{"id":"x42en-sysplant","name":"sysplant","homepage":"https://x42en.github.io/sysplant/","repo_url":"https://github.com/x42en/sysplant","category":"devtools","subcategories":[],"tags":["ai","mcp-server","code-generation","python","nim","c","rust","windows","syscalls","security-research","hacking","offensive-tools"],"what_it_does":"SysPlant is a code-generation tool that produces syscall invocation/stub code for Windows from multiple “iterator” methods (e.g., Hell’s Gate, Halos’ Gate, SysWhispers variants, Canterlot’s Gate). It can generate code in several languages (Python module/CLI producing Nim/C/C++/Rust outputs) and also includes a built-in MCP server to let AI coding assistants generate syscall code via chat.","use_cases":["Generate Windows syscall stubs/code using different syscall discovery/iterator techniques","Create direct/indirect/random/egg-hunter syscall call patterns from a CLI","Use an MCP server interface to generate syscall code from an AI assistant"],"not_for":["Production malware/Evasion use","Environments without authorization to perform low-level system instrumentation or code execution","Systems where generating or executing such stubs is disallowed by policy/compliance"],"best_when":"You need offline code generation for educational or authorized pentesting/research workflows, and you want an agent-friendly interface (MCP) to produce syscall-related templates.","avoid_when":"You cannot guarantee the target environment and use are authorized; or you need a general-purpose, security-hardening-focused API (this tool is explicitly about syscall retrieval/invocation techniques).","alternatives":["SysWhispers2/3 (single-purpose syscall wrapper generators)","Direct/indirect syscall research implementations from the referenced projects/blogs","Other code generators focused on legitimate Windows APIs rather than syscalls"],"af_score":57.5,"security_score":37.8,"reliability_score":31.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:43:56.906130+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No explicit auth mechanism is described for the CLI/MCP server in the provided materials."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing model is described (project appears to be an open-source tool)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":57.5,"security_score":37.8,"reliability_score":31.2,"mcp_server_quality":70.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":20.0,"scope_granularity":0.0,"dependency_hygiene":45.0,"secret_handling":70.0,"security_notes":"Security posture is difficult to assess from the provided README/manifest. No authentication/authz is described for the MCP/CLI, which can be risky when exposed beyond localhost. The project is explicitly intended for syscall retrieval/invocation techniques associated with offensive tradecraft; use should be restricted to authorized, permitted environments. TLS enforcement is unclear (SSE/HTTP transport mentioned without explicit TLS details). Secret handling cannot be validated from the provided excerpts.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":40.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"Generation is likely deterministic for given inputs, but no explicit idempotency guarantees are stated.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tooling generates security-sensitive low-level code; agents should avoid using it in unauthorized contexts.","The README indicates WIP and some platform support gaps (x86/WoW64 TODO), so generated output may be incomplete for those architectures.","MCP usage details exist, but specific MCP tool schemas/transport behaviors are not shown in the provided excerpts."]}}