Discover a New Way to Scan Networks with Kali's Latest Tool
The latest update of Kali Linux, version 2025.3, has introduced an interesting tool called llm-tools-nmap. This tool merges the power of artificial intelligence with cybersecurity for enhanced network scanning capabilities. It acts as an experimental plugin that connects Simon Willison’s command-line Large Language Model (LLM) to Nmap, a widely recognized security scanner. This integration allows users to carry out network discovery and security audits using natural language commands.
Alongside llm-tools-nmap, the Kali Linux update features other tools like gemini-cli. The plugin translates user commands into actions that Nmap can execute, making it easier for both security professionals and system administrators to perform various scanning tasks. This feature significantly optimizes how users can engage with Nmap, allowing them to focus on interpreting the results instead of worrying about command syntax.
The llm-tools-nmap plugin is equipped with several functionalities that cover essential network scanning tasks. It identifies local network details and helps suggest optimal scan ranges. Users can perform quick scans for common ports, targeted scans of specific port ranges, or even ping scans to find active hosts. On a more advanced level, the tool can detect services running on open ports and recognize the operating systems of target systems, enhancing the details available for evaluating security vulnerabilities.
For those interested in using the plugin, there are a few prerequisites. First, Python 3.7 or higher must be installed, along with Simon Willison’s LLM tool. Most importantly, a functional Nmap installation is necessary, easily set up using commands like sudo apt-get install nmap for Debian/Ubuntu users, or brew install nmap for macOS. The features of llm-tools-nmap can be accessed via the command line with the –functions flag.
Several command options are available, allowing for versatile scanning techniques. Users can quickly initiate a generic scan, perform a fast scan of common ports, or run more extensive service and OS detection tasks. For example, one might start a scan with the command llm –functions llm-tools-nmap.py “scan my network for open databases.”
While the automation features are powerful, developers caution that granting an LLM access to security tools comes with risks. Users should always have explicit permission to scan target networks and must adhere to their workplace security guidelines. Additionally, certain scanning features may require administrator privileges to function correctly, underscoring the need for careful operational oversight.
“Content generated using AI”
We create intelligent software and AI-driven solutions to automate workflows, modernize legacy systems, and sharpen your competitive edge.