/ Directorio / Playground / MCP-Kali-Server
← Todos los servidores ↗ GitHub
● Comunidad Wh0am123 ⚡ Instantáneo

MCP-Kali-Server

por Wh0am123 · Wh0am123/MCP-Kali-Server

Lightweight API bridge connecting AI agents to Kali Linux for AI-assisted pentesting and CTF challenges in real time.

MCP-Kali-Server is a Python-based API bridge that connects AI agents (Claude, GPT, DeepSeek, Ollama) to a Kali Linux machine. It provides a controlled command execution interface for running security tools like Nmap, Metasploit, Hydra, SQLMap, and more. Designed for authorized penetration testing, bug bounty hunting, and CTF competitions.

▶ Ver demo 📦 Instalar 💡 Casos de uso

Por qué usarlo

Características clave

Demo en vivo

Cómo se ve en la práctica

mcp-kali-server.replay ▶ listo
0/0

Instalar

Elige tu cliente

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Abre Claude Desktop → Settings → Developer → Edit Config. Reinicia después de guardar.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Cursor usa el mismo esquema mcpServers que Claude Desktop. La configuración del proyecto prevalece sobre la global.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Haz clic en el icono MCP Servers de la barra lateral de Cline y luego en "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Mismo formato que Claude Desktop. Reinicia Windsurf para aplicar.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "mcp-kali-server",
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  ]
}

Continue usa un array de objetos de servidor en lugar de un mapa.

~/.config/zed/settings.json
{
  "context_servers": {
    "mcp-kali-server": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/Wh0am123/MCP-Kali-Server"
        ]
      }
    }
  }
}

Añádelo a context_servers. Zed recarga en caliente al guardar.

claude mcp add mcp-kali-server -- TODO 'See README: https://github.com/Wh0am123/MCP-Kali-Server'

Un solo comando. Verifica con claude mcp list. Quita con claude mcp remove.

Casos de uso

Usos del mundo real: MCP-Kali-Server

How to solve CTF challenges with AI-assisted Kali Linux

👤 CTF participants who want AI help running security tools ⏱ ~60 min intermediate

Cuándo usarlo: You're in a CTF competition and want AI to help run and interpret Kali tools.

Requisitos previos
  • Kali Linux with MCP server running — Clone repo, pip install -r requirements.txt, ./server.py
  • MCP client connected — Run ./client.py --server http://kali-ip:5000
Flujo
  1. Enumerate the target
    Run an nmap scan on 10.10.10.1 with service detection and OS fingerprinting. What services are running?✓ Copiado
    → Nmap results with open ports, services, and version info
  2. Exploit a finding
    Port 80 has a PHP application. Run nikto for vulnerability scanning and gobuster for directory enumeration.✓ Copiado
    → Scan results with interesting findings
  3. Crack credentials
    Found a login at /admin. Use hydra with rockyou.txt to brute-force the login.✓ Copiado
    → Credentials found or exhausted

Resultado: Systematic CTF enumeration and exploitation with AI interpreting results.

Errores comunes
  • Running too many concurrent scans — Run one tool at a time to avoid overloading the target and confusing results

Combinaciones

Combínalo con otros MCPs para multiplicar por 10

mcp-kali-server + filesystem

Save scan results and CTF writeups to local files

Save all our scan results and the solution steps to ~/ctf/htb-machine-writeup.md.✓ Copiado

Herramientas

Lo que expone este MCP

HerramientaEntradasCuándo llamarCoste
execute_command command: str Run any terminal command on the Kali machine 0
nmap target: str, options?: str Network scanning and service detection 0
sqlmap url: str, options?: str SQL injection testing 0
hydra target: str, service: str, wordlist?: str Brute-force authentication testing 0

Coste y límites

Lo que cuesta ejecutarlo

Cuota de API
N/A — all tools run locally on Kali
Tokens por llamada
300–2000 tokens per command output
Monetario
Free — requires a Kali Linux installation
Consejo
Use targeted scans instead of full-range sweeps to get faster, cleaner results.

Seguridad

Permisos, secretos, alcance

Almacenamiento de credenciales: N/A — connects to local Kali instance
Salida de datos: Commands execute on the Kali machine. Network scans reach target IPs.

Resolución de problemas

Errores comunes y soluciones

Connection refused to server

Ensure server.py is running on the Kali machine and the port is accessible. Check firewall rules.

Verificar: curl http://kali-ip:5000/health
Command timeout

Some security tools take a long time. Increase the timeout or use less aggressive scan options.

Verificar: Try a simple command like 'whoami' to test connectivity
Tool not found

Install missing tools via apt: sudo apt install <tool-name>. Kali includes most tools by default.

Verificar: which <tool-name>

Alternativas

MCP-Kali-Server vs otros

AlternativaCuándo usarlaContrapartida
hexstrike-aiYou want AI agents that autonomously decide which tools to runMore intelligence but less direct control
mcp-security-hubYou want Dockerized security tools with better isolationBetter isolation but more setup overhead

Más

Recursos

📖 Lee el README oficial en GitHub

🐙 Ver issues abiertas

🔍 Ver todos los 400+ servidores MCP y Skills