Kali Linux
MCP server for Kali Linux penetration testing - 130 tools for AI-assisted security testing - Giving Agents access to full pentesting tools
What is Kali Linux?
Kali Linux is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for kali linux penetration testing - 130 tools for ai-assisted security testing - giving agents access to full pentesting tools
MCP server for Kali Linux penetration testing - 130 tools for AI-assisted security testing - Giving Agents access to full pentesting tools
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- MCP server for Kali Linux penetration testing - 130 tools fo
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx zebbern-kaliConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Kali Linux
Zebbern Kali MCP Server packages over 130 Kali Linux penetration testing tools into a Docker container and exposes them as MCP tools, enabling AI agents to conduct AI-assisted security testing through natural language. The server covers 17 modules including network scanning, web application testing, Active Directory attacks, payload generation, VPN management, and forensics. Security professionals can drive full pentest workflows — from reconnaissance through exploitation — by conversing with Claude or any MCP-compatible agent.
Prerequisites
- Docker and Docker Compose installed on your system
- uvx (from the uv Python package manager) installed for the MCP bridge
- Claude Desktop, VS Code with MCP support, or another MCP-compatible client
- Authorization to perform penetration testing on target systems — this tool must only be used on systems you own or have explicit written permission to test
- Sufficient disk space for the Kali Linux Docker image (~3-5 GB)
Download the docker-compose file
Fetch the official docker-compose.yml which sets up the Kali container with all 130+ tools and the Flask API bridge.
curl -sLO https://raw.githubusercontent.com/zebbern/zebbern-kali-mcp/main/docker-compose.ymlStart the Kali container
Launch the container in detached mode. The first run will pull the full Kali image which may take several minutes.
docker compose up -dVerify the API is running
The Flask API server listens on port 5000 by default. Confirm it is up before connecting your MCP client.
curl http://127.0.0.1:5000/healthAdd the server to VS Code MCP configuration
Add the kali-tools server to your VS Code MCP settings file. The uvx command acts as the MCP bridge to the running container.
{
"servers": {
"kali-tools": {
"command": "uvx",
"args": ["zebbern-kali-mcp"]
}
}
}Configure optional environment variables
Customize port, timeout, VPN directory, and network routing via environment variables in docker-compose.yml or your shell.
API_PORT=5000
DEBUG_MODE=0
BLOCKING_TIMEOUT=30
VPN_DIR=./vpn
KALI_API_URL=http://127.0.0.1:5000Run your first scan
With the container running and MCP client connected, start a basic nmap scan through natural language.
Kali Linux Examples
Client configuration
VS Code MCP configuration for the Zebbern Kali server using uvx as the bridge to the running Docker container.
{
"servers": {
"kali-tools": {
"command": "uvx",
"args": ["zebbern-kali-mcp"],
"env": {
"KALI_API_URL": "http://127.0.0.1:5000",
"BLOCKING_TIMEOUT": "60"
}
}
}
}Prompts to try
Example prompts for common penetration testing tasks using the 17 module categories.
- "Scan 10.10.10.5 with nmap for open ports and service versions"
- "Run nuclei against https://target.example.com and report critical findings"
- "Enumerate subdomains of example.com using subfinder and httpx"
- "Connect to the HTB VPN using the config in ./vpn/htb.ovpn and start reconnaissance on 10.10.11.100"
- "Enumerate Active Directory with BloodHound against dc01.corp.local"
- "Start a reverse shell listener on port 4444"Troubleshooting Kali Linux
docker compose up fails with permission denied or port conflict
Run 'docker compose up -d' with sudo if needed, or change API_PORT in docker-compose.yml if port 5000 is in use. Check with 'lsof -i :5000' to identify conflicts.
uvx command not found
Install uv first with 'curl -LsSf https://astral.sh/uv/install.sh | sh', then restart your terminal. The uvx command is bundled with uv.
Tool commands time out during long-running scans
Increase the BLOCKING_TIMEOUT environment variable (default is 30 seconds). For scans like masscan or amass that can run for minutes, set BLOCKING_TIMEOUT=300 or higher in your docker-compose.yml.
Frequently Asked Questions about Kali Linux
What is Kali Linux?
Kali Linux is a Model Context Protocol (MCP) server that mcp server for kali linux penetration testing - 130 tools for ai-assisted security testing - giving agents access to full pentesting tools It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Kali Linux?
Follow the installation instructions on the Kali Linux GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Kali Linux?
Kali Linux works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Kali Linux free to use?
Yes, Kali Linux is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Kali Linux Alternatives — Similar Security Servers
Looking for alternatives to Kali Linux? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Kali Linux in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Kali Linux?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.