Install missing tools via apt: sudo apt install . Kali includes most tools by default.

MCP-Kali-Server MCP — 使用場景, 安裝 & 即時演示

為什麼要用

核心特性

Lightweight API bridge to Kali Linux terminal commands
Compatible with multiple AI backends (OpenAI, Claude, DeepSeek, Ollama)
Built-in support for Nmap, Metasploit, Hydra, SQLMap, WPScan, and more
Web challenge support — AI can interact with websites and APIs to capture flags
Simple client-server architecture with configurable host/port

即時演示

實際使用效果

mcp-kali-server.replay ▶ 就緒

0/0

安裝

選擇你的客戶端

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

開啟 Claude Desktop → Settings → Developer → Edit Config。儲存後重啟應用。

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

Cursor 使用與 Claude Desktop 相同的 mcpServers 格式。專案級設定優先於全域。

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

點擊 Cline 側欄中的 MCP Servers 圖示，然後選 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-kali-server": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  }
}

格式與 Claude Desktop 相同。重啟 Windsurf 生效。

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "mcp-kali-server",
      "command": "TODO",
      "args": [
        "See README: https://github.com/Wh0am123/MCP-Kali-Server"
      ]
    }
  ]
}

Continue 使用伺服器物件陣列，而非映射。

~/.config/zed/settings.json

{
  "context_servers": {
    "mcp-kali-server": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/Wh0am123/MCP-Kali-Server"
        ]
      }
    }
  }
}

加入 context_servers。Zed 儲存後熱重載。

claude mcp add mcp-kali-server -- TODO 'See README: https://github.com/Wh0am123/MCP-Kali-Server'

一行命令搞定。用 claude mcp list 驗證，claude mcp remove 移除。

使用場景

實戰用法： MCP-Kali-Server

How to solve CTF challenges with AI-assisted Kali Linux

👤 CTF participants who want AI help running security tools ⏱ ~60 min intermediate

何時使用： You're in a CTF competition and want AI to help run and interpret Kali tools.

前置條件

Kali Linux with MCP server running — Clone repo, pip install -r requirements.txt, ./server.py
MCP client connected — Run ./client.py --server http://kali-ip:5000

步驟

Enumerate the target

Run an nmap scan on 10.10.10.1 with service detection and OS fingerprinting. What services are running?✓ 已複製

→ Nmap results with open ports, services, and version info
Exploit a finding

Port 80 has a PHP application. Run nikto for vulnerability scanning and gobuster for directory enumeration.✓ 已複製

→ Scan results with interesting findings
Crack credentials

Found a login at /admin. Use hydra with rockyou.txt to brute-force the login.✓ 已複製

→ Credentials found or exhausted

結果： Systematic CTF enumeration and exploitation with AI interpreting results.

注意事項

Running too many concurrent scans — Run one tool at a time to avoid overloading the target and confusing results

組合

與其他 MCP 搭配，撬動十倍槓桿

mcp-kali-server + filesystem

Save scan results and CTF writeups to local files

Save all our scan results and the solution steps to ~/ctf/htb-machine-writeup.md.✓ 已複製

工具

此 MCP 暴露的能力

工具	輸入參數	何時呼叫
execute_command	command: str	Run any terminal command on the Kali machine
nmap	target: str, options?: str	Network scanning and service detection
sqlmap	url: str, options?: str	SQL injection testing
hydra	target: str, service: str, wordlist?: str	Brute-force authentication testing

成本與限制

運行它的成本

API 配額: N/A — all tools run locally on Kali
每次呼叫 Token 數: 300–2000 tokens per command output
費用: Free — requires a Kali Linux installation
提示: Use targeted scans instead of full-range sweeps to get faster, cleaner results.

安全

權限、密鑰、影響範圍

憑證儲存： N/A — connects to local Kali instance

資料出站： Commands execute on the Kali machine. Network scans reach target IPs.

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
This server provides direct terminal access to a Kali machine — it can execute any command.
Always run in an isolated lab environment, never on production networks.
Unauthorized penetration testing is illegal in most jurisdictions.

故障排查

常見錯誤與修復

Connection refused to server

Ensure server.py is running on the Kali machine and the port is accessible. Check firewall rules.

驗證： curl http://kali-ip:5000/health

Command timeout

Some security tools take a long time. Increase the timeout or use less aggressive scan options.

驗證： Try a simple command like 'whoami' to test connectivity

Tool not found

Install missing tools via apt: sudo apt install <tool-name>. Kali includes most tools by default.

驗證： which <tool-name>

替代方案

MCP-Kali-Server 對比其他方案

替代方案	何時用它替代	權衡
hexstrike-ai	You want AI agents that autonomously decide which tools to run	More intelligence but less direct control
mcp-security-hub	You want Dockerized security tools with better isolation	Better isolation but more setup overhead

MCP-Kali-Server