Skip to main content
Glama

Kali Linux MCP Server

by pellax
GitHub
Python
  • Linux
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

Kali Linux MCP Server (Dockerized)

A dockerized Model Context Protocol (MCP) server that provides secure access to Kali Linux security tools for defensive security and authorized penetration testing.

Features

Network Scanning

  • nmap_scan: Network discovery and port scanning

  • gobuster_dir: Directory and file enumeration

Web Application Testing

  • wpscan_scan: WordPress security scanning

  • sqlmap_test: SQL injection testing

  • dirb_scan: Web content discovery

System Enumeration

  • enum4linux_scan: SMB/NetBIOS enumeration

  • searchsploit_query: Exploit database search

Credential Testing

  • crackmapexec_smb: SMB credential testing

  • john_crack: Password cracking with John the Ripper

  • hashcat_crack: GPU-accelerated password cracking

Utilities

  • netcat_connect: Network connectivity testing

  • bloodhound_py: Active Directory enumeration

Security Features

  • Input Sanitization: All inputs are validated against strict patterns

  • Network Restrictions: Configurable allowed target networks

  • Non-root Execution: Runs with minimal privileges using Linux capabilities

  • Timeout Protection: Commands have configurable execution limits

  • Output Limiting: Response sizes are capped for safety

Docker Installation & Usage

Prerequisites

  • Docker and Docker Compose installed

  • Sufficient disk space for Kali Linux image

Quick Start

# Build and start the container (MCP server starts automatically) docker compose up --build # Or run in background docker compose up -d --build # The MCP server will be available at localhost:8000 # No additional setup required!

Container Usage

# View server logs docker compose logs -f # Access the running container (for debugging/development) docker compose exec kali-mcp-server bash # The MCP server is already running automatically # Check server status inside container: # ps aux | grep python

Container Management

# Stop the container and MCP server docker compose down # View real-time server logs docker compose logs -f kali-mcp-server # Restart the container docker compose restart # Rebuild container (after code changes) docker compose build --no-cache # For development: override auto-start to get shell access # Temporarily modify docker-compose.yml: command: /bin/bash

Claude Desktop Integration (Automatic)

# The MCP server automatically starts on localhost:8000 # Just configure Claude Desktop to connect to this endpoint # Port 8000 is already mapped to host # Server starts automatically when container boots # Check if server is running: curl http://localhost:8000/health || echo "Server not responding"

Configuration

Environment Variables

  • MCP_HOST: Server host (default: 127.0.0.1)

  • MCP_PORT: Server port (default: 8000)

  • MCP_MAX_EXEC_TIME: Command timeout in seconds (default: 300)

  • MCP_OUTPUT_LIMIT: Maximum output size in bytes (default: 10000)

  • MCP_ALLOWED_NETWORKS: Comma-separated list of allowed target networks

  • WPSCAN_API_TOKEN: Optional WPScan API token for vulnerability data

Network Restrictions

For production use, configure MCP_ALLOWED_NETWORKS to restrict scanning targets:

# Example: Only allow internal networks MCP_ALLOWED_NETWORKS=192.168.0.0/16,10.0.0.0/8,172.16.0.0/12

Usage Examples (Inside Container)

Automatic Server Startup

# The MCP server starts automatically when you run: docker compose up --build # Server is available at localhost:8000 # No manual startup required! # To verify server is running: docker compose logs kali-mcp-server

Testing Tools Directly (Optional)

# Access container for direct tool testing docker compose exec kali-mcp-server bash # Inside container: nmap --version gobuster version wpscan --version ls /usr/share/wordlists/

MCP Tool Usage (via Claude Desktop)

Once connected to Claude Desktop, you can use tools like:

# Network scanning nmap_scan("192.168.1.1", scan_type="basic") # Directory enumeration gobuster_dir("http://example.com") # WordPress scanning wpscan_scan("http://wordpress.example.com") # SQL injection testing sqlmap_test("http://example.com/page?id=1")

