https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/9c12e8a2-50f2-4460-bf4b-2448c1b61365_MadarsonITLogoAzure.png

Kali AI v2 — Autonomous Penetration Testing Platform

yayıncı: Madarson It, LLC

Self-hosted AI pentest platform. 7-tool pipeline, Claude AI analysis, PDF reports, email delivery, SQLi + WordPress scanning.

Kali-AI v2 is a self-hosted, AI-powered autonomous penetration testing platform built on Kali Linux. It orchestrates security tools, analyses findings with Claude AI, and generates white-label 10-section PDF reports — all from a single web interface with no manual effort from scan launch to output.

Designed for MSSPs, security teams, red teams, and penetration testers needing repeatable, automated assessments without SaaS pricing, data risk, or per-finding fees. Launch a scan and return to a completed AI-analysed report ready for stakeholders.


What Kali-AI v2 Does

On launch, Kali-AI v2 runs Nmap (port/service discovery), Nuclei (CVE/misconfig detection), Nikto (web analysis), WhatWeb (tech fingerprinting), Gobuster (directory enumeration), WPScan (WordPress scanning), and SQLMap (SQL injection detection). Findings are correlated, deduplicated, enriched with NIST NVD CVE data, and analysed by Claude to produce an executive summary, risk rating, attack path analysis, prioritised remediation plan, and compliance observations. Reports are delivered as white-label PDFs covering 10 sections including cover page, contents, risk overview, findings with CVSS scores, attack paths, and NIST, PCI-DSS, ISO 27001 gap notes.


Platform Features
  • White-Label Reports: Custom company name/logo on PDFs for branded delivery.
  • Security Score Dashboard: Real-time score (0-100, A-F), risk gauge, severity breakdown, findings-by-tool chart, and 7-day timeline. Updates as issues are resolved.
  • Email Delivery: Scan completion alerts with summary and PDF delivery.
  • Scheduled Scans: Cron-based scans (Full, Quick, Web, Network) with up to 20 targets per batch.
  • MSSP Workflow: Client name and project tags for multi-client reporting.
  • Attack Path Visualisation: D3 graph showing vulnerability chains.
  • Scan Delta: Shows new, resolved, and persistent findings.
  • Remediation Tracker: Assign findings, set due dates, track status, add notes, export CSV.
  • Security Copilot: AI assistant for risk and remediation queries.
  • RBAC: Admin, analyst, auditor roles with JWT auth.
  • Integrations: Slack/Teams webhooks, ECS JSON export, REST API.
  • First-Boot Setup: No default passwords; credentials set on first access.

Use Cases
  • MSSPs delivering white-label scans with client-ready reports
  • Enterprise teams running continuous assessments
  • Penetration testers accelerating recon and reporting
  • Red teams mapping attack paths and chained exploitation
  • WordPress owners needing CMS-specific assessment
  • Compliance programs requiring NIST, PCI-DSS, ISO 27001 gap notes
  • Bug bounty research with AI-assisted triage
  • Security labs, training, DevSecOps via API

Quick Start
  1. Deploy VM and open port 80.
  2. Browse to http://your-vm-ip/.
  3. Create admin account (min. 12-char password).
  4. Add Anthropic API key in Settings.
  5. Launch scan (e.g., scanme.nmap.org).
  6. View report in Reports.

Configuration

Managed via /opt/kali-ai/.env. Restart with sudo systemctl restart kali-ai.

  • ANTHROPIC_API_KEY — Required for Claude
  • APP_SECRET_KEY — JWT secret
  • SMTP_HOST / SMTP_USER / SMTP_PASSWORD / SMTP_TO — Email
  • REPORT_COMPANY_NAME / REPORT_COMPANY_LOGO — Branding
  • DISPLAY_TIMEZONE — Timezone
  • SLACK_WEBHOOK_URL / TEAMS_WEBHOOK_URL — Optional

Docs at /opt/kali-ai/README.md.


Why Madarson IT?
  • ✓ Azure Marketplace certified
  • ✓ No default passwords or hidden data egress
  • ✓ All data stored locally; uses your API key
  • ✓ Support: info@madarsonit.com

Responsible Use & Disclaimer

For authorised testing only. Users must comply with laws. Kali Linux is a trademark of Offensive Security. Claude is a third-party service requiring a user-provided API key. WPScan commercial use requires a WPScan licence. Madarson IT does not provide licenses for included open-source tools.

Contact: Enterprise offers, MSSP arrangements, white-label setups, and custom configs: info@madarsonit.com

Bir bakışta

https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/a30a3009-6f16-437d-9552-d34744e61976_trailer.png
/staticstorage/20260315.2/assets/videoOverlay_62a424ca921ff733.png
https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/50a0c7bc-a32a-4c6f-a5ca-38b0a4f3f992_kaliclaudedashv2.png
https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/700aa280-86fc-4530-a67a-3c4b39350835_kaliaiseccopilot.png
https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/d3208537-59a2-463f-ae72-ddeee92b19b5_kaliaiclaudev2scan1.png
https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/836c96bf-d2b5-48b0-a7e9-df2a0513e063_kaliaiclaudev2email2.png
https://catalogartifact.azureedge.net/publicartifacts/madarsonitllc1614702968211.kali_ai_claude_v2-05c575d5-d39a-419c-83a5-251294ed084b/7ccc426f-7f7d-49f0-9a5d-094077870d84_kaliclauderemediationtab.png