MCP Kali

MCP Kali provides access to Kali Linux security tools through the Model Context Protocol, enabling advanced penetration testing capabilities.

📸 SCREENSHOT: mcp-kali-tools.png

MCP Kali available tools

Overview

MCP Kali provides:

Network reconnaissance tools
Vulnerability scanners
Exploitation frameworks
Password cracking utilities
Web application testing tools
Wireless testing tools

Installation

From npm

npm install -g @cyberstrike/mcp-kali

Configuration

{
  "mcp": {
    "servers": {
      "kali": {
        "command": "npx",
        "args": ["-y", "@cyberstrike/mcp-kali"]
      }
    }
  }
}

Docker Installation

{
  "mcp": {
    "servers": {
      "kali": {
        "command": "docker",
        "args": ["run", "-i", "--rm", "--network=host", "cyberstrike/mcp-kali"]
      }
    }
  }
}

Available Tools

Network Reconnaissance

Tool	Description
nmap	Network scanner
masscan	Fast port scanner
netdiscover	Network discovery
arp-scan	ARP scanning

Vulnerability Scanning

Tool	Description
nuclei	Template-based scanner
nikto	Web server scanner
wpscan	WordPress scanner
sqlmap	SQL injection tool

Exploitation

Tool	Description
metasploit	Exploitation framework
searchsploit	Exploit database
msfvenom	Payload generator

Password Attacks

Tool	Description
hydra	Online cracker
john	Offline cracker
hashcat	GPU cracker
crackmapexec	Network attacks

Web Testing

Tool	Description
ffuf	Web fuzzer
gobuster	Directory scanner
wfuzz	Web fuzzer
burpsuite	Web proxy

Usage Examples

Network Scanning

> Use nmap to scan 192.168.1.0/24 for open ports

Executes:

nmap -sV -sC 192.168.1.0/24

Vulnerability Scanning

> Run nuclei templates against https://target.com

Executes:

nuclei -u https://target.com -t cves/ -t misconfigurations/

SQL Injection

> Test https://target.com/page?id=1 for SQL injection

Executes:

sqlmap -u "https://target.com/page?id=1" --batch --dbs

Password Cracking

> Crack the password hashes in hashes.txt using rockyou wordlist

Executes:

john --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt

Directory Enumeration

> Find hidden directories on https://target.com

Executes:

ffuf -u https://target.com/FUZZ -w /usr/share/wordlists/dirb/common.txt

Tool Categories

Information Gathering

> Perform reconnaissance on target.com

Uses:

nmap for port scanning
whois for domain info
dig for DNS records
subfinder for subdomains

Vulnerability Analysis

> Scan target for known vulnerabilities

Uses:

nuclei for CVE detection
nikto for web vulnerabilities
nmap NSE scripts
searchsploit for exploits

Exploitation

> Exploit the Apache vulnerability on target

Uses:

metasploit modules
custom exploit scripts
msfvenom for payloads

Post-Exploitation

> Enumerate the compromised system

Uses:

Local enumeration scripts
Privilege escalation checks
Credential harvesting

Configuration

Tool Paths

{
  "mcp": {
    "servers": {
      "kali": {
        "command": "mcp-kali",
        "env": {
          "NMAP_PATH": "/usr/bin/nmap",
          "NUCLEI_PATH": "/usr/bin/nuclei",
          "WORDLIST_DIR": "/usr/share/wordlists"
        }
      }
    }
  }
}

Timeout Settings

{
  "mcp": {
    "servers": {
      "kali": {
        "command": "mcp-kali",
        "env": {
          "NMAP_TIMEOUT": "3600",
          "NUCLEI_TIMEOUT": "1800"
        }
      }
    }
  }
}

Output Directory

{
  "mcp": {
    "servers": {
      "kali": {
        "command": "mcp-kali",
        "env": {
          "OUTPUT_DIR": "/tmp/cyberstrike-scans"
        }
      }
    }
  }
}

Wordlists

Included Wordlists

rockyou.txt
common.txt
dirb wordlists
SecLists (optional)

Custom Wordlists

> Use custom wordlist /path/to/wordlist.txt for fuzzing

Download SecLists

git clone https://github.com/danielmiessler/SecLists.git /opt/SecLists

Permissions

Dangerous Operations

Some tools require explicit permission:

Tool	Risk Level
nmap	Low
nuclei	Medium
sqlmap	High
metasploit	Critical

Auto-Approve

{
  "permissions": {
    "allow": [
      "mcp-kali/nmap *",
      "mcp-kali/nuclei *"
    ]
  }
}

Deny List

{
  "permissions": {
    "deny": [
      "mcp-kali/metasploit *",
      "mcp-kali/msfvenom *"
    ]
  }
}

Troubleshooting

Tool Not Found

Error: Tool not found: nmap

Install missing tools:

apt install nmap

Permission Denied

Error: Permission denied

Some tools need root:

sudo cyberstrike

Or use Docker with --privileged.

Timeout

Error: Tool execution timeout

Increase timeout or run in background.

Danger

Only use MCP Kali tools against authorized targets. Unauthorized penetration testing is illegal.

MCP Overview - MCP basics
Internal Network Agent - Network testing
Permissions - Tool permissions

MCP Kali

Overview

Installation

From npm

Configuration

Docker Installation

Available Tools

Network Reconnaissance

Vulnerability Scanning

Exploitation

Password Attacks

Web Testing

Usage Examples

Network Scanning

Vulnerability Scanning

SQL Injection

Password Cracking

Directory Enumeration

Tool Categories

Information Gathering

Vulnerability Analysis

Exploitation

Post-Exploitation

Configuration

Tool Paths

Timeout Settings

Output Directory

Wordlists

Included Wordlists

Custom Wordlists

Download SecLists

Permissions

Dangerous Operations

Auto-Approve

Deny List

Troubleshooting

Tool Not Found

Permission Denied

Timeout

Related Documentation