Kali MCP
Allows execution of HTTP requests using curl, with parameter mapping to command-line flags such as -u and -w.
Provides integration with Kali Linux tools for penetration testing, including reconnaissance, vulnerability analysis, and exploitation. Allows AI agents to run Kali Linux commands through a declarative configuration.
Allows running ZAP (Zed Attack Proxy) scans by adding it as a tool in the configuration, enabling vulnerability scanning of web applications.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Kali MCPrun nikto on https://example.com"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Kali MCP
Config-driven Model Context Protocol server that exposes Kali Linux tools to AI agents (Cursor, Claude Desktop, etc.) using declarative JSON configuration — similar to how Data API Builder (DAB) loads SQL Server entities from dab-config.json.
Built for the UMSS Diplomado en Ciberseguridad monografía: Pruebas de penetración asistidas por agente de inteligencia artificial al portal web de la FCAPyF.
Key idea
DAB (C#) | Kali MCP (Python) |
|
|
Runtime exposes REST endpoints | Runtime exposes MCP tools |
Schema from database metadata | Schema from JSON + |
You declare which tools exist in JSON. At startup (or on demand), the server enriches each tool with:
Man page synopsis, description, and option summary (
manon the Kali host)Installed version (
--version,-V, etc.)Binary path (
which)
No hardcoded per-tool Python endpoints — add nikto, wpscan, or zap by editing the config file.
Related MCP server: Arsenal MCP
Architecture
Local mode (MCP and tools on same Kali host)
flowchart LR
A[Cursor / MCP Client] -->|stdio| B[kali_mcp server]
B --> C[config/kali-mcp.config.json]
B --> D[man introspection]
B --> E[version probe]
B --> F[subprocess executor]
D --> F
E --> F
F --> G[Kali Linux binaries]Remote mode (Cursor on Windows -> Kali VM)
flowchart LR
W[Cursor on Windows] -->|stdio| M[kali_mcp --remote]
M -->|HTTP| A[Kali API server]
A --> C[config/kali-mcp.config.json]
A --> D[man + version on Kali]
A --> E[subprocess executor]
E --> G[Kali Linux binaries]Recommended: SSH tunnel so the API stays bound to 127.0.0.1 on Kali.
Quick start (Kali Linux VM)
cd kali-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
# Option A: MCP server locally on Kali (Cursor also on Kali)
python -m kali_mcp --config config/kali-mcp.config.json
# Option B: HTTP API for remote Windows clients
python -m kali_mcp.api --config config/kali-mcp.config.json --host 127.0.0.1 --port 5000Windows -> Kali setup (recommended)
1. Start API on Kali
cd kali-mcp
source .venv/bin/activate
python -m kali_mcp.api --config config/kali-mcp.config.json --host 127.0.0.1 --port 50002. Open SSH tunnel from Windows
ssh -L 5000:127.0.0.1:5000 user@KALI_IPKeep this terminal open. Traffic to localhost:5000 on Windows is forwarded to Kali.
3. Configure Cursor on Windows
Use cursor-mcp.remote.example.json:
{
"mcpServers": {
"kali-mcp-remote": {
"command": "python",
"args": [
"-m",
"kali_mcp",
"--config",
"F:/diplo/trabajo-final/kali-mcp/config/kali-mcp.config.json",
"--remote",
"http://127.0.0.1:5000"
]
}
}
}Install deps on Windows too:
cd F:\diplo\trabajo-final\kali-mcp
python -m venv .venv
.venv\Scripts\pip install -r requirements.txtPoint Cursor's command to .venv\Scripts\python.exe if needed.
Verify connectivity
curl http://127.0.0.1:5000/healthYou should see JSON with status: healthy and the tool count from Kali.
Quick start (local MCP on Kali only)
cd kali-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
# Start MCP server (stdio) with default config
python -m kali_mcp --config config/kali-mcp.config.jsonCursor configuration
Copy cursor-mcp.example.json into your Cursor MCP settings and adjust the --config path:
{
"mcpServers": {
"kali-mcp": {
"command": "python",
"args": [
"-m",
"kali_mcp",
"--config",
"/absolute/path/to/kali-mcp/config/kali-mcp.config.json"
]
}
}
}Run the server on the Kali VM where the tools are installed, or use remote mode with the API server + SSH tunnel when Cursor runs on Windows.
