Pentest Tools MCP Server

FROM kalilinux/kali-rolling # Prevent interactive prompts during package installation ENV DEBIAN_FRONTEND=noninteractive # Install basic system packages RUN apt-get update && apt-get install -y \ python3 \ python3-pip \ python3-venv \ golang \ git \ wget \ nmap \ whatweb \ dnsrecon \ theharvester \ ffuf \ dirsearch \ sqlmap \ amass \ nodejs \ npm \ curl \ dnsutils \ bind9-utils \ sslyze \ && rm -rf /var/lib/apt/lists/* # Set up Python virtual environment ENV VIRTUAL_ENV=/opt/venv RUN python3 -m venv $VIRTUAL_ENV ENV PATH="$VIRTUAL_ENV/bin:$PATH" # Install Python packages in virtual environment COPY requirements.txt /tmp/ RUN pip install --no-cache-dir -r /tmp/requirements.txt # Check Go version RUN go version # Check network connectivity to GitHub RUN curl -v https://github.com # Install Go tools individually (excluding Amass) RUN go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest RUN go install -v github.com/tomnomnom/assetfinder@latest RUN go install -v github.com/tomnomnom/waybackurls@latest RUN go install -v github.com/lc/gau/v2/cmd/gau@latest RUN go install -v github.com/tillson/git-hound@latest RUN go install -v github.com/hakluke/hakrawler@latest RUN go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest RUN go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest # Install npm packages RUN npm install -g wappalyzer-cli lighthouse snyk # Set up wordlists directory RUN mkdir -p /usr/share/wordlists/pentest-tools # Download SecLists RUN git clone https://github.com/danielmiessler/SecLists.git /usr/share/wordlists/pentest-tools/SecLists # Download other wordlists RUN wget -O /usr/share/wordlists/pentest-tools/dirsearch.txt https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt && \ wget -O /usr/share/wordlists/pentest-tools/xss-payloads.txt https://raw.githubusercontent.com/payloadbox/xss-payload-list/master/Intruder/xss-payload-list.txt && \ wget -O /usr/share/wordlists/pentest-tools/sqli-payloads.txt https://raw.githubusercontent.com/payloadbox/sql-injection-payload-list/refs/heads/master/Intruder/detect/Generic_SQLI.txt && \ wget -O /usr/share/wordlists/pentest-tools/lfi-payloads.txt https://raw.githubusercontent.com/emadshanab/LFI-Payload-List/master/LFI%20payloads.txt && \ wget -O /usr/share/wordlists/pentest-tools/ssrf-payloads.txt https://gist.githubusercontent.com/rootsploit/66c9ae8fc3ef387fa5ffbb67fcef0766/raw/d5a4088d628ed05f161b9dd9bf3c6755910a164f/SSRF-Payloads.txt # Set up tools directory RUN mkdir -p /root/tools # Clone useful repositories RUN git clone https://github.com/s0md3v/XSStrike.git /root/tools/XSStrike && \ git clone https://github.com/projectdiscovery/nuclei-templates.git /root/tools/nuclei-templates && \ git clone https://github.com/graphql/graphql-js.git /root/tools/graphql-tools # Create necessary directories for the application RUN mkdir -p /app/reports /app/templates # Set working directory WORKDIR /app # Copy application files COPY . /app/ # Add Go binaries to PATH ENV PATH="/root/go/bin:$PATH" # Set entrypoint CMD ["python", "pentest-tools-mcp-server.py"]