Kali_Linux_MCP

Kali_Linux_MCP exposes a Flask API that wraps a suite of Kali tools and exposes them via an MCP bridge. The Kali_Linux_Server.py API provides wrappers for common security assessment tools such as nmap, gobuster, nikto, sqlmap, metasploit, hydra, john, wpscan, and enum4linux. The MCP_Server.py bridge forwards MCP client requests to this API, enabling automated or AI-assisted testing workflows through MCP clients. Use cases include recon, web enumeration, vulnerability triage, WordPress checks, SMB enumeration, credential testing in lab environments, and optional exploit checks with Metasploit. To begin, start the API, verify its health, and then launch the MCP bridge so MCP clients can submit commands through the standard MCP protocol.

Prerequisites:

• Linux (Kali Linux preferred) or a Linux distro with the required tools installed in PATH
• Python 3.x
• System packages as needed for the tools (e.g., nmap, gobuster, nikto, sqlmap, metasploit, hydra, john, wpscan, enum4linux)
• Internet access to install Python dependencies

1. Install Python dependencies

   • Create and activate a virtual environment (optional but recommended) python3 -m venv venv source venv/bin/activate

   • Install required Python packages pip install flask requests mcp

2. Ensure tools are installed and accessible in PATH

   • Install or verify: nmap, gobuster, nikto, sqlmap, metasploit, hydra, john, wpscan, enum4linux
   • Confirm each tool runs from the command line (e.g., nmap --version)

3. Run the API server

   • Start Kali_Linux_Server.py on port 5000 python3 Kali_Linux_Server.py --port 5000

4. Run the MCP bridge

   • Start MCP_Server.py to bridge MCP clients to the API python3 MCP_Server.py --server http://localhost:5000 --timeout 300

5. Verify operation

   • Health check the API curl http://localhost:5000/health

   • From an MCP client, point to the bridge URL and use the supported MCP tools (e.g., nmap_scan, gobuster_scan, dirb_scan, nikto_scan, sqlmap_scan, metasploit_run, hydra_attack, john_crack, wpscan_analyze, enum4linux_scan, execute_command, check_health).

Notes and tips:

• Ensure the Kali_Linux_Server API has access to all the tools in PATH; the wrappers rely on system calls to these tools.
• The MCP bridge (MCP_Server) accepts a server URL (http://localhost:5000) and a timeout; adjust the timeout based on expected tool run durations.
• For AI-assisted workflows, MCP clients can propose commands and then execute them via the API; ensure proper authorization for lab environments.
• If tools are missing or fail to run, check tool installation paths, permissions, and that the API user can execute the executables.
• Consider securing the API and MCP bridge in production or lab environments (e.g., local network or VPN, authentication, and rate limiting).
• This setup is intended for authorized labs, CTFs, HTB/THM machines, or AI-assisted testing in controlled environments.