Aircrack-ng MCP Server

A Model Context Protocol (MCP) server that provides WiFi security auditing capabilities using the aircrack-ng suite. Commands are executed on a remote Kali Linux system via SSH, enabling AI assistants to perform authorized wireless security assessments.

Features

• Monitor Mode Management - Enable/disable monitor mode on wireless interfaces

• Network Discovery - Scan and enumerate wireless networks with detailed information

• Packet Capture - Capture packets from targeted access points (background operation)

• Handshake Capture - Deauthentication attacks to capture WPA/WPA2 handshakes

• Password Cracking - Attempt to crack captured handshakes using wordlists

• Remote Execution - All operations run on a remote Kali system via SSH

Prerequisites

• Kali Linux System - With aircrack-ng suite installed

• SSH Access - Passwordless SSH recommended (key-based authentication)

• Wireless Adapter - Compatible adapter that supports monitor mode and packet injection

• Node.js - Version 18 or higher

Installation

# Clone the repository
git clone https://github.com/schwarztim/sec-aircrack-ng-mcp.git
cd sec-aircrack-ng-mcp

# Install dependencies
npm install

# Build the TypeScript code
npm run build

Configuration

Configure the server using environment variables:

Claude Desktop Configuration

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "aircrack-ng": {
      "command": "node",
      "args": ["/path/to/sec-aircrack-ng-mcp/dist/index.js"],
      "env": {
        "KALI_HOST": "192.168.1.100",
        "SSH_USER": "kali",
        "SSH_KEY": "/path/to/ssh/key"
      }
    }
  }
}

Available Tools

Connection & Setup

Scanning & Capture

Attacks

Cracking

Utilities

Typical Workflow

A typical WPA/WPA2 security assessment workflow:

1. test_connection              # Verify SSH connectivity and aircrack-ng
2. airmon_check                 # List available wireless interfaces
3. airmon_check_kill            # Kill interfering processes
4. airmon_start(wlan0)          # Enable monitor mode -> wlan0mon
5. airodump_scan(wlan0mon, 30)  # Scan for networks (30 seconds)
6. airodump_capture(...)        # Start capturing target network
7. aireplay_deauth(...)         # Deauth to force handshake
8. aircrack_check_handshake(...) # Verify handshake captured
9. aircrack_crack(...)          # Attempt to crack password
10. airodump_stop(...)          # Stop the capture
11. airmon_stop(wlan0mon)       # Restore managed mode

Security Considerations

• Authorization Required - Only use on networks you own or have explicit written permission to test

• SSH Security - Use key-based authentication and restrict SSH access

• Capture Files - Captured data may contain sensitive information; handle appropriately

• Legal Compliance - Ensure compliance with local laws and regulations

Legal Notice

WARNING: Unauthorized access to computer networks is illegal in most jurisdictions.

This tool is intended exclusively for:

• Authorized penetration testing

• Security research on networks you own

• Educational purposes in controlled environments

The authors assume no liability for misuse of this software. Users are solely responsible for ensuring they have proper authorization before conducting any security testing.

Development

# Watch mode for development
npm run dev

# Build for production
npm run build

# Run the server
npm start

License

This project is licensed under the MIT License - see the LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Acknowledgments

• Aircrack-ng Team - For the excellent wireless security suite

• Model Context Protocol - For the MCP specification

• Anthropic - For Claude and the MCP ecosystem