reconbox-mcp
Enables running Kali Linux penetration-testing tools (e.g., nmap, sqlmap, ffuf) inside a Docker container for network scanning, web testing, and service enumeration.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@reconbox-mcpScan scanme.nmap.org for open ports"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Kali MCP Server
An MCP (Model Context Protocol) server that enables Claude to run Kali Linux
penetration-testing tools — such as nmap, sqlmap, and ffuf — without
installing them on the host machine. All tools run inside an isolated Kali
Linux Docker container, keeping the host system clean and the tooling
self-contained.
Compatible with any Linux distribution that supports Docker.
Table of Contents
Related MCP server: Kali MCP Server
1. Overview
This project connects Claude Code to a suite of penetration-testing tools through three components:
Claude Code — the AI assistant running on the host machine.
MCP server (
server.py) — a lightweight bridge that receives tool requests from Claude and executes them inside the container.Kali container — an isolated environment containing the security tools.
When Claude invokes a tool, the request flows through the MCP server, which
runs the corresponding command inside the container via docker exec and
returns the output.
2. Architecture
User → Claude Code → server.py (MCP) → Kali container
(tools execute here)Layer | Location | Responsibility |
Claude Code | Host | Interprets user requests, calls tools |
MCP server | Host | Bridges Claude and the container |
Kali container | Docker (host) | Executes the actual security tools |
This design isolates all tooling within the container. The host machine requires only Docker and Python.
3. Prerequisites
Docker Engine and Docker Compose v2 (
docker compose)Python 3.10 or later
Claude Code
Verify your environment:
docker --version
docker compose version
python3 --version4. Project Structure
File | Description |
| Defines the Kali image and installed tools |
| Builds and runs the container ( |
| The MCP server; exposes one function per tool |
| Python dependencies ( |
| Claude Code MCP server configuration |
| Python virtual environment containing dependencies |
5. Installation
Complete these steps once to set up the project.
Step 1 — Set up the Python environment
cd /home/hafizfarhad/Documents/kali-mcp
python3 -m venv .venv
./.venv/bin/pip install -r requirements.txtStep 2 — Build the Kali container image
docker compose buildThis downloads the Kali base image and installs the security tools. The first build may take several minutes.
Step 3 — Start the container
docker compose up -dThe container now runs in the background under the name kali-tools.
Step 4 — Verify the setup
docker compose psThe kali-tools container should be listed with status running.
6. Usage
Step 1 — Ensure the container is running
cd /home/hafizfarhad/Documents/kali-mcp
docker compose up -dStep 2 — Launch Claude Code from the project directory
claudeClaude Code automatically detects the kali server defined in .mcp.json.
Step 3 — Approve the MCP server
Inside Claude Code, run:
/mcpLocate the kali server and approve it. This is required only on first use.
Step 4 — Issue requests in natural language
Claude selects and runs the appropriate tool automatically. Examples:
"Run an nmap scan against
scanme.nmap.org.""Fingerprint the web technologies used by
https://example.com.""Check
http://testsite.local/page?id=1for SQL injection."
Stopping the container
docker compose stop # pause the container (faster restart later)
docker compose down # stop and remove the container7. Available Tools
Network scanning
Tool | Purpose |
| Network and port scanning (default options: |
| TCP connect verification (open/closed port checks) |
| Run nmap NSE scripts (mssql, oracle, ipmi, rdp, smtp, …) |
| Convert nmap XML output into an HTML report (xsltproc) |
DNS / OSINT
Tool | Purpose |
| Domain/IP WHOIS registration lookup |
| DNS record lookups, zone transfers (AXFR), |
| Passive subdomain enumeration |
| DNS resolution and brute-forcing |
Web
Tool | Purpose |
| HTTP/HTTPS probing (ProjectDiscovery Go build, |
| Web technology fingerprinting |
| Fetch known/historical URLs ( |
| Web fuzzing / content discovery (use |
| Directory, DNS, and virtual-host brute-forcing |
| Web server vulnerability scanning |
| SQL injection detection and exploitation ( |
Service enumeration
Tool | Purpose |
| List SMB shares (null session by default) |
| Query MSRPC (users, groups, server info) |
| Enumerate SMB shares and access permissions |
| All-in-one SMB/Windows enumeration ( |
| List NFS exports |
| List rsync modules / files |
| Brute-force SNMP community strings |
| Walk an SNMP tree |
| Audit SSH algorithms and known weaknesses |
| Run a single SQL query (MySQL/MariaDB, non-interactive) |
| Authenticated SMB/WinRM/LDAP/MSSQL/… enumeration ( |
| Dump the MSRPC endpoint mapper ( |
Generic helpers
Tool | Purpose |
| HTTP(S) requests |
| Inspect TLS/SSL (certs, protocols; STARTTLS for smtp/imap/…) |
| Filter/transform JSON |
| Runs an arbitrary command in the container (for unlisted tools) |
8. Extending the Toolset
Temporary (no rebuild required)
Ask Claude to install a package via kali_shell, for example:
apt-get update && apt-get install -y amass. Packages installed this way are
lost when the container is removed (docker compose down).
Permanent
Add the package to the
Dockerfile.Rebuild and restart:
docker compose build && docker compose up -d
To expose a new tool as a dedicated MCP function, duplicate one of the
@mcp.tool() wrappers in server.py.
9. Configuration Reference
Command timeout — Long-running commands are terminated after
DEFAULT_TIMEOUT(300 seconds). Adjust this value inserver.py.Network mode — The container uses Docker's default bridge network. To scan hosts on the local network directly, set
network_mode: hostindocker-compose.yml.Container name — Defined as
kali-toolsin bothdocker-compose.ymlandserver.py. Keep these values in sync if changed.
10. Legal & Ethical Notice
These tools must only be used against systems you own or for which you have explicit written authorization (for example, a personal lab, a Capture The Flag exercise, or a sanctioned penetration test). Unauthorized use against third-party systems is illegal. The authors assume no liability for misuse.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/hafizfarhad/reconbox-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server