Kali MCP Server
JSON →A Kali Linux MCP server providing AI assistants with access to security tools.
Install
pip install -e Tools · 35
- run Execute shell commands in the Kali Linux environment
- fetch Fetch and analyze web content from URLs
- resources List available system resources and command examples
- port_scan Smart nmap wrapper with scan presets (quick, full, stealth, udp, service, aggressive)
- dns_enum Comprehensive DNS enumeration with zone transfer attempts
- network_discovery Multi-stage network reconnaissance and discovery
- subdomain_enum Subdomain enumeration using subfinder, amass, waybackurls
- recon_auto Automated multi-stage reconnaissance pipeline
- vulnerability_scan Automated vulnerability assessment with multiple tools
- web_enumeration Web application discovery and enumeration
- web_audit Comprehensive web application security audit
- spider_website Web crawling and spidering using gospider
- form_analysis Discover and analyze web forms
- header_analysis HTTP header security analysis
- ssl_analysis SSL/TLS security assessment using testssl.sh
- hydra_attack Brute-force credential testing via hydra (SSH, FTP, HTTP, SMB, MySQL, RDP, etc.)
- credential_store Store/retrieve discovered credentials tied to sessions
- payload_generate Generate payloads using msfvenom (reverse shell, bind shell, meterpreter)
- reverse_shell Generate reverse shell one-liners for bash, python, php, perl, powershell, nc, ruby, java
- exploit_search Search for exploits using searchsploit
- encode_decode Multi-format encoding/decoding (base64, URL, hex, HTML, ROT13)
- hash_identify Identify hash types with Hashcat mode and John format lookup
- enum_shares SMB/NFS share enumeration (smbclient, enum4linux, showmount)
- parse_nmap Parse nmap text/XML output into structured JSON findings
- parse_tool_output Parse output from nikto, gobuster, dirb, hydra, or sqlmap
- save_output Save content to timestamped files for evidence collection
- create_report Generate structured reports (markdown, text, JSON)
- file_analysis Analyze files (type detection, strings, hashes, metadata)
- download_file Download files from URLs with hash verification
- session_create Create a new pentest session
- session_list List all sessions with metadata
- session_switch Switch between sessions
- session_status Show current session status
- session_delete Delete a session and its evidence
- session_history Show command history for current session
Links
★ 18 GitHub stars