Install missing tools via apt: sudo apt install . Kali includes most tools by default.

MCP-Kali-Server MCP — 使用场景, 安装 & 实时演示

为什么要用

核心特性

Lightweight API bridge to Kali Linux terminal commands
Compatible with multiple AI backends (OpenAI, Claude, DeepSeek, Ollama)
Built-in support for Nmap, Metasploit, Hydra, SQLMap, WPScan, and more
Web challenge support — AI can interact with websites and APIs to capture flags
Simple client-server architecture with configurable host/port

实时演示

实际使用效果

mcp-kali-server.replay ▶ 就绪

0/0

安装

选择你的客户端

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

打开 Claude Desktop → Settings → Developer → Edit Config。保存后重启应用。

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Cursor 使用与 Claude Desktop 相同的 mcpServers 格式。项目级配置优先于全局。

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

点击 Cline 侧栏中的 MCP Servers 图标，然后选 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

格式与 Claude Desktop 相同。重启 Windsurf 生效。

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "mcp-kali-server",
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  ]
}

Continue 使用服务器对象数组，而非映射。

~/.config/zed/settings.json

{
  "context_servers": {
    "mcp-kali-server": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/Wh0am123/MCP-Kali-Server"
        ]
      }
    }
  }
}

加入 context_servers。Zed 保存后热重载。

claude mcp add mcp-kali-server -- TODO 'See README: https://github.com/Wh0am123/MCP-Kali-Server'

一行命令搞定。用 claude mcp list 验证，claude mcp remove 卸载。

使用场景

实战用法： MCP-Kali-Server

How to solve CTF challenges with AI-assisted Kali Linux

👤 CTF participants who want AI help running security tools ⏱ ~60 min intermediate

何时使用： You're in a CTF competition and want AI to help run and interpret Kali tools.

前置条件

Kali Linux with MCP server running — Clone repo, pip install -r requirements.txt, ./server.py
MCP client connected — Run ./client.py --server http://kali-ip:5000

步骤

Enumerate the target

Run an nmap scan on 10.10.10.1 with service detection and OS fingerprinting. What services are running?✓ 已复制

→ Nmap results with open ports, services, and version info
Exploit a finding

Port 80 has a PHP application. Run nikto for vulnerability scanning and gobuster for directory enumeration.✓ 已复制

→ Scan results with interesting findings
Crack credentials

Found a login at /admin. Use hydra with rockyou.txt to brute-force the login.✓ 已复制

→ Credentials found or exhausted

结果： Systematic CTF enumeration and exploitation with AI interpreting results.

注意事项

Running too many concurrent scans — Run one tool at a time to avoid overloading the target and confusing results

组合

与其他 MCP 搭配，撬动十倍杠杆

mcp-kali-server + filesystem

Save scan results and CTF writeups to local files

Save all our scan results and the solution steps to ~/ctf/htb-machine-writeup.md.✓ 已复制

工具

此 MCP 暴露的能力

工具	输入参数	何时调用
execute_command	command: str	Run any terminal command on the Kali machine
nmap	target: str, options?: str	Network scanning and service detection
sqlmap	url: str, options?: str	SQL injection testing
hydra	target: str, service: str, wordlist?: str	Brute-force authentication testing

成本与限制

运行它的成本

API 配额: N/A — all tools run locally on Kali
每次调用 Token 数: 300–2000 tokens per command output
费用: Free — requires a Kali Linux installation
提示: Use targeted scans instead of full-range sweeps to get faster, cleaner results.

安全

权限、密钥、影响范围

凭据存储： N/A — connects to local Kali instance

数据出站： Commands execute on the Kali machine. Network scans reach target IPs.

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
This server provides direct terminal access to a Kali machine — it can execute any command.
Always run in an isolated lab environment, never on production networks.
Unauthorized penetration testing is illegal in most jurisdictions.

故障排查

常见错误与修复

Connection refused to server

Ensure server.py is running on the Kali machine and the port is accessible. Check firewall rules.

验证： curl http://kali-ip:5000/health

Command timeout

Some security tools take a long time. Increase the timeout or use less aggressive scan options.

验证： Try a simple command like 'whoami' to test connectivity

Tool not found

Install missing tools via apt: sudo apt install <tool-name>. Kali includes most tools by default.

验证： which <tool-name>

替代方案

MCP-Kali-Server 对比其他方案

替代方案	何时用它替代	权衡
hexstrike-ai	You want AI agents that autonomously decide which tools to run	More intelligence but less direct control
mcp-security-hub	You want Dockerized security tools with better isolation	Better isolation but more setup overhead

MCP-Kali-Server