claude-security-tools

SamTesura/claude-security-tools

3.2

If you are the rightful owner of claude-security-tools and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The Claude Security Tools project integrates professional security testing tools with Claude AI using the Model Context Protocol (MCP) on Windows 11, WSL 2, and Kali Linux.

Tools
5
Resources
0
Prompts
0

Claude Security Tools

License: MIT Platform Kali Linux

Run professional security testing tools (Nmap, Nikto, SQLmap, WPScan, and more) directly through Claude AI using MCP (Model Context Protocol) on Windows 11 + WSL 2 + Kali Linux.

āš ļø FOR EDUCATIONAL AND AUTHORIZED SECURITY TESTING ONLY

šŸŽÆ Overview

This project provides a fully-configured MCP server that integrates professional penetration testing tools with Claude AI. Chat with Claude to run security scans, enumerate systems, search for exploits, and more - all through natural language.

What is MCP?

Model Context Protocol (MCP) allows Claude to interact with external tools and systems. This server wraps security testing tools in an MCP interface, giving Claude the ability to run real pentesting commands on your behalf.

āœØ Features

šŸ› ļø Security Tools Included

  • Nmap - Network scanning and port discovery
  • Nikto - Web server vulnerability scanning
  • SQLmap - SQL injection detection and exploitation
  • WPScan - WordPress vulnerability scanner
  • Dirb - Web directory brute-forcing
  • Searchsploit - Exploit-DB search
  • Metasploit - Penetration testing framework
  • Hydra - Network password cracker
  • John the Ripper - Password hash cracker

šŸ”‘ Key Capabilities

āœ… Basic & Advanced Modes - Simple defaults for quick scans, full control for experts
āœ… Stealth Scanning - Low-noise, IDS-evasion techniques
āœ… Result Persistence - SQLite database + file storage
āœ… Safety Confirmations - Destructive tools require explicit confirmation
āœ… Input Sanitization - Protection against command injection
āœ… Full Privileges - Root access for all scan types
āœ… Formatted Output - Raw output + parsed structured data

šŸ“‹ Prerequisites

Required Software

  • Windows 11 (with virtualization enabled)
  • WSL 2 (Windows Subsystem for Linux 2)
  • Kali Linux (via Microsoft Store)
  • Docker Desktop for Windows (with WSL 2 backend)
  • Claude Desktop (with MCP support)

System Requirements

  • 8GB RAM minimum (16GB recommended)
  • 20GB free disk space
  • Admin privileges on Windows

šŸš€ Quick Start

1. Install WSL 2 + Kali Linux

From Windows PowerShell (Administrator):

# Enable WSL
wsl --install

# Restart computer when prompted

# Install Kali Linux
wsl --install -d kali-linux

# Verify installation
wsl -l -v

2. Install Docker Desktop

  1. Download Docker Desktop for Windows
  2. Install and enable WSL 2 backend
  3. Go to Settings ā†’ Resources ā†’ WSL Integration
  4. Enable integration with kali-linux
  5. Click Apply & Restart

3. Clone This Repository

From Kali Linux WSL:

# Open Kali WSL
wsl -d kali-linux

# Navigate to home directory
cd ~

# Clone the repository
git clone https://github.com/samtesura/claude-security-tools.git
cd claude-security-tools

# Make setup script executable
chmod +x setup.sh

4. Run Setup

# Run the automated setup script
./setup.sh

The setup script will:

  • āœ… Check Docker Desktop integration
  • āœ… Create necessary directories
  • āœ… Build the Kali Linux container (~10-15 minutes)
  • āœ… Configure environment variables
  • āœ… Start the MCP server
  • āœ… Verify installation

5. Configure Claude Desktop

Edit Claude Desktop config:

Windows path: %APPDATA%\Claude\claude_desktop_config.json

Add this to your MCP servers:

