kali-tools-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@kali-tools-mcpscan example.com for open ports using nmap"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Kali Tools MCP Server (Docker)
This project builds a hardened Docker image containing:
A Node.js MCP server (Streamable HTTP transport)
A selected security toolset (
nmap,sqlmap,dig,whois,openssl,curl,netcat,dnsutils, plus Chromium for browser exploration)
Installation & Setup
Prerequisites
Docker (for containerized deployment)
Node.js 18+ (for local development)
npm
Install dependencies
npm installRelated MCP server: Kali MCP Server
Build the Docker image
docker build -t kali-tools-mcp:latest .Run the server
Option 1: Local development
npm startBy default, the server listens on http://0.0.0.0:3000. Override with environment variables:
HOST=127.0.0.1 PORT=8080 npm startOption 2: Docker (detached)
docker run -d --name kali-tools-mcp --rm -p 3000:3000 kali-tools-mcp:latestOption 3: Docker (hardened runtime)
docker run -d --name kali-tools-mcp --rm \
-p 3000:3000 \
--read-only \
--tmpfs /tmp:rw,noexec,nosuid,size=64m \
--cap-drop ALL \
--security-opt no-new-privileges:true \
--pids-limit 256 \
--memory 512m \
--cpus 1.0 \
kali-tools-mcp:latestHealth check
curl http://localhost:3000/healthStop the container
docker stop kali-tools-mcpMCP Configuration
Endpoint
http://localhost:3000/mcpExample MCP client config
Use this in an MCP-compatible client that supports Streamable HTTP servers:
{
"mcpServers": {
"kali-tools": {
"type": "streamable-http",
"url": "http://localhost:3000/mcp"
}
}
}Exposed Tools
Reconnaissance & Discovery
nmap_scan: Runnmapwith a controlled set of options (-sV,-sT,-Pn,-A,-F)dig_lookup: Resolve DNS records viadig(A, AAAA, CNAME, MX, TXT, NS)whois_lookup: Fetch WHOIS information for a domain
Web & TLS Analysis
http_headers_check: Fetch HTTP response headers from a URL (supports redirect following and insecure TLS)website_explore: Open a website in Playwright and return a structured summary of the pagewebsite_interact_form: Fill form fields in Playwright and optionally submit the formplaywright_cli: Run bounded Playwright CLI commands (--version,install,screenshot,pdf,show-trace)tls_certificate_check: Inspect TLS certificate and handshake details for a hostnmap_ssl_cipher_scan: Enumerate supported TLS ciphers on a target
Vulnerability Scanning
sqlmap_url_scan: Run a boundedsqlmapcheck against a URLnmap_vuln_scan: Runnmapvulnerability NSE scripts against a host
Configuration & Limits
Tool timeout: 60 seconds (120 seconds for vulnerability scans)
Max output: 12,000 characters (truncated if exceeded)
Max buffer: 10 MB per execution
Options constraints: Commands enforce strict argument whitelisting to prevent abuse
Security & Authorization
⚠️ Important: Run scans only on systems you own or have explicit written permission to test.
The image uses a slim base and runs as a non-root user.
The server limits command arguments and output size to reduce abuse and accidental overload.
All tool executions are bounded by timeouts and resource constraints.
Environment variables default to listening on all interfaces (
0.0.0.0); restrict to127.0.0.1for local-only access.
Development
Project structure
.
├── Dockerfile # Container definition
├── package.json # Node.js dependencies & metadata
├── README.md # This file
└── src/
└── server.js # MCP server implementationLicense & Disclaimer
Use responsibly. The authors are not responsible for misuse of this software. Ensure all scans are authorized.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/M-Samuel/kali-local-agent'
If you have feedback or need assistance with the MCP directory API, please join our Discord server