Mcp Kali Server
What is Mcp Kali Server
MCP-Kali-Server is a lightweight API bridge that connects MCP Clients to a Linux machine, enabling the execution of terminal commands and facilitating AI-assisted penetration testing.
Use cases
Use cases include automating common security tasks, solving CTF challenges in real time, and interacting with web applications to capture flags using tools like curl and nmap.
How to use
To use MCP-Kali-Server, clone the repository from GitHub, install the necessary dependencies, and run the server on your Linux machine. Connect your MCP Clients to the API to execute commands.
Key features
Key features include AI endpoint integration, a command execution API for terminal commands, support for web challenges, and a design tailored for offensive security professionals.
Where to use
MCP-Kali-Server is used in fields such as cybersecurity, penetration testing, and CTF (Capture The Flag) competitions, particularly by red teamers and bug bounty hunters.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Mcp Kali Server
MCP-Kali-Server is a lightweight API bridge that connects MCP Clients to a Linux machine, enabling the execution of terminal commands and facilitating AI-assisted penetration testing.
Use cases
Use cases include automating common security tasks, solving CTF challenges in real time, and interacting with web applications to capture flags using tools like curl and nmap.
How to use
To use MCP-Kali-Server, clone the repository from GitHub, install the necessary dependencies, and run the server on your Linux machine. Connect your MCP Clients to the API to execute commands.
Key features
Key features include AI endpoint integration, a command execution API for terminal commands, support for web challenges, and a design tailored for offensive security professionals.
Where to use
MCP-Kali-Server is used in fields such as cybersecurity, penetration testing, and CTF (Capture The Flag) competitions, particularly by red teamers and bug bounty hunters.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
MCP Kali Server
Kali MCP Server is a lightweight API bridge that connects MCP Clients (e.g: Claude Desktop, 5ire) to the API server which allows excuting commands on a Linux terminal.
This allows the MCP to run terminal commands like nmap, nxc or any other tool, interact with web applications using tools like curl, wget, gobuster.
And perform AI-assisted penetration testing, solving CTF web challenge in real time, helping in solving machines from HTB or THM.
My Medium Article on This Tool
👉 How MCP is Revolutionizing Offensive Security
🔍 Use Case
The goal is to enable AI-driven offensive security testing by:
- Letting the MCP interact with AI endpoints like OpenAI, Claude, DeepSeek, or any other models.
- Exposing an API to execute commands on a Kali machine.
- Using AI to suggest and run terminal commands to solve CTF challenges or automate recon/exploitation tasks.
- Allowing MCP apps to send custom requests (e.g.,
curl,nmap,ffuf, etc.) and receive structured outputs.
Here are some example for my testing (I used google’s AI gemini 2.0 flash)
Example solving my web CTF challenge in RamadanCTF
https://github.com/user-attachments/assets/dc93b71d-9a4a-4ad5-8079-2c26c04e5397
Trying to solve machine “code” from HTB
https://github.com/user-attachments/assets/3ec06ff8-0bdf-4ad5-be71-2ec490b7ee27
🚀 Features
- 🧠 AI Endpoint Integration: Connect your kali to any MCP of your liking such as claude desktop or 5ier.
- 🖥️ Command Execution API: Exposes a controlled API to execute terminal commands on your Kali Linux machine.
- 🕸️ Web Challenge Support: AI can interact with websites and APIs, capture flags via
curland any other tool AI the needs. - 🔐 Designed for Offensive Security Professionals: Ideal for red teamers, bug bounty hunters, or CTF players automating common tasks.
🛠️ Installation
On your Linux Machine (Will act as MCP Server)
git clone https://github.com/Wh0am123/MCP-Kali-Server.git
cd MCP-Kali-Server
python3 kali_server.py
On your MCP Client (You can run on Windows or Linux)
- You will want to run
python3 /absolute/path/to/mcp_server.py http://LINUX_IP:5000
Configuration for claude desktop:
edit (C:\Users\USERNAME\AppData\Roaming\Claude\claude_desktop_config.json)
{
"mcpServers": {
"kali_mcp": {
"command": "python3",
"args": [
"/absolute/path/to/mcp_server.py",
"http://LINUX_IP:5000/"
]
}
}
}Configuration for 5ire Desktop Application:
- Simply add an MCP with the command
python3 /absolute/path/to/mcp_server.py http://LINUX_IP:5000and it will automatically generate the needed configuration files.
🔮 Other Possibilities
There are more possibilites than described since the AI model can now execute commands on the terminal. Here are some example:
-
Memory forensics using Volatility
- Automating memory analysis tasks such as process enumeration, DLL injection checks, and registry extraction from memory dumps.
-
Disk forensics with SleuthKit
- Automating analysis from disk images, timeline generation, file carving, and hash comparisons.
⚠️ Disclaimer:
This project is intended solely for educational and ethical testing purposes. Any misuse of the information or tools provided — including unauthorized access, exploitation, or malicious activity — is strictly prohibited.
The author assumes no responsibility for misuse.
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
