Releases: FunnyWolf/Viper
3.1.11 Skill is all you need
优化
- 更新MCP服务器,压缩docstring,占用更少上下文,修复BUG MCP服务器
新功能
- 新增 Claude Code Plugin,通过Claude Code插件市场安装后,可以在Claude Code中使用Viper的MCP Tools,实现无缝衔接的AI辅助红队操作.
开发者笔记
Claude 提出的 MCP 和 Skill 的两个核心概念,在Viper中得到了很好的实现.通过MCP服务器,我们将Viper的功能以API的形式暴露出来,而Skill则是对这些功能的封装和组合,使得用户可以更高效地使用这些功能.
使用Viper进行内网渗透,或者说使用任何工具进行内网渗透,都是有"套路"的,但是这个"套路"更多的是在思维层面上的,而不是在具体的操作步骤上.
每个内网环境都是独特的,需要根据实际情况进行调整和适应. 而Viper的Skill则是对这些"套路"的一种抽象和封装,使得用户可以更高效地使用这些"套路",而不需要关心具体的操作细节.
而所有的这些动作动作基本都需要 Session 这个桥梁在内网主机中执行,所以将 Session 的功能都通过MCP开放出来让 skill 可以调用,是 AI 驱动内网渗透的基础.
未来我们还会继续增加更多的 MCP API,让 Skill 可以调用更多的功能,从而实现更加强大和智能的内网渗透能力.
Improvements
- Updated the MCP Server, compressed docstrings to use less context, and fixed bugs.
New Features
- Added the Claude Code Plugin. After installing it from the Claude Code plugin marketplace, you can use Viper MCP tools directly inside Claude Code for seamless AI-assisted red team operations.
Developer Notes
The two core concepts introduced by Claude — MCP and Skill — are implemented very well in Viper. Through the MCP server, we expose Viper capabilities as APIs, while Skills package and combine those capabilities so users can work with them more efficiently.
Using Viper for internal network penetration testing — or using any tool for that purpose — always involves certain common patterns. But those patterns mainly exist at the level of thinking and strategy, rather than as fixed operational steps.
Every internal environment is unique, so you need to adapt based on the actual situation. Viper Skills abstract and package these patterns so users can apply them more efficiently without focusing on low-level operational details.
Nearly all of these actions require a Session as the bridge for execution on internal hosts, so exposing Session capabilities through MCP for Skills to call is the foundation of AI-driven internal network penetration testing.
In the future, we will continue adding more MCP APIs so Skills can call more capabilities and deliver stronger, smarter internal network penetration testing workflows.
3.1.10 - Happy New Year
3.1.10 新年快乐
优化
- 更新metasploit-framework至最新版本(6.4.109)
- 使用官方rex-core/socket库替代自定义socket实现
开发者笔记
新年新气象,下个版本会在春节后发布.
3.1.10 Happy New Year
Optimizations
-
Updated Metasploit Framework to the latest version (6.4.109)
-
Used the official rex-core/socket library instead of a custom socket implementation
Developer Notes
New Year, new look! The next version will be released after the Spring Festival.
3.1.9 - Let's Summarize
The new version has update AI Agent Summary function and meterpreter stdapi plugin
3.1.8 New Start To Fly
3.1.7 - Python Is All You Need
The new version has added multiple Kit suite modules, optimized intelligent agent prompt, and added command center functionality
3.1.6 - Awareness Training Agent and Analysis Agent
The new version adds two LLM Agent-related features - Awareness Training Agent and Analysis Agent.
3.1.5 - GitHub Issues Week
Penetration testing agent optimized prompts and added summary functionality, added Bark message push feature, refactored anti-detection modules, adjusted license functionality to avoid impact due to network issues or outdated licenses, and numerous UI/UX improvements
3.1.4 - Happy International Workers' Day
3.1.3 - It's Not a Bug, It's a Feature !
This version mainly focuses on documentation updates and bug fixes feature optimizations 😅.
Of course, we managed to sneak in a couple of new features during our breaks.
Oh, and we tweaked the AI functionality a bit too.
3.1.2 - Pentest Agent and MCP Server
Introduction
As the industry's first red team platform to integrate LLM agents, the new version adds two LLM Agent-related features: Penetration Testing Agent and MCP Server.
More LLM and Agent capabilities will be added to Viper in subsequent updates.
Why can't the Agent help me write all these documents yet!!!
Pentest Agent
Due to current limitations in LLM and engineering, a fully automated Agent is not ideal.
However, it is entirely feasible for an Agent to help penetration testing engineers input complex tool parameters, analyze tool results, and provide next-step penetration plans.
| Feature | pentestgpt.ai | viper pentest agent |
|---|---|---|
| Runtime Environment | Cloud Sandbox | Local Environment ✅ |
| Tool Runtime | Limited to 5 minutes | Unlimited ✅ |
| Usage Frequency | Free version: 2/day | Free version: Unlimited ✅ |
| Available Tools | Free version: Limited tools | Free version: All tools ✅ |
| Model Selection | GPT-4 only | Any model supported ✅ |
MCP Server
If there's anything hottest in the current generative AI field, it would be MCP.
The new version of Viper includes an independently running MCP server. Please refer to the documentation for usage instructions and the list of supported tools.
Bug Fixes
- Fixed issues with Session file upload/download/process operations
- Default certificates and test Python/PowerShell scripts are now available
- Fixed an issue where the agent module returned an exception issus
Optimizations
- Host tags and notes are now integrated
- Agent tool invocation and tool results are displayed in JSON format
- Nuclei default configuration UI
Generate PE/ELFhas been modified to native exe and elf payloads, with source code compiled versions available via module generation- Linux now checks if a folder is empty before deletion
- Optimized some UI interfaces and cleaned up deprecated frontend components.