kiddulu916/kali-mcp-server
If you are the rightful owner of kali-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
A Model Context Protocol (MCP) server that provides secure access to penetration testing and security assessment tools through a Docker-containerized Kali Linux environment.
Kali Linux MCP Server
A Model Context Protocol (MCP) server that provides secure access to penetration testing and security assessment tools through a Docker-containerized Kali Linux environment.
⚠️ CRITICAL SECURITY WARNING
This server provides access to powerful security testing tools. You MUST:
- Only use on systems you own or have explicit written permission to test
- Never use against production systems without authorization
- Understand that unauthorized security testing is illegal in most jurisdictions
- Keep this server secured and never expose it to untrusted networks
- Use only for educational purposes and authorized security assessments
Purpose
This MCP server enables AI assistants like Claude to perform web penetration testing and security assessments in controlled, authorized environments. All tools run inside a secure Docker container with input sanitization and non-root execution.
Features
Current Implementation
nmap_scan- Network scanning and service detectionffuf_scan- Web application fuzzing and directory discoveryamass_enum- Comprehensive subdomain enumerationsearchsploit_search- Exploit database searchessublist3r_enum- Subdomain enumeration via multiple sourcesassetfinder_scan- Asset and subdomain discoverygau_links- URL discovery from archive sourcessubfinder_scan- Fast subdomain discoveryhttpx_probe- HTTP service probing and validationnuclei_scan- Automated vulnerability scanning with templateskatana_crawl- Next-generation web crawlingdnsx_resolve- Fast DNS resolution and enumerationnaabu_portscan- High-speed port scanningsqlmap_test- SQL injection vulnerability testingnikto_scan- Web server vulnerability scanningdirb_scan- Directory and file brute-forcingwpscan_check- WordPress security assessmentnetcat_connect- Network connectivity testingwhois_lookup- Domain registration informationcewl_wordlist- Custom wordlist generation from websitesgospider_crawl- Fast web spidering and crawling
Prerequisites
- Docker Desktop with MCP Toolkit enabled
- Docker MCP CLI plugin (
docker mcpcommand) - Basic understanding of penetration testing concepts
- Legal authorization for any testing performed
Installation
See the detailed step-by-step instructions in Section 2 below.
Usage Examples
In Claude Desktop, you can ask:
Reconnaissance
- "Scan example.local with nmap to find open ports"
- "Enumerate subdomains for testdomain.local using subfinder"
- "Perform a WHOIS lookup on testdomain.local"
- "Find assets related to testdomain.local"
Web Application Testing
- "Use ffuf to discover directories on http://testapp.local"
- "Scan http://testapp.local with Nikto for vulnerabilities"
- "Crawl http://testapp.local with Katana to depth 3"
- "Check http://testapp.local for SQL injection with sqlmap"
Security Assessment
- "Run Nuclei vulnerability scan on http://testapp.local"
- "Test WordPress site at http://wpsite.local with WPScan"
- "Search for Apache exploits using searchsploit"
- "Generate a custom wordlist from http://testapp.local using CeWL"
Network Analysis
- "Use Naabu to scan ports on testserver.local"
- "Test connectivity to testserver.local port 443 with netcat"
- "Resolve DNS records for testdomain.local with DNSx"