Kali Linux MCP Server

# Claude Desktop MCP Server Configuration (Dockerized) To use your Kali MCP Server with Claude Desktop, follow these simple steps. ## Step 1: Start the Docker Container (Automatic MCP Server) The MCP server starts automatically when you launch the Docker container: ```bash # Build and start container (server auto-starts) docker compose up -d --build # Verify server is running curl http://localhost:8000/health ``` The server automatically starts on `localhost:8000` - no manual setup required! ## Step 2: Configure Claude Desktop 1. Open Claude Desktop application 2. Go to Settings (gear icon in bottom left) 3. Navigate to the "Developer" section 4. Find "MCP Servers" configuration ### Option A: Standard Configuration (Recommended) Add this configuration for the dockerized MCP server: ```json { "kali-security": { "command": "curl", "args": [ "-X", "POST", "http://localhost:8000/mcp", "-H", "Content-Type: application/json" ] } } ``` ### Option B: Direct Connection (if supported by Claude Desktop) ```json { "kali-security": { "url": "http://localhost:8000" } } ``` ## Step 3: Verify Connection 1. Ensure your Docker container is running: ```bash docker compose ps ``` 2. Test the MCP server endpoint: ```bash curl http://localhost:8000/health ``` 3. Check container logs if needed: ```bash docker compose logs -f kali-mcp-server ``` ## Step 4: Available Tools Your MCP server provides these security tools: - **nmap_scan**: Network scanning and port discovery - **gobuster_dir**: Directory/file enumeration - **wpscan_scan**: WordPress vulnerability scanning - **sqlmap_test**: SQL injection testing - **dirb_scan**: Web content discovery - **enum4linux_scan**: SMB/NetBIOS enumeration - **searchsploit_query**: Exploit database search - **crackmapexec_smb**: SMB credential testing - **john_crack**: Password hash cracking - **hashcat_crack**: GPU-accelerated password cracking - **netcat_connect**: Network connectivity testing - **bloodhound_py**: Active Directory enumeration ## Environment Configuration All environment variables are pre-configured in `docker-compose.yml`: - `MCP_HOST=127.0.0.1`: Server bind address - `MCP_PORT=8000`: Server port (mapped to host) - `MCP_MAX_EXEC_TIME=300`: Command timeout (5 minutes) - `MCP_OUTPUT_LIMIT=10000`: Max output size (10KB) - `MCP_ALLOWED_NETWORKS=`: Network restrictions (empty = no limits) - `WPSCAN_API_TOKEN=`: Optional WPScan vulnerability database token To modify these, edit the `docker-compose.yml` file and rebuild: ```bash docker compose down docker compose up --build -d ``` ## Security Note This MCP server is designed for defensive security testing only. All tools include input validation and sanitization to prevent misuse.