Configuration
See config/kali-mcp.config.json for the FCAPyF pentest toolset:
Tool | Binary | PTES phase |
| nmap | Reconnaissance |
| whatweb | Reconnaissance |
| sslscan | Vulnerability analysis |
| nikto | Vulnerability analysis |
| wpscan | Vulnerability analysis |
| gobuster | Vulnerability analysis |
| curl | Exploitation / validation |
| bash | Fallback utility |
Adding a tool (DAB-style)
Add an entry to the tools array — no Python changes required:
{
"name": "ffuf_fuzz",
"binary": "ffuf",
"category": "web",
"description": "Fast web fuzzer",
"parameters": [
{
"name": "url",
"description": "Target URL with FUZZ keyword",
"type": "string",
"required": true,
"flag": "-u",
"argStyle": "kv"
},
{
"name": "wordlist",
"description": "Wordlist path",
"type": "string",
"default": "/usr/share/wordlists/dirb/common.txt",
"flag": "-w",
"argStyle": "kv"
}
]
}Restart the MCP server (or call reload_tool_metadata) to pick up config changes.
Parameter argStyle
Style | Behavior | Example |
| Flag + value |
|
| Boolean flag |
|
| Positional arg |
|
| Raw tokens appended |
|
Every tool also accepts additional_args (unless disabled) for extra CLI flags as a single string.
Auto-discover installed tools (generate JSON)
Run on Kali Linux to scan installed binaries and build kali-mcp.config.json automatically. Discovery uses:
Curated catalog — common pentest tools checked via
whichdpkg-query— binaries from installed Kali packagesman -kscan (optional) — broader keyword-based discoverymanintrospection — descriptions and parameter hints at generation time
CLI (on Kali)
# Generate a fresh config from everything installed
python -m kali_mcp.discover --pretty
# Write to a specific file
python -m kali_mcp.discover -o config/kali-mcp.generated.json
# Only web + recon tools
python -m kali_mcp.discover --category web,reconnaissance
# Merge new tools into your existing config (skip duplicates by binary)
python -m kali_mcp.discover --merge config/kali-mcp.config.json -o config/kali-mcp.config.json
# Print JSON to stdout
python -m kali_mcp.discover --stdout --prettyFrom Windows (via remote API on Kali)
curl -X POST http://127.0.0.1:5000/api/config/discover `
-H "Content-Type: application/json" `
-d "{\"categories\":[\"web\",\"reconnaissance\"]}"Or ask the MCP agent to call generate_config_from_installed_tools — in remote mode this delegates to Kali.
Discovery CLI options
python -m kali_mcp.discover --help
-o, --output PATH Output JSON path
--stdout Print JSON to stdout
--merge CONFIG Merge into existing config
--category LIST Comma-separated categories
--no-dpkg Skip dpkg-based discovery
--man-scan Include man -k keyword scan
--man-scan-limit N Max tools from man scan
--pretty Print discovery summary JSONBuilt-in meta tools
MCP tool | Purpose |
| Inventory from JSON + install/version status |
| Full man metadata + configured parameters |
| Refresh man/version cache |
| Auto-build JSON config from installed Kali tools |
CLI options
MCP server (python -m kali_mcp)
python -m kali_mcp --help
--config PATH Path to kali-mcp.config.json
--remote URL Kali API URL for Windows->Kali remote mode
--timeout SECS HTTP timeout when using --remote (default: 300)
--debug Verbose logging
--no-warm-cache Skip man/version pre-load at startupAPI server (python -m kali_mcp.api)
python -m kali_mcp.api --help
--config PATH Path to kali-mcp.config.json
--host ADDR Bind address (default: 127.0.0.1)
--port PORT Bind port (default: 5000)
--debug Flask debug mode
--no-warm-cache Skip man/version pre-load at startupBind to 0.0.0.0 only if you accept direct network exposure (not recommended; prefer SSH tunnel).
Comparison with example-mcp
The reference MCP-Kali-Server project hardcodes Flask routes and MCP tool wrappers per utility. Kali MCP generalizes that pattern:
Before: one Python function per tool (
nmap(),nikto(), …)After: one registry loads N tools from JSON, enriches from
man, executes via argv (no shell)
Security
Commands run with
shell=False(argv list only)Safety instructions are injected into MCP server context
run_commandis a last-resort escape hatch — prefer dedicated tool entriesOnly use against targets you are authorized to test
License
MIT — see LICENSE.
Disclaimer
For authorized security testing and academic research only.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/JoelSoliz/kali-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server