Kali_MCP_server
Verified Safeby kp18-cpu
Overview
Provides an interface for AI assistants to perform web application penetration testing using Kali Linux tools.
Installation
docker mcp run pentestEnvironment Variables
- PENTEST_MAX_TIMEOUT
- PENTEST_ALLOWED_TARGETS
Security Notes
The server implements robust input sanitization to prevent command injection and strong target validation, restricting scans by default to localhost and private IP ranges. It also allows configurable allowed targets. Commands are executed with timeouts and the README states it runs as a non-root user in a container. While these measures significantly mitigate risk, the inherent nature of running penetration testing tools means careful usage and adherence to legal authorization are critical.
Similar Servers
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
mcp-pentest
An AI-driven middleware to orchestrate and manage penetration testing tools and engagements.
pentest-mcp
Provides a comprehensive server environment for professional penetration testing, integrating tools like Nmap, Gobuster, Nikto, and John the Ripper for network and web vulnerability scanning, and password cracking.
VulneraMCP
An AI-powered platform for automated security testing, vulnerability research, and bug bounty hunting.