playbooks

home / mcp / mcp kali pentest server

MCP Kali Pentest Server

Autonomous AI-powered penetration testing on Kali with 80+ tools, reconnaissance, exploitation, and reporting.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "root1856-mcpkali": {
      "command": "python3",
      "args": [
        "/path/to/mcpkali/server.py"
      ],
      "env": {
        "PYTHONPATH": "/path/to/mcpkali"
      }
    }
  }
}

You can run an autonomous, AI-assisted penetration testing workflow powered by MCP Kali Pentest. It combines a Kali-based toolset with LM Studio to automate reconnaissance, vulnerability identification, and risk-aware exploitation, followed by professional reports. This server is designed to help you perform controlled, repeatable security assessments with AI-guided decision making and structured output.

How to use

You interact with the MCP Kali Pentest server through an MCP client. Start the local server, configure LM Studio, and then issue tool calls to begin autonomous or guided pentests. You can kick off targeted reconnaissance, run web and network scans, request AI-driven next steps, and generate formatted reports for stakeholders. Always review AI suggestions before executing actions, and ensure your engagement rules are defined and authorized.

How to install

# 1. Prepare a supported system
# Ensure you have Python 3.9+ and a Debian-based distro (Kali recommended)

# 2. Clone the MCP Kali Kali Pentest repository
git clone https://github.com/yourusername/mcpkali.git
cd mcpkali

# 3. Create and activate a Python virtual environment
python3 -m venv venv
source venv/bin/activate

# 4. Install Python dependencies
pip install -r requirements.txt

# 5. Set up LM Studio (follow the setup steps locally)
# - Download and install LM Studio
# - Load a model (e.g., Mistral 7B, Llama 2)
# - Start the local LM Studio server (verify at http://localhost:1234)

# 6. Configure the MCP Kali server
# Copy example config to a local working config and edit as needed
cp config.json config.local.json
nano config.local.json

# LM Studio settings example to insert in the config
# {
#   "lm_studio": {
#     "base_url": "http://localhost:1234/v1",
#     "model": "your-model-name"
#   }
# }

# 7. Create required directories for logs and reports
sudo mkdir -p /var/log/mcpkali
sudo mkdir -p /var/lib/mcpkali/{reports,sessions}
sudo chown -R $USER:$USER /var/log/mcpkali /var/lib/mcpkali

# 8. Run the MCP Kali server
python3 server.py

Additional configuration and notes

Security and operational settings are defined in the configuration. You should enable or disable tools, set engagement rules, and tune LM Studio behavior to control how AI decisions are made. Place any needed environment variables in the server startup context and ensure LM Studio endpoints and models are reachable from your network.

{
  "pentest": {
    "rules_of_engagement": {
      "allow_exploitation": false,
      "allow_post_exploitation": false,
      "max_brute_force_attempts": 100,
      "rate_limit": true
    }
  }
}

Troubleshooting

If you encounter issues connecting to LM Studio or starting the MCP server, check that the LM Studio server is running and the LM Studio API is reachable. Review the server logs for errors and verify file permissions for the MCP directories.

# LM Studio availability check
curl http://localhost:1234/v1/models

# Server logs check
tail -f /var/log/mcpkali/server.log

Safety and legal considerations

Always obtain explicit authorization before testing any system. Define clear rules of engagement, handle discovered data securely, and ensure compliance with local laws and regulations. Use isolated networks or VPNs for testing and maintain detailed logs of actions and findings.

Autonomous mode and usage notes

The MCP Kali Pentest server supports autonomous operation where AI helps plan and execute steps from reconnaissance to potential exploitation within authorized boundaries. You can control depth levels to limit actions, starting with reconnaissance and escalating only with proper authorization.

Glossary of actions and outputs

You will see actions such as scans, vulnerability assessments, AI-driven next-step recommendations, and generated reports in JSON, HTML, Markdown, or PDF formats. Executive summaries, risk assessments, remediation suggestions, and OWASP mapping are available in reports.

Available tools

start_autonomous_pentest

Initiates an autonomous pentest with AI-driven planning and execution within defined scope and engagement rules.

nmap_scan

Performs a network or host discovery scan using NMAP with configurable targets and scan types.

vulnerability_assessment

Runs web or network vulnerability scans and correlates findings for risk assessment.

get_ai_suggestion

Retrieves AI-driven next-step recommendations based on current session context.

generate_report

Creates a professional report in HTML, JSON, Markdown, or PDF format with executive summaries and remediation guidance.

nuclei

Runs automated vulnerability templates against web targets to detect common issues.

wpscan

Performs security testing of WordPress installations to identify known issues.

metasploit

Exploits and validates vulnerabilities using the Metasploit framework in a controlled manner.

mimikatz

Post-exploitation tool for credential dumping within authorized scopes.

gowphish

Facilitates social engineering simulations and phishing awareness tests.

mobSF

Mobile security analysis for Android/iOS apps and artifacts.

postman

API testing and automation using Postman/Newman APIs.

volatility

Memory forensics for incident response investigations.

ghidra

Reverse engineering of binaries for vulnerability discovery.

trivy

Container image and file system vulnerability scanning.

tcpdump

Network traffic capture for analysis.

wireshark

Packet analysis for network troubleshooting and security assessment.

ghidra

Reverse engineering suite for binary analysis.