hexstrike_ai
HexStrike AI is described in the provided content as an open-source MCP server, now packaged in Kali Linux, that enables an AI agent to autonomously drive more than 150 offensive security tools. In Zenity’s March 2026 observations, an operator pointed a desktop LLM client at an exposed Ollama instance and sent the full HexStrike AI toolset to the backend, apparently using the exposed inference service as anonymous compute for offensive AI operations rather than exploiting a software vulnerability. The observed HexStrike AI request defined roughly 150 tools under the mcp__hexstrike__ namespace, including capabilities associated with nmap, nuclei, sqlmap, Metasploit, hydra, kube-hunter, prowler, pacu, file creation and modification, payload generation, and arbitrary Python execution. Before sending the full toolset, the same source enumerated the server’s installed models. Zenity assessed this activity as staging or capability testing rather than a live operation against a named target. The broader reporting groups HexStrike AI with autonomous penetration-testing frameworks observed abusing exposed Ollama and LiteLLM endpoints that lacked authentication or were weakly protected. No additional aliases or sub-groups are directly supported by the content.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Autonomous penetration testing framework observed being staged through an exposed Ollama instance, with its offensive toolset sent to the hijacked backend for potential future attack operations.
An offensive AI framework used via a hijacked exposed Ollama backend to stage autonomous use of a large arsenal of security tools. In this case the operator appeared to be setting up and testing the backend rather than assigning a live target.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.