Kali-mcp
by HrskiEsa
Overview
Exposes a Linux shell, specifically Kali Linux penetration testing tools, as an MCP-accessible API for AI assistants and automation workflows.
Installation
python3 server.pySecurity Notes
The server uses `subprocess.run(cmd, shell=True)` and exposes an `execute_command` tool that allows an MCP client to execute *any* raw shell command. This is a critical security vulnerability, enabling arbitrary code execution on the host machine. While helper functions attempt to wrap specific tools, the underlying `shell=True` mechanism, especially coupled with `--privileged` and `--network host` in the example Docker setup, creates a severe attack surface. Command injection is highly probable if input parameters are not rigorously sanitized.
Similar Servers
wcgw
Empowering chat applications to code, build, and run on your local machine by providing tightly integrated shell and code editing tools.
mcp
The MCP Server provides an AI-powered framework for command execution, plugin-based tools, secure Python evaluation, and knowledge management, designed for standalone or embedded use.
mcp-bash-framework
A Bash-based framework for building and running Micro-service Context Protocol (MCP) servers, enabling the creation of custom AI-integrable tools, resources, prompts, and completions.
kali-mcp-server
Enables AI assistants to perform authorized penetration testing and security assessments by exposing Kali Linux security tools through an AI-friendly interface.