Yash-Pandey007/kali-pentest-mcp-server
If you are the rightful owner of kali-pentest-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
A Model Context Protocol (MCP) server that provides controlled access to penetration testing tools from Kali Linux for authorized security testing in private lab environments.
Kali Pentest MCP Server
A Model Context Protocol (MCP) server that provides controlled access to penetration testing tools from Kali Linux for authorized security testing in private lab environments.
⚠️ LEGAL DISCLAIMER
IMPORTANT: This tool is designed for AUTHORIZED PENETRATION TESTING ONLY in private lab environments or systems you own. Unauthorized scanning or testing of systems you do not own is ILLEGAL and UNETHICAL. Always ensure you have explicit written permission before testing any system.
Purpose
This MCP server provides a secure interface for AI assistants to perform authorized penetration testing tasks in controlled environments, primarily for:
- Security assessments of your own infrastructure
- Educational purposes in isolated lab environments
- Authorized penetration testing with proper documentation
Features
Current Implementation
nmap_scan- Network discovery and port scanning with multiple scan typesnikto_scan- Web server vulnerability scanning with authentication supportdirb_scan- Directory and file brute-forcing with multiple wordlistswpscan_check- WordPress vulnerability scanning and enumerationsql_injection_test- SQL injection vulnerability testing at various levelssearchsploit_query- Search for known exploits in the Exploit Databasegenerate_report- Create formatted penetration test reports
Security Features
- Target Validation: Only allows scanning of whitelisted targets or private IP ranges
- Input Sanitization: Prevents command injection attacks
- Non-root Execution: Runs as unprivileged user with specific capabilities
- Timeout Controls: Prevents resource exhaustion from long-running scans
- Containerized Environment: Isolated from host system
Prerequisites
- Docker Desktop with MCP Toolkit enabled
- Docker MCP CLI plugin (
docker mcpcommand) - Understanding of penetration testing ethics and legality
- Written authorization for any targets outside your own infrastructure
Installation
See the step-by-step instructions provided with the files.
Configuration
Environment Variables
PENTEST_TARGET_WHITELIST: Comma-separated list of authorized targetsSCAN_TIMEOUT: Maximum time for any scan operation (default: 300 seconds)
Usage Examples
In Claude Desktop, you can ask:
- "Perform a basic network scan on 192.168.1.1"
- "Run a vulnerability scan on my local web server at http://10.0.0.5"
- "Check http://192.168.1.100/wordpress for WordPress vulnerabilities"
- "Test http://10.0.0.10/login.php for SQL injection vulnerabilities"
- "Search for Apache exploits in the exploit database"
- "Scan directories on http://192.168.1.50 using the common wordlist"
- "Generate a pentest report for the web application scan on 192.168.1.100"