kali-mcp-agent
by lashencf
Overview
Integrate a secure, containerized Kali Linux environment with a local LLM (via LM Studio and MCP) to execute network reconnaissance and penetration testing tools.
Installation
docker run --rm -it kali-mcp-assistantSecurity Notes
Critical command injection vulnerability exists in `run_nmap`, `ping_target`, `run_burpsuite`, and `run_sqlmap` functions. The `target` parameter is directly passed to `subprocess.run()` without any sanitization or quoting. This allows an attacker (or a misaligned LLM) to inject and execute arbitrary shell commands within the Docker container by crafting malicious input for the 'target' argument (e.g., '192.168.1.1; rm -rf /'). While running in a Docker container provides some isolation, this severe flaw can lead to a compromise of the container environment and potential network exposure, undermining the stated goal of 'safely' executing tools. The `run_metasploit` function also misleadingly accepts a 'target' argument in its signature but does not use it in the `subprocess.run` call, which while not an injection point in itself, suggests incomplete or inconsistent design.
Similar Servers
MCP-Kali-Server
Enabling AI-driven offensive security testing by bridging AI agents to a Kali Linux terminal for command execution.
burp-mcp-agents
Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.
insights-mcp
Interacting with Red Hat Lightspeed services like Advisor, Image Builder, Inventory, Planning, Remediations, and Vulnerability to manage RHEL systems and services via a Model Context Protocol (MCP) server.