playbooks

home / mcp / kali linux mcp server

Kali Linux MCP Server

Provides Kali tools via a Flask API and an MCP bridge to run security tests in authorized labs and training environments.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "i3t4an-kali_linux_mcp": {
      "url": "http://localhost:5000"
    }
  }
}

You can run Kali tools through a Flask API and bridge them to MCP clients, enabling automated or human-guided security testing in authorized labs, CTFs, or training environments. This setup provides an API surface for tools like nmap, gobuster, nikto, sqlmap, metasploit, hydra, john, wpscan, and enum4linux, and an MCP bridge to forward requests from MCP clients to that API.

How to use

Set up the MCP bridge to connect your MCP client to the Kali tool API, then issue tool commands through the MCP client to perform recon, web enumeration, vulnerability triage, or automated checks. The MCP bridge forwards your requests to the Flask API, which runs the requested Kali tools and returns results back to you.

How to install

Prerequisites you need on your system are Python 3, and the following Python packages: flask, requests, and mcp. You will also need a Kali Linux environment or a Linux system with the required Kali tools available in your PATH.

Additional configuration and notes

Run the API server first to expose the tool wrappers, then start the MCP bridge to enable MCP clients to communicate with the API.

Commands you will use directly are shown here for completeness, but you will typically interact through your MCP client once the bridge is running.

Troubleshooting

If the MCP bridge cannot connect to the API, verify that the API is listening on the expected port and that the bridge was started with the correct server URL. Check network access and ensure there are no firewall rules blocking localhost communication.

Security considerations

Only run this setup in authorized environments such as labs or CTFs. Do not expose the API to untrusted networks, and apply least-privilege practices for the tools you enable through the API.

Available tools

nmap_scan

Nmap port and service discovery wrapper to map open ports and identify services.

gobuster_scan

Gobuster web directory/file enumeration wrapper to discover hidden endpoints.

dirb_scan

Dirb wrapper for directory brute-forcing against websites.

nikto_scan

Nikto wrapper for web server vulnerability scanning.

sqlmap_scan

Sqlmap wrapper to test for SQL injection vulnerabilities.

metasploit_run

Metasploit wrapper to run exploitation or auxiliary modules.

hydra_attack

Hydra wrapper for credential brute-forcing against services.

john_crack

John the Ripper wrapper for password cracking tasks.

wpscan_analyze

WPScan wrapper for WordPress vulnerability and enumeration checks.

enum4linux_scan

Enum4linux wrapper for SMB/Windows enumeration.

execute_command

Execute arbitrary command through the MCP bridge.

check_health

Check the health/status of the API and wrappers.