playbooks

home / mcp / kali linux security tools mcp server

Kali Linux Security Tools MCP Server

Provides access to 30+ Kali Linux security tools via Claude Desktop for educational and authorized testing in a controlled environment.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "jesseeikeland-kali-linux-mcp": {
      "command": "docker",
      "args": [
        "compose",
        "-f",
        "/Users/jesse/MCP/kali/docker-compose.yml",
        "run",
        "--rm",
        "kali-mcp-server"
      ]
    }
  }
}

This MCP Server provides access to a curated set of Kali Linux security tools through Claude Desktop, enabling you to run 30+ tools from a single, containerized environment. It helps you practice ethical security testing in a controlled setup and accelerates learning by providing quick, command-based access to widely used tooling.

How to use

You interact with the exact same set of tools you would expect to find in a Kali-based workflow, but through Claude Desktop. Start the local MCP server, then configure Claude Desktop to run the server commands. In Claude Desktop you will see an MCP toolset indicator that shows the available tools. Use the tools by issuing natural prompts that begin with the tool name, followed by your target and any required parameters.

How to install

Prerequisites you need to meet before starting are: docker desktop installed, Claude Desktop installed, at least 8 GB RAM, and 20 GB free disk space.

# 1. Clone the MCP Kali repository to your home directory
cd ~/MCP/kali
git clone https://github.com/JesseEikeland/kali-linux-mcp.git .

# 2. Create an output directory for analysis results
mkdir output

# 3. Build the Docker container with the Kali MCP server and tools
docker-compose build

# 4. Start the MCP server to run in the foreground for testing
docker-compose up
```} ,{

Configure Claude Desktop

{
  "mcpServers": {
    "kali-security-tools": {
      "command": "docker",
      "args": [
        "compose",
        "-f",
        "/Users/jesse/MCP/kali/docker-compose.yml",
        "run",
        "--rm",
        "kali-mcp-server"
      ]
    }
  }
}

Restart Claude Desktop and verify

Quit Claude Desktop completely, then relaunch it to apply the new MCP server configuration.

In Claude Desktop, start a new conversation and look for the MCP tools indicator. You should see 30+ security tools available.

Test a tool

Open Claude Desktop and try a sample prompt such as using the exploit search facility by calling a tool like searchsploit_search with a keyword. This confirms the integration and tool availability.

Available tools

nmap_scan

Port scanning and service detection to map open ports and identify running services.

masscan_scan

High-speed port scanning to quickly enumerate open ports.

netdiscover_scan

Network host discovery to identify active devices on the local network.

nikto_scan

Web server vulnerability scanning to detect common issues in web applications.

sqlmap_scan

SQL injection testing to identify and exploit SQL injection vulnerabilities.

wpscan_scan

WordPress security testing to enumerate vulnerabilities and misconfigurations.

dirb_scan

Directory brute forcing to discover hidden endpoints and files.

gobuster_scan

Fast directory and DNS brute forcing to uncover resources.

whatweb_scan

Web technology identification to determine server technologies.

wafw00f_scan

WAF detection to assess web application firewalls.

commix_scan

Command injection testing to identify exploitable command injections.

sslscan_test

SSL/TLS configuration testing to assess secure configurations.

testssl_test

Comprehensive SSL/TLS testing to evaluate cryptographic settings.

dnsenum_scan

DNS enumeration to discover domain-related information.

dnsrecon_scan

DNS reconnaissance to map DNS records and subdomains.

fierce_scan

DNS and subdomain enumeration for broader visibility.

john_crack

Password hash cracking to test password strength and policy adherence.

hydra_crack

Login brute forcing against services to assess authentication resilience.

crunch_generate

Custom wordlist generation for targeted password attacks.

searchsploit_search

Exploit database search to find known vulnerabilities and exploits.

msfconsole_search

Metasploit module search to identify available exploitation options.

whois_lookup

Domain WHOIS information retrieval for ownership and registration details.

theharvester_search

Email and subdomain harvesting for information gathering.

smtp_user_enum

SMTP user enumeration to assess user exposure on mail servers.

aircrack_info

Wireless interface information for wireless testing readiness.

lynis_audit

System security auditing to evaluate configuration and compliance.

exiftool_analyze

File metadata extraction to reveal embedded information.

binwalk_analyze

Embedded file analysis to inspect firmware and payloads.

netcat_connect

TCP/UDP connection testing for quick network service checks.