MCP.so
Sign In

Kali MCP Server

@cyberillo

About Kali MCP Server

A Python MCP Server that connects Large Language Models natively to a comprehensive suite of offensive security tools.

Basic information

Category

Other

Transports

stdio

Publisher

cyberillo

Submitted by

Cyberillo

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "kali-tools": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "kali-mcp-server"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Kali MCP Server?

The Kali MCP Server is a specialized Model Context Protocol (MCP) implementation that connects Large Language Models (LLMs) natively to a comprehensive suite of offensive security, reconnaissance, and enumeration tools. Powered by the FastMCP Python SDK, it translates natural language requests into safe, encapsulated command-line executions of standard Kali Linux utilities, returning structured output and error logs to the LLM's context window.

How to use Kali MCP Server?

The recommended method is Docker Execution: pull cyberillo/kali-mcp-server:latest from Docker Hub and run interactively with docker run -i --rm kali-mcp-server. Configure it in your MCP client (e.g., Claude Desktop, GitHub Copilot/Cursor) using the stdio transport. Alternatively, clone the repository, set up a Python virtual environment on a Kali Linux host, install the mcp SDK (pip install mcp), ensure required tools are in PATH, and run python3 kali-mcp-server.py.

Key features of Kali MCP Server

  • Exposes 21 specialized tools across Recon, Scanning, Web Security, Cracking, and Exploitation categories.
  • Automated Docker containerization with full Kali rolling base image and pre-installed tools.
  • Builds on the official MCP Python SDK for robust JSON-RPC communication.
  • Uses stdio transport for direct compatibility with AI IDEs and desktop clients.
  • Includes wordlist rockyou.txt automatically extracted within the Docker image.
  • Built-in command timeouts (default 300 seconds, extended for heavier tools) to prevent blocking.

Use cases of Kali MCP Server

  • Autonomous penetration testing: run WHOIS, DNS enumeration, port scanning, and vulnerability detection from natural language prompts.
  • Web application security assessment: perform SQL injection, directory brute-forcing, CMS scanning, and parameter fuzzing.
  • Password security auditing: use Hydra, John the Ripper, and Hashcat to test credential strength.
  • Exploitation assistance: search Exploit Database, capture network packets with tcpdump, and execute Metasploit Framework modules.
  • Integrated recon in CI/CD or security workflows: feed results back to an LLM for analysis and reporting.

FAQ from Kali MCP Server

What tools are included in the Kali MCP Server?

The server exposes 21 tools: whois_lookup, dnsenum_scan, whatweb_scan, amass_enum, netdiscover_scan, nmap_scan, enum4linux_scan, smbclient_list, nikto_scan, gobuster_dir, dirb_scan, ffuf_scan, wfuzz_scan, sqlmap_scan, wpscan_enum, hydra_bruteforce, john_crack, hashcat_crack, searchsploit_query, tcpdump_sniff, and metasploit_exploit.

What are the prerequisites to run Kali MCP Server?

For Docker (recommended), you need Docker Engine installed and running on Windows, macOS, or Linux. For local execution, you need Kali Linux (or a Linux distro with the required tools in PATH), Python 3.10+, and the mcp Python SDK. Some tools like tcpdump require root privileges locally.

How does the Docker setup work?

The server builds on the kalilinux/kali-rolling base image. It updates the system, installs tools (e.g., nmap, sqlmap, metasploit-framework, gobuster, hydra, john), extracts rockyou.txt, and installs the mcp SDK globally using --break-system-packages. The container runs with DEBIAN_FRONTEND=noninteractive for automated builds.

Are there any timeouts or security limitations?

Yes, the run_cmd function has a default timeout of 300 seconds (extended to 600+ for heavier tools like Nikto or Metasploit). Tools like tcpdump and netdiscover inside Docker may require elevated privileges (--privileged or --cap-add), which is discouraged for general use.

What MCP transport does the server use?

The server uses standardized stdio transport for JSON-RPC communication. This bypasses complex network configuration and ensures out-of-the-box compatibility with AI IDEs (Cursor, VS Code) and desktop clients (Claude Desktop).

Comments

More Other MCP servers