{
  "mcpServers": {
    "security-testing": {
      "command": "wsl",
      "args": [
        "-d",
        "kali-linux",
        "--exec",
        "docker",
        "exec",
        "-i",
        "mcp-security-server",
        "python3",
        "/root/mcp_security_server.py"
      ],
      "env": {
        "SCAN_DB_PATH": "/data/scans.db",
        "RESULTS_PATH": "/data/results"
      }
    }
  }
}

6. Restart Claude Desktop

  1. Completely close Claude Desktop
  2. Reopen Claude Desktop
  3. Check the šŸ”Œ icon - you should see "security-testing" connected

7. Start Scanning!

Ask Claude:

  • "Run an nmap scan on 192.168.1.1"
  • "Scan my network 192.168.1.0/24 for web servers"
  • "Check if example.com has any web vulnerabilities with Nikto"
  • "Search for WordPress exploits"

šŸ“– Documentation

  • - Detailed setup instructions
  • - Tool examples and best practices
  • - Common issues and solutions
  • - How to contribute

šŸŽ“ Usage Examples

Network Scanning

You: "Run a fast nmap scan on 192.168.1.0/24"
Claude: [Executes nmap -F -T2 192.168.1.0/24 and shows results]

Web Vulnerability Scanning

You: "Scan https://testsite.local for vulnerabilities"
Claude: [Runs Nikto scan and provides detailed findings]

WordPress Security Audit

You: "Check if wordpress-site.com has vulnerable plugins"
Claude: [Executes WPScan with enumeration and shows results]

Exploit Research

You: "Search for Apache 2.4.49 exploits"
Claude: [Queries Exploit-DB and shows available exploits]

šŸ”’ Security & Legal

āš ļø Legal Disclaimer

THIS TOOL IS FOR AUTHORIZED SECURITY TESTING AND EDUCATIONAL PURPOSES ONLY.

You must:

  • āœ… Only test systems you own or have explicit written permission to test
  • āœ… Comply with all applicable laws and regulations
  • āœ… Never use these tools for malicious purposes
  • āœ… Understand that unauthorized access to computer systems is illegal

The authors are not responsible for any misuse or damage caused by this software.

šŸ›”ļø Security Features

  • Input Sanitization - All inputs validated to prevent command injection
  • Confirmation Required - Destructive tools (SQLmap, Hydra) require explicit confirmation
  • Isolated Container - Tools run in Docker container with controlled privileges
  • Audit Trail - All scans logged to SQLite database

šŸ—‚ļø Project Structure

claude-security-tools/
ā”œā”€ā”€ mcp_security_server.py    # Main MCP server (Python + FastMCP)
ā”œā”€ā”€ Dockerfile                 # Kali Linux container definition
ā”œā”€ā”€ docker-compose.yml         # Container orchestration
ā”œā”€ā”€ setup.sh                   # Automated setup script
ā”œā”€ā”€ .env.template             # Environment variables template
ā”œā”€ā”€ LICENSE                    # MIT License
ā”œā”€ā”€ README.md                  # This file
ā”œā”€ā”€ data/                     # Persistent data (created by setup)
ā”‚   ā”œā”€ā”€ scans.db             # SQLite database
ā”‚   ā””ā”€ā”€ results/             # Scan output files
ā””ā”€ā”€ docs/                    # Documentation
    ā””ā”€ā”€ INSTALLATION.md      # Detailed installation guide

šŸ’¾ Data Management

Viewing Results

From WSL:

cd ~/claude-security-tools
ls -lh data/results/
cat data/results/nmap_*.txt

From Windows: Press Win+R, type: \\wsl$\kali-linux\home\<username>\claude-security-tools\data\results

Backup to Windows Desktop

cp -r data "/mnt/c/Users/<your-username>/Desktop/security-backup-$(date +%Y%m%d)"

šŸ¤ Contributing

Contributions are welcome! Please read for guidelines.

šŸ“œ License

This project is licensed under the MIT License - see the file for details.

šŸ™ Acknowledgments

Made with ā¤ļø for ethical hackers and security professionals

Remember: With great power comes great responsibility. Use these tools ethically and legally.