kali-mcp-server
Verified Safeby andrew-stclair
Overview
This server provides a standardized interface for 22 essential penetration testing tools, designed for integration with AI assistants and automation platforms.
Installation
docker run -p 8080:8080 --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=NET_BIND_SERVICE --read-only --tmpfs /tmp --tmpfs /var/tmp ghcr.io/andrew-stclair/kali-mcp-server/kali-mcp-server:latestSecurity Notes
The project demonstrates robust security hardening. Input is heavily sanitized to prevent command injection, and all tool execution is whitelisted against an explicit ALLOWED_TOOLS list. Tools run via `subprocess.run` with a list of arguments, avoiding shell interpretation. The Docker container runs as a non-root user with a read-only filesystem and temporary filesystems mounted, further restricting potential damage. Each tool execution includes a 300-second timeout. The container requires elevated network capabilities (`NET_RAW`, `NET_ADMIN`, `NET_BIND_SERVICE`), which are necessary for many penetration testing tools but inherently increase risk. However, these are mitigated by the strong input validation and execution controls.
Similar Servers
pentesting-mcp-servers-checklist
Provides a comprehensive checklist for security practitioners to pentest Model Context Protocol (MCP) servers and AI agents.
mcp-security-scanner
A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.
Mcpwn
Automated security testing framework for Model Context Protocol (MCP) servers, detecting RCE, path traversal, prompt injection, and protocol vulnerabilities.
photons
A comprehensive demonstration MCP server showcasing various functionalities of the Photon runtime, including basic data handling, streaming responses, progress reporting, in-memory state management, and interactive UI elements. It serves as a reference for developers building new photons.