Skillget

zebbern-kali-mcp

mcp
Guvenlik Denetimi
Uyari
Health Uyari
  • No license — Repository has no license file
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 15 GitHub stars
Code Gecti
  • Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Gecti
  • Permissions — No dangerous permissions requested
Purpose:
This MCP server exposes 130+ Kali Linux penetration testing tools to AI assistants, enabling automated security testing and CTF workflows.

Security Assessment:
The tool’s core function is executing shell commands and network requests via tools like Nmap, Metasploit, and Hydra. It handles sensitive operations such as Active Directory exploitation, VPN management, and credential testing. No hardcoded secrets were found, and the light code scan detected no dangerous patterns. No dangerous permissions are requested. However, the nature of the tool inherently involves accessing sensitive data, executing exploits, and pivoting through networks. Overall risk is rated High due to the inherent danger of giving an AI agent unrestricted access to a full pentesting toolkit—this is powerful in the right hands but catastrophic if misconfigured or misused. Use only in isolated, authorized environments.

Quality Assessment:
The project is actively maintained (last push was today). It has a README badge claiming an MIT license, though the automated check flagged a missing license file—verify this before adopting. Community trust is low but present (15 stars). Documentation is thorough, with dedicated guides for Docker, VMs, architecture, security hardening, and troubleshooting.

Verdict:
Use with caution—well-documented and actively maintained, but the high-risk nature of exposing a full pentesting arsenal to AI agents demands strict isolation and careful access controls.
SUMMARY

MCP server for Kali Linux penetration testing - 130 tools for AI-assisted security testing - Giving Agents access to full pentesting tools

README.md

Zebbern Kali MCP Server

A comprehensive Model Context Protocol (MCP) server for Kali Linux penetration testing. This project enables AI assistants (like GitHub Copilot) to directly execute security tools on a Kali Linux system through a standardized API.

Documentation
Tools
License

Features

  • 130+ MCP Tool Functions across 20 modules — complete penetration testing toolkit
  • 22+ External Tools - Nmap, SQLMap, Hydra, Metasploit, Nuclei, and more
  • VPN Management - WireGuard & OpenVPN with auto SOCKS5 proxy for Windows bridging
  • CTF Platform Integration - CTFd & rCTF API support (challenges, flags, scoreboard)
  • Browser Automation - Headless Chromium via Playwright for SPA testing
  • API Security Testing - GraphQL introspection, JWT analysis, FFUF
  • Active Directory Tools - BloodHound, Kerberoasting, Pass-the-Hash, LDAP, netexec, certipy, bloodyAD
  • Network Pivoting - Chisel, SSH tunneling, Ligolo-ng, ProxyChains
  • Container Networking - entrypoint.sh auto-routing, host networking option, TUN auto-creation
  • SSH Audit - Comprehensive SSH server security analysis
  • Evidence Collection - Screenshots, notes, and findings management
  • Session Management - Metasploit sessions, reverse shells, SSH connections

Documentation

Full documentation available in the docs/ folder:

To view docs locally:

pip install mkdocs mkdocs-material
mkdocs serve

Quick Start

Docker + uvx (Recommended)

1. Start the Kali backend:

# Download just the compose file — no full clone needed
curl -sLO https://raw.githubusercontent.com/zebbern/zebbern-kali-mcp/main/docker-compose.yml
docker compose up -d

Linux host networking: For direct host network access (no port mapping needed), also grab docker-compose.host.yml and run docker compose -f docker-compose.yml -f docker-compose.host.yml up -d.

2. Add to VS Code (.vscode/mcp.json or global MCP config):

{
  "servers": {
    "kali-tools": {
      "command": "uvx",
      "args": ["zebbern-kali-mcp"]
    }
  }
}

Restart VS Code — done. uvx auto-downloads the MCP client from PyPI.

Full Docker Guide → — env vars, VPN/SOCKS proxy, image variants, networking details.

Kali VM

git clone https://github.com/zebbern/zebbern-kali-mcp.git
cd zebbern-kali-mcp
sudo ./install.sh

Then point VS Code at your Kali IP — see the guide for MCP config setup.

Full VM Guide → — bash/python/remote/manual install, firewall, systemd service, VS Code config.

Architecture

┌─────────────────┐       HTTP/REST      ┌─────────────────┐
│   VS Code       │ ◄──────────────────► │   Kali Linux    │
│   + Copilot     │                      │   API Server    │
│                 │                      │   (Flask)       │
│   MCP Client    │                      │                 │
│   (Python)      │                      │   Pentest Tools │
└─────────────────┘                      └─────────────────┘

Usage

Once installed, ask your AI assistant to use the Kali tools:

"Scan 10.10.10.5 with nmap"
"Run nuclei against example.com"
"Connect to the HTB VPN and start recon"

The assistant calls tools through the MCP server — no manual commands needed.

API Endpoints → | Workflows → | Tools Reference →

Installed Tools

30+ security tools across reconnaissance, web/API testing, password cracking, exploitation, Active Directory, network pivoting, and security auditing — all pre-installed in Docker or installed via the VM setup script.

Key AD tools: impacket (pinned 0.12.0), bloodyAD, certipy-ad, netexec, krbrelayx, coercer, pywhisker, ldapdomaindump, bloodhound.py. All AD tool paths are resolved dynamically via shutil.which().

Full Tool List →

Security Warning

⚠️ This server provides unrestricted access to powerful penetration testing tools.

  • Only run on isolated networks or authorized test environments
  • Never expose to the public internet
  • Use strong authentication if accessible remotely
  • Ensure you have proper authorization before testing any systems

Troubleshooting

See the Troubleshooting Guide → for common issues (service failures, connection refused, missing tools, VPN/SOCKS proxy).

Contributing

Contributions welcome! Please read Contributing → for guidelines.

Built on the Model Context Protocol

Yorumlar (0)

Sonuc bulunamadi