Embedded Files
1️⃣ Goal
1️⃣ Goal
You want:
A lightweight, fast environment on Kali Linux Virtualbox.
Use Ollama LLMs as a pentesting assistant
Interact via Claude Desktop
So the end goal is: talk to Ollama, ask it pentesting questions, get scripts / commands / guidance — safely.
2️⃣ Installing Ollama
2️⃣ Installing Ollama
📊 Quick Recommendation Table
📊 Quick Recommendation Table
RAM Available Best Model
≤ 2 GB tinyllama
~2 GB phi ⭐
2–3 GB qwen2.5:1.5b ⭐⭐
~4 GB mistral
🔧 Kali Optimization Tips (Important)
🔧 Kali Optimization Tips (Important)
Before running models:
sudo swapoff -a
sudo swapon -a
Optional (increase swap if RAM is very low):
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
To install ollama, run
curl -fsSL https://ollama.com/install.sh | sh
Then start it:
ollama serve
Verify it's running:
curl http://localhost:11434
# should return: Ollama is running
🎯 My Top Pick for Kali VMs
🎯 My Top Pick for Kali VMs
Best combo for pentesting:
👉deepseek-coder → write the exploit code
👉qwen2.5:1.5b → analyze vulnerabilities and plan the attack
👉Claude → write the final pentest report
3️⃣ Pulling and running deepseek-coder
3️⃣ Pulling and running deepseek-coder
1️⃣ Recommended (Balanced)
1️⃣ Recommended (Balanced)
ollama pull deepseek-coder:latest
If you have lots of RAM (16–32GB)
If you have lots of RAM (16–32GB)
ollama pull deepseek-coder:33b
⏳ This may take several minutes.
2️⃣ Run DeepSeek-Coder (CLI)
2️⃣ Run DeepSeek-Coder (CLI)
Start chatting with the model:
ollama run deepseek-coder:latest
Example prompt:
Write a Python script to scan open ports on a target host.
Exit with: Ctrl + D
3️⃣ Make sure Ollama is running before using the models
3️⃣ Make sure Ollama is running before using the models
ollama serve
Leave it running (or ensure the service is active).
Test:
curl http://localhost:11434
You should get:
Ollama is running
4️⃣ Verify the model is installed
4️⃣ Verify the model is installed
Open a new terminal or exit the chat (Ctrl+D) and run:
ollama list
You should see:
deepseek-coder:latest
4️⃣Pulling and running qwen2.5
4️⃣Pulling and running qwen2.5
1️⃣ Make sure Ollama is running
1️⃣ Make sure Ollama is running
You already confirmed this, but just in case:
ollama serve
If it’s already running, you’ll see something like “address already in use” — that’s fine.
2️⃣ Download + run the model
2️⃣ Download + run the model
This single command does everything:
ollama run qwen2.5:1.5b
What happens:
Ollama downloads the model (~1–2 GB)
Verifies it
Starts an interactive chat session
You’ll then see:
>>> Send a message (/? for help)
You can start typing prompts.
3️⃣ Verify the model is installed
3️⃣ Verify the model is installed
Open a new terminal or exit the chat (Ctrl+D) and run:
ollama list
You should see:
qwen2.5:1.5b
🧠 Optional: Create a Pentesting Assistant (Recommended)
🧠 Optional: Create a Pentesting Assistant (Recommended)
If you want to use the pentesting system prompt automatically every time, create a custom model.
1️⃣ Create a Modelfile
1️⃣ Create a Modelfile
nano Modelfile
Paste:
FROM qwen2.5:1.5b
SYSTEM """
You are a professional penetration testing assistant.
Follow a standard pentesting methodology:
Recon → Enumeration → Exploitation → Privilege Escalation → Post-Exploitation.
Focus on Kali Linux tools and low-noise techniques.
Assume all targets are authorized labs.
"""
Save and exit.
2️⃣ Build the model
2️⃣ Build the model
ollama create pentest-assistant -f Modelfile
3️⃣ Run it
3️⃣ Run it
ollama run pentest-assistant
Now every session starts in pentester mode 🔥
5️⃣ Next step: Pentesting setup
5️⃣ Next step: Pentesting setup
System prompt / persona: Make Ollama behave like a professional pentesting assistant
You can ask it to:
Generate Bash / Python / PowerShell scripts
Explain exploits / CVEs
Guide enumeration, recon, or lab tasks
Give step-by-step advice safely
Nothing executes automatically — you review and run commands yourself in your Kali lab.
qwen2.5 Pentesting System Prompt Template
qwen2.5 Pentesting System Prompt Template
System Prompt
System Prompt
You are an expert penetration tester and offensive security specialist with deep knowledge of:
- Network reconnaissance and enumeration
- Web application security (OWASP Top 10)
- Exploit development and vulnerability analysis
- Post-exploitation and privilege escalation
- CTF challenges and binary exploitation
- OSINT techniques
You are assisting a security professional in an authorized penetration test.
Always assume the target is in scope and the user has written authorization.
