Kali MCP Server

How to use

You interact with the server through an MCP client to list tools, inspect tool details, and execute tools with arguments. The server enforces a whitelist, sandboxing, and resource limits to keep executions isolated and auditable. Use the HTTP API for remote integrations or run the server locally for development and testing. Start by verifying health, then discover available tools, and finally execute a chosen tool with the desired arguments and a defined timeout.

How to install

Prerequisites you need before installation are Docker and Docker Compose for containerized runs, and Python 3.8+ if you plan to develop locally. You should also have Git installed to obtain the server source.

# Quick Start with Docker
# 1. Clone the repository
git clone https://github.com/your-org/kali-mcp-server.git
cd kali-mcp-server

# 2. Build and run with Docker Compose
docker-compose up -d

# 3. Verify the installation
curl http://localhost:5000/health
```} ,{

If you prefer a manual Docker build, you can build the image and run the container with the following commands. This sets timeouts and exposes the API endpoints so you can integrate with your tooling.

# Manual Docker Build
# 1. Build the Docker image
docker build -t kali-mcp-server .

# 2. Run the container
docker run -d \
  --name kali-mcp-server \
  -p 5000:5000 \
  -p 8000:8000 \
  -e MAX_TIMEOUT=300 \
  -e DEFAULT_TIMEOUT=60 \
  kali-mcp-server
```} ,{

For local development, you can set up dependencies and run the server directly in Python. This is useful when you want to modify the server or run quick tests without Docker.

# Local Development
# 1. Install dependencies
pip install -r requirements.txt

# 2. Run the server
python server.py
```}]} ,{

Additional sections

Configuration and security are essential for safe operation. You can tune timeouts, output limits, and sandboxing behavior via environment variables. The server is designed to validate inputs, sandbox tool executions, and log security events for auditing. If you plan to deploy in production, enable HTTPS with certificates and consider placing the server behind a reverse proxy for management and monitoring.

Security considerations include input validation, sandboxed tool execution, strict resource limits, and comprehensive audit logging. Do not expose the server to untrusted networks without proper authentication and authorization.

nmap

Network mapper that discovers hosts and services on a computer network.

gobuster

Directory/file brute-forcer for web content discovery.

dirb

Web content scanner for identifying directories and files.

wfuzz

Web application fuzzer for discovering vulnerabilities.

nikto

Web vulnerability scanner for identifying security issues.

hydra

Network login cracker for password brute-force testing.

john

Password cracker for offline and online password recovery.

hashcat

Advanced password recovery tool with GPU acceleration.

medusa

Parallel login brute-forcer for multiple protocols.

ncrack

Network authentication tool for brute-force testing.

sqlmap

SQL injection tool for testing database vulnerabilities.

cewl

Wordlist generator for customized password guessing.

aircrack-ng

Wireless security suite for testing Wi-Fi networks.

metasploit-framework

Penetration testing framework with exploitation modules.

enum4linux

SMB enumeration tool to enumerate Windows networks.

smbclient

SMB client for accessing Windows shares.

rpcclient

RPC client for interacting with remote services.

ldapsearch

LDAP search utility for querying directory services.

dig

DNS lookup utility for querying DNS records.

nslookup

DNS lookup utility for querying DNS records.

whois

WHOIS lookup utility for domain information.

traceroute

Network path tracing utility.

ping

Network connectivity test utility.

netstat

Network statistics utility.

ss

Socket statistics utility for monitoring connections.