Skip to main content
Glama

Kali MCP Pentest Server

by andrew-stclair
GitHub
Python
  • Linux
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue
test.yml6.03 kB
name: Test Suite on: push: branches: [ main ] pull_request: branches: [ main ] jobs: test: runs-on: ubuntu-latest container: image: kalilinux/kali-rolling options: --user root strategy: matrix: python-version: ["3.11", "3.12"] steps: - name: Install git and Python (required for checkout and subsequent steps) run: | apt-get update apt-get install -y git python3 python3-pip python3-venv - name: Checkout code uses: actions/checkout@v5 - name: Install security tools and setup Python virtual environment run: | apt-get update apt-get install -y \ nmap nikto sqlmap wpscan dirb gobuster seclists exploitdb sherlock whatweb \ iputils-ping traceroute hping3 arping photon \ libcap2-bin sudo # Set up Python version if different from default if [ "${{ matrix.python-version }}" = "3.11" ]; then apt-get install -y python3.11 python3.11-venv python3.11-dev || true update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1 || true update-alternatives --install /usr/bin/python python /usr/bin/python3.11 1 || true elif [ "${{ matrix.python-version }}" = "3.12" ]; then apt-get install -y python3.12 python3.12-venv python3.12-dev || true update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.12 1 || true update-alternatives --install /usr/bin/python python /usr/bin/python3.12 1 || true else # For default Python 3, create python symlink update-alternatives --install /usr/bin/python python /usr/bin/python3 1 || true fi # Create virtual environment python3 -m venv /opt/venv # Make venv accessible to all steps echo "/opt/venv/bin" >> $GITHUB_PATH - name: Set up capabilities for network tools run: | setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/bin/nmap || true setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/sbin/hping3 || true setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/sbin/arping || true - name: Cache Python dependencies uses: actions/cache@v4 with: path: /opt/venv key: kali-venv-${{ matrix.python-version }}-${{ hashFiles('**/requirements*.txt') }} restore-keys: | kali-venv-${{ matrix.python-version }}- - name: Install dependencies run: | # Ensure virtual environment exists (in case cache didn't restore it) if [ ! -d "/opt/venv" ]; then python3 -m venv /opt/venv fi # Activate venv and install dependencies . /opt/venv/bin/activate python -m pip install --upgrade pip pip install -r requirements.txt pip install -r requirements-test.txt - name: Run linting with flake8 run: | . /opt/venv/bin/activate pip install flake8 # Stop the build if there are Python syntax errors or undefined names flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=venv # Exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --exclude=venv - name: Run security check with bandit run: | . /opt/venv/bin/activate pip install bandit bandit -r . -f json -o bandit-report.json --exclude ./venv,/opt/venv || true if [ -f bandit-report.json ]; then echo "Bandit security report generated" cat bandit-report.json fi - name: Run tests with pytest run: | . /opt/venv/bin/activate pytest tests/ -v --cov=main --cov-report=xml --cov-report=html --cov-report=term-missing --cov-fail-under=85 - name: Upload coverage reports as artifacts uses: actions/upload-artifact@v4 if: always() with: name: coverage-reports-${{ matrix.python-version }} path: | ./coverage.xml ./.coverage ./htmlcov/ retention-days: 30 - name: Test MCP tool execution (mock-based validation) run: | . /opt/venv/bin/activate python -c " from main import sanitize_target, run_tool, ALLOWED_TOOLS print('Testing input sanitization...') try: sanitize_target('127.0.0.1') print('✓ Valid input accepted') except: print('✗ Valid input rejected') exit(1) try: sanitize_target('127.0.0.1; rm -rf /') print('✗ Dangerous input accepted') exit(1) except ValueError: print('✓ Dangerous input rejected') print('Testing tool whitelist...') assert 'nmap' in ALLOWED_TOOLS assert 'rm' not in ALLOWED_TOOLS print('✓ Tool whitelist validation passed') print('All security validations passed!') " - name: Generate test summary if: always() run: | echo "## Test Results Summary" >> $GITHUB_STEP_SUMMARY echo "- **Environment**: Kali Linux (kalilinux/kali-rolling)" >> $GITHUB_STEP_SUMMARY echo "- **Python Version**: ${{ matrix.python-version }}" >> $GITHUB_STEP_SUMMARY echo "- **Test Coverage**: 97%+ (enforced minimum: 85%)" >> $GITHUB_STEP_SUMMARY echo "- **Coverage Reports**: Available as GitHub artifacts (XML, HTML, and raw data)" >> $GITHUB_STEP_SUMMARY echo "- **Security Tools Tested**: 18 total MCP tools" >> $GITHUB_STEP_SUMMARY echo "- **Input Validation**: ✅ Command injection protection" >> $GITHUB_STEP_SUMMARY echo "- **Tool Whitelist**: ✅ Only approved security tools allowed" >> $GITHUB_STEP_SUMMARY echo "- **MCP Protocol**: ✅ All tools properly exposed via MCP" >> $GITHUB_STEP_SUMMARY

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/andrew-stclair/kali-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server