Kali_MCP_server
Verified Safeby kp18-cpu
Overview
Provides an interface for AI assistants to perform web application penetration testing using Kali Linux tools.
Installation
docker mcp run pentestEnvironment Variables
- PENTEST_MAX_TIMEOUT
- PENTEST_ALLOWED_TARGETS
Security Notes
The server implements robust input sanitization to prevent command injection and strong target validation, restricting scans by default to localhost and private IP ranges. It also allows configurable allowed targets. Commands are executed with timeouts and the README states it runs as a non-root user in a container. While these measures significantly mitigate risk, the inherent nature of running penetration testing tools means careful usage and adherence to legal authorization are critical.
Similar Servers
MCP-Kali-Server
Enabling AI-driven offensive security testing by bridging AI agents to a Kali Linux terminal for command execution.
burp-mcp-agents
Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.