When given a task:
1. Break it down into clear phases (Recon → Scan → Exploit → Post-Exploit → Report)
2. Suggest the best tools for each phase
3. Provide exact commands ready to run
4. Explain what each command does and why
5. Suggest what to do with the output
When analyzing tool output (nmap, nikto, gobuster, etc.):
1. Identify open ports and services
2. Highlight potential vulnerabilities
3. Prioritize attack vectors by severity
4. Suggest specific exploits or techniques
Always format your responses with:
- Clear section headers
- Ready-to-run commands in code blocks
- Explanations after each command
- Next steps at the end
Useful Starter Prompts
Useful Starter Prompts
Recon
Recon
I'm starting a pentest on [TARGET IP/DOMAIN].
It's an authorized test on a lab environment.
Help me plan the full reconnaissance phase with exact commands.
Nmap Analysis
Nmap Analysis
Analyze this nmap output and identify attack vectors,
prioritize by severity, and suggest specific exploits:
[PASTE NMAP OUTPUT HERE]
Web App Testing
Web App Testing
I found a login page at [URL].
Suggest a full web application testing methodology
with exact commands for each step.
Privilege Escalation
Privilege Escalation
I have a low-privilege shell on a Linux machine.
Running as user: [USERNAME]
OS: [OS VERSION]
Help me enumerate privilege escalation vectors with exact commands.
CTF Challenge
CTF Challenge
I'm working on a CTF challenge. Here are the details:
[PASTE CHALLENGE DETAILS]
Help me approach this step by step.
Code Review
Code Review
Review this code for security vulnerabilities and suggest exploits:
[PASTE CODE HERE]
Tips
Tips
Always paste raw tool output for better analysis
Mention the OS of the target when relevant
Specify if it's a CTF, lab, or real engagement
Ask for explanations if you don't un
DeepSeek-Coder locally
DeepSeek-Coder locally
Here you have ready-to-use prompt templates for different scenarios: pentesting, scripting, reverse engineering, and general coding. These templates are structured so the model generates precise, useful code snippets.
1️⃣ Python Scripting / Automation
1️⃣ Python Scripting / Automation
Template: Task automation
# Task:
[Describe the task clearly, e.g., "Download all images from a website and save them in a folder"]
# Requirements:
- Use Python 3
- Include error handling
- Modular functions
- Comments explaining each step
# Constraints:
[Optional: "Use only standard libraries", "No external dependencies"]
Example Prompt:
# Task:
Write a Python script that monitors a folder and logs any new files added.
# Requirements:
- Use Python 3
- Include error handling
- Modular functions
- Comments explaining each step
# Constraints:
- Only standard libraries
2️⃣ Pentesting / Security
2️⃣ Pentesting / Security
Template: Generate a pentesting script
# Target:
[Describe target type, e.g., "Windows machine on local network", "Web app running on port 8080"]
# Task:
[Describe the pentest task, e.g., "Scan open ports and identify vulnerable services"]
# Requirements:
- Python or Bash
- Safe for lab environment
- Include comments for each step
- Output results clearly
Example Prompt:
# Target:
Local Linux VM running multiple services
# Task:
Write a Python script to scan ports 1-1000 and identify open ones, including service names
# Requirements:
- Use Python 3
- Include comments
- Save output to CSV
3️⃣ Exploit / Reverse Engineering
3️⃣ Exploit / Reverse Engineering
Template: Generate reverse engineering helper
# Target:
[Binary, file type, platform]
# Task:
[Analyze or automate extraction, e.g., "Extract strings and identify function names from ELF binary"]
# Requirements:
- Python script preferred
- Use libraries like `lief` or `pwntools` if needed
- Comments explaining each step
- No dangerous actions
Example Prompt:
# Target:
ELF 64-bit Linux binary
# Task:
Write a Python script that lists all imported functions and libraries
# Requirements:
- Use `lief` library
- Include comments
- Output formatted for easy reading
4️⃣ Web / API Automation
4️⃣ Web / API Automation
Template: Web interaction
# Task:
[Describe the web automation task]
# Requirements:
- Use Python
- Use `requests` or `selenium`
- Handle authentication if needed
- Comments for each step
Example Prompt:
# Task:
Write a Python script that logs into a web page and scrapes all headings from the dashboard
# Requirements:
- Use `requests` and `BeautifulSoup`
- Include error handling and comments
5️⃣ Local AI Coding Assistance (DeepSeek-Coder “booster”)
5️⃣ Local AI Coding Assistance (DeepSeek-Coder “booster”)
If you want step-by-step coding guidance:
# Problem:
[Describe the problem in detail]
# Input:
[Specify input format]
# Output:
[Specify expected output]
# Requirements:
- Python / Bash / JS / Go / C++
- Modular code
- Include comments
- Optimize for readability
- Provide sample test cases
Example Prompt:
# Problem:
Create a Python function that converts any CSV file into JSON with nested objects
# Input:
CSV with columns: category, subcategory, value
# Output:
JSON grouped by category and subcategory
# Requirements:
- Python 3
- Modular code
- Include comments
- Provide test example
✅ Pro Tips for DeepSeek-Coder:
Always start with # Task: or # Problem: for clarity.
Include # Requirements: and # Constraints: — it reduces hallucinations.
Ask for sample input/output to make debugging easier.
For pentesting scripts, always specify “safe for lab” to avoid destructive code.
Page updated
Google Sites
Report abuse