Install missing tools via apt: sudo apt install . Kali includes most tools by default.

MCP-Kali-Server MCP — حالات الاستخدام, التثبيت & عرض مباشر

لماذا تستخدمه

الميزات الأساسية

Lightweight API bridge to Kali Linux terminal commands
Compatible with multiple AI backends (OpenAI, Claude, DeepSeek, Ollama)
Built-in support for Nmap, Metasploit, Hydra, SQLMap, WPScan, and more
Web challenge support — AI can interact with websites and APIs to capture flags
Simple client-server architecture with configurable host/port

عرض مباشر

كيف يبدو في الممارسة

mcp-kali-server.replay ▶ جاهز

0/0

التثبيت

اختر العميل

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

افتح Claude Desktop → Settings → Developer → Edit Config. أعد التشغيل بعد الحفظ.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

يستخدم Cursor نفس مخطط mcpServers مثل Claude Desktop. إعدادات المشروع أولى من الإعدادات العامة.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

انقر على أيقونة MCP Servers في شريط Cline الجانبي، ثم "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

نفس الصيغة مثل Claude Desktop. أعد تشغيل Windsurf لتطبيق التغييرات.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "mcp-kali-server",
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  ]
}

يستخدم Continue مصفوفة من كائنات الخادم بدلاً من خريطة.

~/.config/zed/settings.json

{
  "context_servers": {
    "mcp-kali-server": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/Wh0am123/MCP-Kali-Server"
        ]
      }
    }
  }
}

أضف إلى context_servers. يعيد Zed التحميل تلقائيًا عند الحفظ.

claude mcp add mcp-kali-server -- TODO 'See README: https://github.com/Wh0am123/MCP-Kali-Server'

أمر من سطر واحد. تحقق باستخدام claude mcp list. احذف باستخدام claude mcp remove.

حالات الاستخدام

استخدامات عملية: MCP-Kali-Server

How to solve CTF challenges with AI-assisted Kali Linux

👤 CTF participants who want AI help running security tools ⏱ ~60 min intermediate

متى تستخدمه: You're in a CTF competition and want AI to help run and interpret Kali tools.

المتطلبات الأساسية

Kali Linux with MCP server running — Clone repo, pip install -r requirements.txt, ./server.py
MCP client connected — Run ./client.py --server http://kali-ip:5000

الخطوات

Enumerate the target

Run an nmap scan on 10.10.10.1 with service detection and OS fingerprinting. What services are running?✓ تم النسخ

→ Nmap results with open ports, services, and version info
Exploit a finding

Port 80 has a PHP application. Run nikto for vulnerability scanning and gobuster for directory enumeration.✓ تم النسخ

→ Scan results with interesting findings
Crack credentials

Found a login at /admin. Use hydra with rockyou.txt to brute-force the login.✓ تم النسخ

→ Credentials found or exhausted

النتيجة: Systematic CTF enumeration and exploitation with AI interpreting results.

المزالق

Running too many concurrent scans — Run one tool at a time to avoid overloading the target and confusing results

التركيبات

اجمعها مع خوادم MCP أخرى لتحقيق نتائج x10

mcp-kali-server + filesystem

Save scan results and CTF writeups to local files

Save all our scan results and the solution steps to ~/ctf/htb-machine-writeup.md.✓ تم النسخ

الأدوات

ما يوفره هذا الـ MCP

الأداة	المدخلات	متى تستدعيها
execute_command	command: str	Run any terminal command on the Kali machine
nmap	target: str, options?: str	Network scanning and service detection
sqlmap	url: str, options?: str	SQL injection testing
hydra	target: str, service: str, wordlist?: str	Brute-force authentication testing

التكلفة والحدود

تكلفة التشغيل

حصة API: N/A — all tools run locally on Kali
الرموز لكل استدعاء: 300–2000 tokens per command output
التكلفة المالية: Free — requires a Kali Linux installation
نصيحة: Use targeted scans instead of full-range sweeps to get faster, cleaner results.

الأمان

الصلاحيات والأسرار ونطاق الأثر

تخزين بيانات الاعتماد: N/A — connects to local Kali instance

نقل البيانات الخارجي: Commands execute on the Kali machine. Network scans reach target IPs.

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
This server provides direct terminal access to a Kali machine — it can execute any command.
Always run in an isolated lab environment, never on production networks.
Unauthorized penetration testing is illegal in most jurisdictions.

استكشاف الأخطاء

الأخطاء الشائعة وحلولها

Connection refused to server

Ensure server.py is running on the Kali machine and the port is accessible. Check firewall rules.

تحقق: curl http://kali-ip:5000/health

Command timeout

Some security tools take a long time. Increase the timeout or use less aggressive scan options.

تحقق: Try a simple command like 'whoami' to test connectivity

Tool not found

Install missing tools via apt: sudo apt install <tool-name>. Kali includes most tools by default.

تحقق: which <tool-name>

البدائل

MCP-Kali-Server مقابل البدائل

البديل	متى تستخدمها	المقايضة
hexstrike-ai	You want AI agents that autonomously decide which tools to run	More intelligence but less direct control
mcp-security-hub	You want Dockerized security tools with better isolation	Better isolation but more setup overhead

MCP-Kali-Server