kali

This MCP server runs a Kali Linux-based environment inside Docker and exposes a suite of security and penetration testing tools through an MCP-compatible interface. Tools include network discovery and scanning (nmap, dnsenum, subdomain_enum, traceroute, host_discovery), information gathering (whois_lookup, dig_dns), connectivity checks (ping_host, netcat_connect), vulnerability and web assessment (nikto_scan, sqlmap_scan, metasploit_search, metasploit_exploit_info), password and login testing (hydra_bruteforce), and SSL/certificate inspection (ssl_scan). The server is designed to be consumed by MCP clients (e.g., Claude or other LLM-driven assistants) to orchestrate these tasks in a controlled environment. To use it, deploy the Docker container and communicate with the MCP server interface to invoke the available commands; the exact MCP API endpoints and payload shapes follow the repository’s MCP definitions in server.js.

Once running, you can request scans (e.g., nmap_scan), perform DNS lookups (dig_dns, dns_enum), enumerate subdomains, test web apps with nikto or sqlmap, attempt Hydra-based login tests in a safe lab setup, or run Metasploit-related queries for exploit information. Each tool is exposed as an MCP action with its own parameters and return structure, enabling orchestrated workflows from your MCP client.

Prerequisites:

• Docker installed on your host (Docker Desktop for Windows/macOS or Docker Engine on Linux)
• Network access to pull kali-mcp-server image from your registry (Docker Hub or private registry)

Install steps:

# 1) Clone the repository (optional, if you want to build from source)
# git clone https://github.com/rangta10/kali-mcp-server.git
# cd kali-mcp-server

# 2) Build the Docker image from the provided Dockerfile (if you have the repo locally)
# docker build -t kali-mcp-server .

# 3) Run the container (as an MCP server)
# docker run -it --rm kali-mcp-server

# Alternatively, pull a prebuilt image and run
# docker pull kali-mcp-server:latest
# docker run -it --rm kali-mcp-server:latest

Notes:

• The Dockerfile installs Kali Linux packages including nmap, whois, dnsutils, netcat-traditional, nikto, sqlmap, hydra, dnsenum, sslscan, metasploit-framework, set, traceroute, nodejs, and npm. The server is started with node server.js as the container entrypoint.
• Ensure your host can access the necessary network resources for scans and testing in a safe and legal lab environment.

If you prefer not to build locally, you can deploy a prebuilt image and connect via the MCP interface provided by the server.js implementation.

Environment and configuration tips:

• The Kali MCP server is designed for lawful testing in controlled environments. Ensure you have explicit authorization before running any scans or exploitation tests.
• When running on Docker, you may need elevated privileges (CAP_SYS_ADMIN/NET_ADMIN) to enable raw networking and certain enumeration capabilities; the provided command adds NET_ADMIN and NET_RAW capabilities.
• If you modify the server image or tools, rebuild the Docker image to reflect changes.
• Typical issues include network connectivity restrictions from running in non-root contexts, or missing tool binaries if the image build did not complete successfully. Check container logs for errors from node server.js and from tool execution shells.
• For MCP clients, follow the standard MCP payload format your client expects (e.g., action names matching the features list in the README).