KALI_MCP_SERVER

KALI_MCP_SERVER is a Docker-only MCP server that acts as a configurable security automation hub. It runs a single JSON-RPC 2.0 entrypoint and uses a declarative tool engine defined in config.json to orchestrate a suite of security utilities inside a Docker image. Tools are listed and described in the /capabilities_ext endpoint and can be invoked asynchronously with live log streaming via SSE or polling. Access is protected by an API key, and you can observe real-time results and logs for each job as it progresses. The system supports extending its capabilities by adding custom installers and new tool definitions in config.json, with optional extras-install modules for additional tooling.

Prerequisites:

• Docker and docker-compose installed on the host
• Internet access to pull required images
• Git (optional, for cloning the repository)

Install steps:

1. Clone or download the MCP server repo: git clone <repo-url> cd KALI_MCP_SERVER

2. Build and run in Docker (Docker Compose is supported as in the Quick Start): docker compose up -d --build

3. Verify the server is running and healthy: curl -H "x-api-key:your-secret-key" http://127.0.0.1:8080/health

4. If you prefer running directly with Docker (no compose): docker run -d --name kali-mcp
   -p 8080:8080
   -e X_API_KEY=your-secret-key
   image-name

5. Configure your local client (e.g., Cursor) to point at http://localhost:8080 with the same API key. Ensure config.json declares the tools you want to enable, and use /capabilities_ext to verify availability and versions of installed binaries.

Tips and notes:

• Use /capabilities_ext to verify which tools are available and their versions inside the Docker image.
• Store and manage your API keys securely; rotate keys as needed and update the x-api-key header in clients.
• The config.json file declares tools and is central to what MCP can execute; ensure it matches the installed tooling in the Docker image.
• For long-running or resource-intensive tasks, monitor job logs via /jobs/{job_id}/sse or /jobs/poll to avoid timeouts.
• If you add custom installers in extras-installer/modules/, they will be picked up when capabilities_ext is queried and can be invoked via tools/call.
• Health checks and the /capabilities_ext endpoint help you validate the environment before running complex workflows.