', 'ai_generate_payload', 'ai_test_payload', 'ai_generate_attack_suite', 'api_fuzzer', 'graphql_scanner', 'jwt_analyzer', 'api_schema_analyzer', 'comprehensive_api_audit', 'volatility3_analyze', 'foremost_carving', 'steghide_analysis', 'exiftool_extract', 'hashpump_attack', 'hakrawler_crawl', 'paramspider_discovery', 'burpsuite_scan', 'zap_scan', 'arjun_scan', 'wafw00f_scan', 'fierce_scan', 'dnsenum_scan', 'autorecon_scan', 'server_health', 'get_cache_stats', 'clear_cache', 'get_telemetry', 'list_active_processes', 'get_process_status', 'terminate_process', 'pause_process', 'resume_process', 'get_process_dashboard', 'execute_command', 'monitor_cve_feeds', 'generate_exploit_from_cve', 'discover_attack_chains', 'research_zero_day_opportunities', 'correlate_threat_intelligence', 'advanced_payload_generation', 'vulnerability_intelligence_dashboard', 'threat_hunting_assistant', 'get_live_dashboard', 'create_vulnerability_report', 'format_tool_output_visual', 'create_scan_summary', 'display_system_metrics', 'analyze_target_intelligence', 'select_optimal_tools_ai', 'optimize_tool_parameters_ai', 'create_attack_chain_ai', 'intelligent_smart_scan', 'detect_technologies_ai', 'ai_reconnaissance_workflow', 'ai_vulnerability_assessment', 'bugbounty_reconnaissance_workflow', 'bugbounty_vulnerability_hunting', 'bugbounty_business_logic_testing', 'bugbounty_osint_gathering', 'bugbounty_file_upload_testing', 'bugbounty_comprehensive_assessment', 'bugbounty_authentication_bypass_testing', 'http_framework_test', 'browser_agent_inspect', 'http_set_rules', 'http_set_scope', 'http_repeater', 'http_intruder', 'burpsuite_alternative_scan', 'error_handling_statistics', 'test_error_recovery'] +2026-04-13 16:12:06 [INFO ] agent.Agent │ 🤖 Agent 初始化完成 + LLM : openai / gpt-4o + 工具总数 : 154 个 + 最大步数 : 10 + 工具列表 : + 🔵 [local ] calculator + 🔵 [local ] web_search + 🔵 [local ] file_reader + 🔵 [local ] code_executor + 🟢 [remote:hexstrike-ai ] nmap_scan + 🟢 [remote:hexstrike-ai ] gobuster_scan + 🟢 [remote:hexstrike-ai ] nuclei_scan + 🟢 [remote:hexstrike-ai ] prowler_scan + 🟢 [remote:hexstrike-ai ] trivy_scan + 🟢 [remote:hexstrike-ai ] scout_suite_assessment + 🟢 [remote:hexstrike-ai ] cloudmapper_analysis + 🟢 [remote:hexstrike-ai ] pacu_exploitation + 🟢 [remote:hexstrike-ai ] kube_hunter_scan + 🟢 [remote:hexstrike-ai ] kube_bench_cis + 🟢 [remote:hexstrike-ai ] docker_bench_security_scan + 🟢 [remote:hexstrike-ai ] clair_vulnerability_scan + 🟢 [remote:hexstrike-ai ] falco_runtime_monitoring + 🟢 [remote:hexstrike-ai ] checkov_iac_scan + 🟢 [remote:hexstrike-ai ] terrascan_iac_scan + 🟢 [remote:hexstrike-ai ] create_file + 🟢 [remote:hexstrike-ai ] modify_file + 🟢 [remote:hexstrike-ai ] delete_file + 🟢 [remote:hexstrike-ai ] list_files + 🟢 [remote:hexstrike-ai ] generate_payload + 🟢 [remote:hexstrike-ai ] install_python_package + 🟢 [remote:hexstrike-ai ] execute_python_script + 🟢 [remote:hexstrike-ai ] dirb_scan + 🟢 [remote:hexstrike-ai ] nikto_scan + 🟢 [remote:hexstrike-ai ] sqlmap_scan + 🟢 [remote:hexstrike-ai ] metasploit_run + 🟢 [remote:hexstrike-ai ] hydra_attack + 🟢 [remote:hexstrike-ai ] john_crack + 🟢 [remote:hexstrike-ai ] wpscan_analyze + 🟢 [remote:hexstrike-ai ] enum4linux_scan + 🟢 [remote:hexstrike-ai ] ffuf_scan + 🟢 [remote:hexstrike-ai ] netexec_scan + 🟢 [remote:hexstrike-ai ] amass_scan + 🟢 [remote:hexstrike-ai ] hashcat_crack + 🟢 [remote:hexstrike-ai ] subfinder_scan + 🟢 [remote:hexstrike-ai ] smbmap_scan + 🟢 [remote:hexstrike-ai ] rustscan_fast_scan + 🟢 [remote:hexstrike-ai ] masscan_high_speed + 🟢 [remote:hexstrike-ai ] nmap_advanced_scan + 🟢 [remote:hexstrike-ai ] autorecon_comprehensive + 🟢 [remote:hexstrike-ai ] enum4linux_ng_advanced + 🟢 [remote:hexstrike-ai ] rpcclient_enumeration + 🟢 [remote:hexstrike-ai ] nbtscan_netbios + 🟢 [remote:hexstrike-ai ] arp_scan_discovery + 🟢 [remote:hexstrike-ai ] responder_credential_harvest + 🟢 [remote:hexstrike-ai ] volatility_analyze + 🟢 [remote:hexstrike-ai ] msfvenom_generate + 🟢 [remote:hexstrike-ai ] gdb_analyze + 🟢 [remote:hexstrike-ai ] radare2_analyze + 🟢 [remote:hexstrike-ai ] binwalk_analyze + 🟢 [remote:hexstrike-ai ] ropgadget_search + 🟢 [remote:hexstrike-ai ] checksec_analyze + 🟢 [remote:hexstrike-ai ] xxd_hexdump + 🟢 [remote:hexstrike-ai ] strings_extract + 🟢 [remote:hexstrike-ai ] objdump_analyze + 🟢 [remote:hexstrike-ai ] ghidra_analysis + 🟢 [remote:hexstrike-ai ] pwntools_exploit + 🟢 [remote:hexstrike-ai ] one_gadget_search + 🟢 [remote:hexstrike-ai ] libc_database_lookup + 🟢 [remote:hexstrike-ai ] gdb_peda_debug + 🟢 [remote:hexstrike-ai ] angr_symbolic_execution + 🟢 [remote:hexstrike-ai ] ropper_gadget_search + 🟢 [remote:hexstrike-ai ] pwninit_setup + 🟢 [remote:hexstrike-ai ] feroxbuster_scan + 🟢 [remote:hexstrike-ai ] dotdotpwn_scan + 🟢 [remote:hexstrike-ai ] xsser_scan + 🟢 [remote:hexstrike-ai ] wfuzz_scan + 🟢 [remote:hexstrike-ai ] dirsearch_scan + 🟢 [remote:hexstrike-ai ] katana_crawl + 🟢 [remote:hexstrike-ai ] gau_discovery + 🟢 [remote:hexstrike-ai ] waybackurls_discovery + 🟢 [remote:hexstrike-ai ] arjun_parameter_discovery + 🟢 [remote:hexstrike-ai ] paramspider_mining + 🟢 [remote:hexstrike-ai ] x8_parameter_discovery + 🟢 [remote:hexstrike-ai ] jaeles_vulnerability_scan + 🟢 [remote:hexstrike-ai ] dalfox_xss_scan + 🟢 [remote:hexstrike-ai ] httpx_probe + 🟢 [remote:hexstrike-ai ] anew_data_processing + 🟢 [remote:hexstrike-ai ] qsreplace_parameter_replacement + 🟢 [remote:hexstrike-ai ] uro_url_filtering + 🟢 [remote:hexstrike-ai ] ai_generate_payload + 🟢 [remote:hexstrike-ai ] ai_test_payload + 🟢 [remote:hexstrike-ai ] ai_generate_attack_suite + 🟢 [remote:hexstrike-ai ] api_fuzzer + 🟢 [remote:hexstrike-ai ] graphql_scanner + 🟢 [remote:hexstrike-ai ] jwt_analyzer + 🟢 [remote:hexstrike-ai ] api_schema_analyzer + 🟢 [remote:hexstrike-ai ] comprehensive_api_audit + 🟢 [remote:hexstrike-ai ] volatility3_analyze + 🟢 [remote:hexstrike-ai ] foremost_carving + 🟢 [remote:hexstrike-ai ] steghide_analysis + 🟢 [remote:hexstrike-ai ] exiftool_extract + 🟢 [remote:hexstrike-ai ] hashpump_attack + 🟢 [remote:hexstrike-ai ] hakrawler_crawl + 🟢 [remote:hexstrike-ai ] paramspider_discovery + 🟢 [remote:hexstrike-ai ] burpsuite_scan + 🟢 [remote:hexstrike-ai ] zap_scan + 🟢 [remote:hexstrike-ai ] arjun_scan + 🟢 [remote:hexstrike-ai ] wafw00f_scan + 🟢 [remote:hexstrike-ai ] fierce_scan + 🟢 [remote:hexstrike-ai ] dnsenum_scan + 🟢 [remote:hexstrike-ai ] autorecon_scan + 🟢 [remote:hexstrike-ai ] server_health + 🟢 [remote:hexstrike-ai ] get_cache_stats + 🟢 [remote:hexstrike-ai ] clear_cache + 🟢 [remote:hexstrike-ai ] get_telemetry + 🟢 [remote:hexstrike-ai ] list_active_processes + 🟢 [remote:hexstrike-ai ] get_process_status + 🟢 [remote:hexstrike-ai ] terminate_process + 🟢 [remote:hexstrike-ai ] pause_process + 🟢 [remote:hexstrike-ai ] resume_process + 🟢 [remote:hexstrike-ai ] get_process_dashboard + 🟢 [remote:hexstrike-ai ] execute_command + 🟢 [remote:hexstrike-ai ] monitor_cve_feeds + 🟢 [remote:hexstrike-ai ] generate_exploit_from_cve + 🟢 [remote:hexstrike-ai ] discover_attack_chains + 🟢 [remote:hexstrike-ai ] research_zero_day_opportunities + 🟢 [remote:hexstrike-ai ] correlate_threat_intelligence + 🟢 [remote:hexstrike-ai ] advanced_payload_generation + 🟢 [remote:hexstrike-ai ] vulnerability_intelligence_dashboard + 🟢 [remote:hexstrike-ai ] threat_hunting_assistant + 🟢 [remote:hexstrike-ai ] get_live_dashboard + 🟢 [remote:hexstrike-ai ] create_vulnerability_report + 🟢 [remote:hexstrike-ai ] format_tool_output_visual + 🟢 [remote:hexstrike-ai ] create_scan_summary + 🟢 [remote:hexstrike-ai ] display_system_metrics + 🟢 [remote:hexstrike-ai ] analyze_target_intelligence + 🟢 [remote:hexstrike-ai ] select_optimal_tools_ai + 🟢 [remote:hexstrike-ai ] optimize_tool_parameters_ai + 🟢 [remote:hexstrike-ai ] create_attack_chain_ai + 🟢 [remote:hexstrike-ai ] intelligent_smart_scan + 🟢 [remote:hexstrike-ai ] detect_technologies_ai + 🟢 [remote:hexstrike-ai ] ai_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] ai_vulnerability_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_reconnaissance_workflow + 🟢 [remote:hexstrike-ai ] bugbounty_vulnerability_hunting + 🟢 [remote:hexstrike-ai ] bugbounty_business_logic_testing + 🟢 [remote:hexstrike-ai ] bugbounty_osint_gathering + 🟢 [remote:hexstrike-ai ] bugbounty_file_upload_testing + 🟢 [remote:hexstrike-ai ] bugbounty_comprehensive_assessment + 🟢 [remote:hexstrike-ai ] bugbounty_authentication_bypass_testing + 🟢 [remote:hexstrike-ai ] http_framework_test + 🟢 [remote:hexstrike-ai ] browser_agent_inspect + 🟢 [remote:hexstrike-ai ] http_set_rules + 🟢 [remote:hexstrike-ai ] http_set_scope + 🟢 [remote:hexstrike-ai ] http_repeater + 🟢 [remote:hexstrike-ai ] http_intruder + 🟢 [remote:hexstrike-ai ] burpsuite_alternative_scan + 🟢 [remote:hexstrike-ai ] error_handling_statistics + 🟢 [remote:hexstrike-ai ] test_error_recovery +2026-04-13 16:12:42 [DEBUG ] agent.MCP.SkillClient │ 🔌 stdio 子进程已关闭 skill=hexstrike-ai +2026-04-13 16:12:42 [DEBUG ] agent.MCP.SkillClient │ 🔌 MCP Skill [hexstrike-ai] 已断开 +2026-04-13 16:12:42 [INFO ] agent.MCP.SkillRegistry │ 🔌 SkillRegistry 已关闭所有连接 +2026-04-13 16:12:50 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: calculator +2026-04-13 16:12:50 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: web_search +2026-04-13 16:12:50 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: file_reader +2026-04-13 16:12:50 [DEBUG ] agent.MCP.SkillRegistry │ 📌 注册本地工具: code_executor +2026-04-13 16:12:50 [INFO ] agent.MCP.SkillRegistry │ 🌐 开始连接在线 MCP Skills,数量=1 +2026-04-13 16:12:50 [INFO ] agent.MCP.SkillClient │ 🌐 连接在线 MCP Skill: [hexstrike-ai] + 传输协议: stdio + 地址 : python3 + 超时 : 300s + 重试 : 2 次 +2026-04-13 16:12:50 [INFO ] agent.MCP.SkillClient │ 🔌 stdio 启动子进程: python3 /Users/sontolau/Applications/hexstrike-ai/hexstrike_mcp.py --server http://localhost:8999 +2026-04-13 16:12:50 [INFO ] agent.MCP.SkillClient │ ✅ stdio 子进程已启动 PID=48433 diff --git a/mcp/skill_loader.py b/mcp/skill_loader.py new file mode 100644 index 0000000..5b9f647 --- /dev/null +++ b/mcp/skill_loader.py @@ -0,0 +1,82 @@ +import os +import json +import re +from typing import Any, Dict, List, Tuple +from utils.logger import get_logger +import yaml + +logger = get_logger("mcp.SkillLoader") + +class SkillLoader: + """加载和解析 SKILL.md 文件""" + + @staticmethod + def load_skills_from_directory(directory: str) -> Dict[str, Any]: + skills = {} + for skill_directory in os.listdir(directory): + skill_md = f"{skill_directory}/SKILL.md" + if not os.path.isfile(skill_md): + logger.warning(f"未在{skill_directory}发现SKILL.md文件") + continue + skill_name = os.path.basename(skill_directory) # 去掉 .md 后缀 + skill_info = SkillLoader.load_skill(skill_md) + if not skill_info: + continue + skills[skill_info['name']] = skill_info + return skills + + @staticmethod + def load_skill(filepath: str) -> Dict[str, Any]: + with open(filepath, 'r', encoding='utf-8') as f: + content = f.read() + + skill_info = SkillLoader.parse_skill(content) + return skill_info + + @staticmethod + def parse_md_frontmatter(content: str) -> Dict[str, Any]: + # 使用正则表达式提取 frontmatter 部分 + frontmatter_match = re.search(r'^---\n(.*?)\n---', content, re.DOTALL | re.MULTILINE) + if frontmatter_match: + frontmatter_content = frontmatter_match.group(1).strip() + # 使用 PyYAML 将 frontmatter 字符串解析为字典 + frontmatter_data = yaml.safe_load(frontmatter_content) + return frontmatter_data + else: + return {} + + @staticmethod + def parse_skill(content: str) -> Dict[str, Any]: + return SkillLoader.parse_md_frontmatter(content) + + lines = content.strip().splitlines() + skill_info = { + 'name': lines[0].replace('# ', '').strip(), + 'description': lines[1].replace('## Description\n', '').strip(), + 'parameters': {}, + 'example': None, + } + + # 解析参数 + param_section = False + for line in lines[2:]: + if line.startswith('## Parameters'): + param_section = True + continue + if param_section: + if line.startswith('## Example'): + break + if line.startswith('-'): + param_line = line[1:].strip().split(':') + if len(param_line) == 2: + param_name = param_line[0].strip() + param_desc = param_line[1].strip() + skill_info['parameters'][param_name] = param_desc + + # 解析示例 + if '## Example' in content: + example_start = content.index('## Example') + len('## Example\n') + example_json = content[example_start:].strip().split('\n```')[0].strip() + skill_info['example'] = json.loads(example_json) + + return skill_info diff --git a/mcp/skill_registry.py b/mcp/skill_registry.py index 256ca5f..3eb9043 100644 --- a/mcp/skill_registry.py +++ b/mcp/skill_registry.py @@ -15,6 +15,7 @@ from typing import Any from config.settings import settings from mcp.mcp_skill_client import MCPSkillClient, RemoteTool, ToolCallResult +from mcp.skill_loader import SkillLoader from utils.logger import get_logger logger = get_logger("MCP.SkillRegistry") @@ -81,6 +82,15 @@ class SkillRegistry: self._remote: dict[str, tuple[MCPSkillClient, RemoteTool]] = {} # 在线 Skill 客户端列表(用于生命周期管理) self._clients: list[MCPSkillClient] = [] + # 指定 SKILL.md 文件所在目录 + self.load_skills_from_md(settings.skills_directory) + + def load_skills_from_md(self, directory: str) -> None: + skills = SkillLoader.load_skills_from_directory(directory) + for skill_name, skill_info in skills.items(): + logger.info(f"📦 加载技能: {skill_name}") + # 将技能注册到远端工具表 + self._remote[skill_name] = skill_info # ── 注册本地工具 ──────────────────────────────────────────