Claude Desktop Integration

Configuration Steps

  1. Start the containerized MCP server (automatic):

    # Server starts automatically docker compose up -d --build # Verify server is running curl http://localhost:8000/health

  2. Configure Claude Desktop:

    • Open Claude Desktop Settings

    • Go to Developer → MCP Servers

    • Add configuration (see claude_desktop_config.md)

    • Server URL: http://localhost:8000

  3. Optional - Host network mode for advanced usage:

    services: kali-mcp-server: network_mode: "host" # ... rest of config

Container Features

  • Automatic startup: MCP server starts when container boots

  • Data persistence: ./data directory mounted from host

  • Real-time logs: docker compose logs -f kali-mcp-server

  • Environment configuration: All variables in docker-compose.yml

  • Port mapping: localhost:8000 automatically mapped

Security Considerations

Authorized Use Only

This tool is designed for:

  • Authorized penetration testing

  • Security assessments

  • Educational purposes

  • Defensive security research

Network Security

  • Configure network restrictions in production

  • Use firewall rules to limit access

  • Monitor tool usage and logs

  • Implement proper authentication

User Permissions

  • Run as dedicated service user (not root)

  • Use Linux capabilities for network tools

  • Restrict file system access

  • Enable audit logging

Requirements

Host System

  • Docker and Docker Compose

  • 4GB+ free disk space for Kali image

  • Network access for tool downloads

Container Environment

  • Kali Linux rolling base image

  • Python 3.8+ (included)

  • All Kali security tools (pre-installed)

  • Virtual environment with Python dependencies

Python Dependencies (Auto-installed in container)

  • fastmcp >= 0.4.0

  • pydantic >= 2.0.0

  • Built-in Python modules (asyncio, subprocess, etc.)

Development

Project Structure

kali-mcp-server/ ├── kali_mcp_server/ │ ├── __init__.py │ └── server.py # Main server implementation ├── Dockerfile # Container definition ├── docker-compose.yml # Container orchestration ├── .dockerignore # Docker build exclusions ├── claude_desktop_config.md # Claude Desktop setup guide ├── setup_capabilities.sh # Capability setup script (for host) ├── install.sh # System installation script (for host) ├── run_server.py # Development server runner ├── requirements.txt # Python dependencies ├── pyproject.toml # Package configuration ├── data/ # Persistent data directory └── README.md # This file

Adding New Tools

  1. Add tool function with @mcp.tool() decorator

  2. Implement input sanitization

  3. Use run_tool() helper for execution

  4. Add proper error handling

  5. Update documentation

License

MIT License - See LICENSE file for details

Disclaimer

This software is provided for educational and authorized testing purposes only. Users are responsible for complying with applicable laws and regulations. The authors are not responsible for misuse of this tool.

This server cannot be installed

-
security - not tested
F
license - not found
-
quality - not tested

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

Provides secure access to Kali Linux security tools through a dockerized environment for authorized penetration testing and defensive security. Enables network scanning, web application testing, system enumeration, and credential testing with built-in input sanitization and network restrictions.

  1. Features
    1. Network Scanning
    2. Web Application Testing
    3. System Enumeration
    4. Credential Testing
    5. Utilities
  2. Security Features
    1. Docker Installation & Usage
      1. Prerequisites
      2. Quick Start
      3. Container Usage
      4. Container Management
      5. Claude Desktop Integration (Automatic)
    2. Configuration
      1. Environment Variables
      2. Network Restrictions
    3. Usage Examples (Inside Container)
      1. Automatic Server Startup
      2. Testing Tools Directly (Optional)
      3. MCP Tool Usage (via Claude Desktop)
    4. Claude Desktop Integration
      1. Configuration Steps
      2. Container Features
    5. Security Considerations
      1. Authorized Use Only
      2. Network Security
      3. User Permissions
    6. Requirements
      1. Host System
      2. Container Environment
      3. Python Dependencies (Auto-installed in container)
    7. Development
      1. Project Structure
      2. Adding New Tools
    8. License
      1. Disclaimer

        New MCP Servers

        MCP directory API

        We provide all the information about MCP servers via our MCP API.

        curl -X GET 'https://glama.ai/api/mcp/v1/servers/pellax/kaliMCP'

        If you have feedback or need assistance with the MCP directory API, please join our Discord server