A
securityA
licenseA
qualityAn MCP server to run commands.
Last updated -
1
403
195
MIT License
This server provides access to a Kali Linux environment within an isolated Docker container via the Model Context Protocol (MCP) command-line interface. You can:
Execute Commands: Run terminal commands with timeout and background processing options
File Operations: Read, write, move, search, and edit files (including URL access and surgical text replacements)
Directory Management: List, create, and navigate directories within allowed paths
Search Capabilities: Find files by name and search content using powerful tools like ripgrep
Process Control: List, monitor, and terminate running processes and background sessions
Configuration Management: View and modify server settings, including security parameters
Health Monitoring: Check server status and performance
Provides secure access to Kali Linux penetration testing tools directly through Claude's interface, allowing users to run security tools in an isolated Docker container.
Claude Kali MCP Integration
A clean, minimal implementation of Kali Linux MCP (Model Context Protocol) integration for Claude Desktop, providing secure access to Kali Linux tools through Claude's interface. This project enables seamless execution of security tools and commands within an isolated Docker container.
Features
🐳 Docker-based - Containerized environment for consistent execution
🔒 Isolated Environment - Kali Linux tools in a secure sandbox
🔄 Automatic Health Checks - Ensures service reliability and availability
📡 MCP Server - Standard protocol integration with Claude Desktop
🚀 Quick Setup - Get started with minimal configuration
🔧 Configurable - Customizable ports and settings
🔍 Security-First - Isolated execution environment for security tools
📊 Monitoring - Built-in health checks and status endpoints
Prerequisites
Docker (v20.10.0+)
Docker Compose (v2.0.0+)
Git (for cloning the repository)
Node.js (v16+ for development and testing)
Networking Note
By default, the provided docker-compose.yml and docker-compose.full.yml files use host networking (network_mode: host). This gives the containers full access to the host network, which is required for some advanced networking tools and scenarios.
Security Note:
Host networking provides less isolation between your host and the containers. All network interfaces and ports are shared.
If you prefer more isolation, you can switch to Docker's default
bridgenetwork by removing thenetwork_mode: hostlines and adding aports:mapping (e.g.,8081:8080) to the relevant service(s). See the commented examples in the compose files and documentation below for details.
Quick Start
Clone the repository:
🛠️ Build & Run Instructions
Note: sudo is enabled inside the Kali container for tools like nmap and others that require elevated privileges. If you want to restrict the use of sudo, edit the blockedCommands list in config.json.
Windows (PowerShell)
Note: If you see a script signing or execution policy error, run the script with ExecutionPolicy Bypass:
Minimal build (recommended):
Full Kali tools build:
Linux / macOS (Bash)
Minimal build (recommended):
Full Kali tools build:
Start & Monitor Services
Quick start script (Linux/macOS):
This builds and starts the containers, waits for readiness, and shows status.
Check health endpoint:
Should return:
{"status":"ok"}View running containers:
Configure Claude Desktop
Set MCP Server URL to:
http://localhost:8080(Optional) Set Project Path to your local repo directory
Choose your build profile:
Minimal (Default): Small image with just the MCP server (recommended for most users)
Full: Complete Kali Linux with all tools (very large image)
The minimal build is much faster and smaller, while the full build includes all Kali Linux tools but requires significant disk space.
Verify the installation:
Should return:
{"status":"ok"}Configure Claude Desktop:
Open Claude Desktop settings
Set MCP Server URL to:
http://localhost:8081Set Project Path to the full path of this repository (e.g.,
/path/to/Claude-Kali-MCP-Commander)Restart Claude Desktop
Project Structure
Testing the Integration
After starting the services, you can test the MCP integration:
Basic Health Check: (If using bridging to Docker)
Should return:
{"status":"ok"}Verify Container Status:
Should show the container as "healthy"
View Container Logs:
Check for any error messages or warnings
Configuration
Claude Desktop Configuration
To use this MCP server with Claude Desktop, you'll need to configure the following in your Claude Desktop settings:
Kali Linux MCP (Required): Runs commands inside the Docker container with Kali Linux tools
Host OS Commander (Optional): Can be used to run commands directly on the host OS where Claude Desktop is installed. You can remove this section if you only need the Kali Linux environment.
Example single MCP Server claude_desktop_config.json:
Example MCP Commander Desktop OS and Kali MCP Server claude_desktop_config.json:
Environment Variables
You can customize the following environment variables in the docker-compose.yml file:
MCP_SERVER_PORT: Port for the MCP server (default: 8080)NODE_ENV: Environment mode (development/production)LOG_LEVEL: Logging verbosity (debug, info, warn, error)
Port Configuration (if not using host networking)
To change the default ports, modify the ports section in docker-compose.yml:
Troubleshooting
Common Issues
Port Conflicts
Symptom: Container fails to start with port binding errors
Solution: Change the host port in
docker-compose.yml
Container Health Check Fails
Symptom: Container restarts continuously
Solution: Check logs with
docker logs kali-mcp-commander-minimal
MCP Server Not Responding
Symptom: Claude Desktop can't connect to the MCP server
Solution:
Verify the server is running:
curl http://localhost:8081/healthCheck Docker network settings
Ensure no firewall is blocking port 8081
Debugging
For detailed debugging, you can modify the docker-compose.yml to include additional logging:
Security Considerations
The container runs with minimal privileges
Network access is restricted to localhost by default
Regular security updates are recommended for the base Kali Linux image
Review the Dockerfile for any custom configurations
Performance
The container is optimized for minimal resource usage
Health checks ensure service availability
Resource limits can be configured in
docker-compose.yml
Contributing
Contributions are welcome! Please read our Contributing Guidelines for details on how to contribute to this project.
When contributing, please:
Fork the repository
Create a feature branch
Commit your changes
Push to the branch
Create a new Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Copyright (c) 2025 Chris Stark. Maintained by Chris Stark.
Credits
Original work by Eduard Ruzga (2024)
Support
For support, please open an issue on GitHub.
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Tools
An MCP server that provides secure access to Kali Linux cybersecurity tools through Claude's interface, enabling users to run Kali Linux commands directly from Claude Desktop.
Related MCP Servers
- AsecurityAlicenseAqualityA secure MCP server for Windows Subsystem for Linux environments, facilitating safe command execution with extensive validation and protection against vulnerabilities like shell injection and dangerous commands.Last updated -22416MIT License
- AsecurityAlicenseAqualityAn MCP server that enables secure execution of shell commands across Windows, macOS, and Linux with built-in whitelisting and approval mechanisms for enhanced security.Last updated -91757MIT License
- AsecurityFlicenseAqualityA tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.Last updated -544