Kali MCP Server
Provides centralized API token management for GitHub, enabling reconnaissance and security research tasks such as scanning repositories and gathering user information.
Provides centralized API token management for VirusTotal, enabling threat intelligence tasks such as checking file hashes and analyzing domains.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Kali MCP Serverrun a quick nmap scan on scanme.nmap.org"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Kali MCP Server
A Model Context Protocol (MCP) server that provides command execution capabilities in a containerized Kali Linux environment for semi-automated penetration testing and security research capabilities.
Demo
https://github.com/user-attachments/assets/demo.mp4
Watch the Kali MCP Server in action
Related MCP server: Kali MCP Server
Disclaimer
This tool is provided for educational and authorized security testing purposes only. Use at your own risk. The authors are not responsible for any misuse or damage caused by this software. Always ensure you have proper authorization before conducting security assessments.
Features
Containerized Command Execution: Run Kali Linux security tools in a containerized environment
Background Job Management: Long-running commands (>60s) automatically run as background jobs
Interactsh Integration: Out-of-band interaction detection for blind vulnerabilities
Service API Management: Centralized configuration for reconnaissance APIs (GitHub, Shodan, etc.)
Workspace Management: Organized directory structure for pentest artifacts
Requirements
Docker & Docker Compose
MCP-compatible client (Claude Code, Gemini CLI, VS Code with Copilot, etc.)
Quick Start
Start the container:
docker compose up --build -dVerify it's running:
docker ps | grep kali-mcp-serverConfigure your MCP client:
⚠️ IMPORTANT: Disable any built-in terminal or command execution tools in your MCP client to prevent commands from being unintentionally executed on your host system instead of the Kali container. All security tools should run exclusively within the containerized environment for safety and isolation.
Claude Desktop:
claude mcp add --transport stdio kali-mcp-server "docker exec -i kali-mcp-server python3 /app/kali_server.py"Gemini CLI:
gemini mcp add kali-mcp-server "docker exec -i kali-mcp-server python3 /app/kali_server.py"VS Code (Copilot):
Create or edit .vscode/mcp.json in your workspace:
{
"servers": {
"kali-mcp-server": {
"type": "stdio",
"command": "docker",
"args": [
"exec",
"-i",
"kali-mcp-server",
"python3",
"/app/kali_server.py"
]
}
}
}Others
{
"mcpServers": {
"kali-mcp-server": {
"type": "stdio",
"command": "docker",
"args": [
"exec",
"-i",
"kali-mcp-server",
"python3",
"/app/kali_server.py"
],
"env": {}
}
}
}After configuration: Restart your MCP client to load the Kali MCP server.
Available Tools
Core MCP Tools
run_kali_command- Execute commands in Kali environmentget_job_status- Check background job statuslist_background_jobs- List all running jobscancel_job- Cancel a running jobget_workspace_info- Get workspace configuration
Interactsh Tools
start_interactsh- Start out-of-band interaction monitoringget_interactsh_status- Check interactsh worker statuspoll_interactsh- Retrieve recorded interactionsstop_interactsh- Stop interactsh worker
Service Management
get_service_tokens- Get configured API service tokens
Pre-installed Security Tools
Network Scanning:
nmap,masscanWeb Testing:
dirb,ffuf,whatweb,niktoDNS/Domain:
dig,whois,dnsreconUtilities:
curl,wget,jq,exiftoolWordlists:
Seclists
Configuration
Edit config.toml to configure:
Workspace directory structure
Interactsh settings
API service tokens (GitHub, Shodan, VirusTotal, etc.)
Security Notes
Container runs with necessary privileges for security tools
Network tools require elevated capabilities (NET_ADMIN, NET_RAW)
All command execution is contained within the Docker environment
API tokens should be configured securely in production
License
This project is an independent open-source contribution and is not affiliated with, endorsed by, or associated with OffSec or Kali Linux. Kali Linux is a trademark of Offensive Security.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/weirdmachine64/kali-docker-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server