/ Diretório / Playground / MCP-Kali-Server
← Todos os servidores ↗ GitHub
● Comunidade Wh0am123 ⚡ Instantâneo

MCP-Kali-Server

por Wh0am123 · Wh0am123/MCP-Kali-Server

Lightweight API bridge connecting AI agents to Kali Linux for AI-assisted pentesting and CTF challenges in real time.

MCP-Kali-Server is a Python-based API bridge that connects AI agents (Claude, GPT, DeepSeek, Ollama) to a Kali Linux machine. It provides a controlled command execution interface for running security tools like Nmap, Metasploit, Hydra, SQLMap, and more. Designed for authorized penetration testing, bug bounty hunting, and CTF competitions.

▶ Ver demo 📦 Instalar 💡 Casos de uso

Por que usar

Principais recursos

Demo ao vivo

Como fica na prática

mcp-kali-server.replay ▶ pronto
0/0

Instalar

Escolha seu cliente

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Abra Claude Desktop → Settings → Developer → Edit Config. Reinicie após salvar.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Cursor usa o mesmo esquema mcpServers que o Claude Desktop. Config de projeto vence a global.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Clique no ícone MCP Servers na barra lateral do Cline, depois "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Mesmo formato do Claude Desktop. Reinicie o Windsurf para aplicar.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "mcp-kali-server",
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  ]
}

O Continue usa um array de objetos de servidor em vez de um map.

~/.config/zed/settings.json
{
  "context_servers": {
    "mcp-kali-server": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/Wh0am123/MCP-Kali-Server"
        ]
      }
    }
  }
}

Adicione em context_servers. Zed recarrega automaticamente ao salvar.

claude mcp add mcp-kali-server -- TODO 'See README: https://github.com/Wh0am123/MCP-Kali-Server'

Uma linha só. Verifique com claude mcp list. Remova com claude mcp remove.

Casos de uso

Usos do mundo real: MCP-Kali-Server

How to solve CTF challenges with AI-assisted Kali Linux

👤 CTF participants who want AI help running security tools ⏱ ~60 min intermediate

Quando usar: You're in a CTF competition and want AI to help run and interpret Kali tools.

Pré-requisitos
  • Kali Linux with MCP server running — Clone repo, pip install -r requirements.txt, ./server.py
  • MCP client connected — Run ./client.py --server http://kali-ip:5000
Fluxo
  1. Enumerate the target
    Run an nmap scan on 10.10.10.1 with service detection and OS fingerprinting. What services are running?✓ Copiado
    → Nmap results with open ports, services, and version info
  2. Exploit a finding
    Port 80 has a PHP application. Run nikto for vulnerability scanning and gobuster for directory enumeration.✓ Copiado
    → Scan results with interesting findings
  3. Crack credentials
    Found a login at /admin. Use hydra with rockyou.txt to brute-force the login.✓ Copiado
    → Credentials found or exhausted

Resultado: Systematic CTF enumeration and exploitation with AI interpreting results.

Armadilhas
  • Running too many concurrent scans — Run one tool at a time to avoid overloading the target and confusing results

Combinações

Combine com outros MCPs para 10× de alavancagem

mcp-kali-server + filesystem

Save scan results and CTF writeups to local files

Save all our scan results and the solution steps to ~/ctf/htb-machine-writeup.md.✓ Copiado

Ferramentas

O que este MCP expõe

FerramentaEntradasQuando chamarCusto
execute_command command: str Run any terminal command on the Kali machine 0
nmap target: str, options?: str Network scanning and service detection 0
sqlmap url: str, options?: str SQL injection testing 0
hydra target: str, service: str, wordlist?: str Brute-force authentication testing 0

Custo e limites

O que custa rodar

Cota de API
N/A — all tools run locally on Kali
Tokens por chamada
300–2000 tokens per command output
Monetário
Free — requires a Kali Linux installation
Dica
Use targeted scans instead of full-range sweeps to get faster, cleaner results.

Segurança

Permissões, segredos, alcance

Armazenamento de credenciais: N/A — connects to local Kali instance
Saída de dados: Commands execute on the Kali machine. Network scans reach target IPs.

Solução de problemas

Erros comuns e correções

Connection refused to server

Ensure server.py is running on the Kali machine and the port is accessible. Check firewall rules.

Verificar: curl http://kali-ip:5000/health
Command timeout

Some security tools take a long time. Increase the timeout or use less aggressive scan options.

Verificar: Try a simple command like 'whoami' to test connectivity
Tool not found

Install missing tools via apt: sudo apt install <tool-name>. Kali includes most tools by default.

Verificar: which <tool-name>

Alternativas

MCP-Kali-Server vs. outros

AlternativaQuando usarTroca
hexstrike-aiYou want AI agents that autonomously decide which tools to runMore intelligence but less direct control
mcp-security-hubYou want Dockerized security tools with better isolationBetter isolation but more setup overhead

Mais

Recursos

📖 Leia o README oficial no GitHub

🐙 Ver issues abertas

🔍 Ver todos os 400+ servidores MCP e Skills