kali

The Kali MCP Server provides access to a comprehensive suite of Kali Linux penetration testing tools by running them inside isolated Docker containers. It exposes a set of 20 specialized tools and actions, ranging from core container management (start, stop, run commands) to vulnerability assessment, network scanning, information gathering, web app testing, password cracking, forensics, and more. Each tool is designed to execute within a Kali container to ensure your host system remains secure while you perform authorized security assessments. You can invoke these capabilities through the MCP abstraction, sending the appropriate tool command and arguments and receiving structured results from the server.

Once running, you can interact with the server to start or stop the Kali container, install Kali packages, perform scans (nmap, masscan, nikto, dirb, gobuster, etc.), conduct OSINT, test web applications, crack passwords, analyze wireless traffic, perform digital forensics, and more. The server is designed to provide an audit trail of executed commands and automatic container cleanup, making it suitable for repeatable testing and training scenarios in a controlled environment.

Prerequisites:

• Docker installed and running
• Node.js 16+ (for npm-based installation)
• npm (comes with Node.js)

Global installation (recommended):

npm install -g kali-mcp-server

Local installation (development):

# Clone the repository
git clone <repository-url>
cd kali-mcp-server

# Install dependencies
npm install

# Start the server locally
npm start

Usage after installation:

• For global installation, ensure Docker is running and configure your MCP as shown in the repository documentation. The server will be accessible via the MCP framework and your client configuration can target the kali MCP server.
• For local development, use npm start to run the server in your environment and test against your local MCP configuration.

Configuration (example):

• Create or update your MCP configuration file (e.g., .kilocode/mcp.json) with the Kali server entry as shown in the README:

{
  "mcpServers": {
    "kali": {
      "command": "npx",
      "args": ["-y", "kali-mcp-server"]
    }
  }
}

This configuration will enable the Kali MCP server under the name kali for your MCP client tooling.

Tips and notes:

• Ensure Docker is up and running before starting the MCP server; all Kali tools execute inside containers for isolation.
• The server provides an audit trail of commands; review logs for security and reproducibility.
• Containers are automatically cleaned up to avoid resource buildup; ensure you have sufficient disk space for Kali images and tool downloads.
• The Kali toolset is extensive; refer to the available tool list in the README to understand which actions are exposed and how to invoke them.
• If you encounter network or image pull issues, verify Docker daemon permissions and network access from the host.
• This setup targets authorized testing only; always have explicit permission before performing security assessments.
• If you are deploying in a CI/CD environment, consider using the local installation workflow and ensure the runner has Docker access and appropriate resource limits.