Made a containerized Kali MCP server that enables semi-autonomous pentesting

A Model Context Protocol (MCP) server that provides command execution capabilities in a containerized Kali Linux environment for semi-automated penetration testing and security research capabilities.

Watch the Kali MCP Server in action

This tool is provided for educational and authorized security testing purposes only. Use at your own risk. The authors are not responsible for any misuse or damage caused by this software. Always ensure you have proper authorization before conducting security assessments.

• Containerized Command Execution: Run Kali Linux security tools in a containerized environment
• Background Job Management: Long-running commands (>60s) automatically run as background jobs
• Interactsh Integration: Out-of-band interaction detection for blind vulnerabilities
• Service API Management: Centralized configuration for reconnaissance APIs (GitHub, Shodan, etc.)
• Workspace Management: Organized directory structure for pentest artifacts

• Docker & Docker Compose
• MCP-compatible client (Claude Code, Gemini CLI, VS Code with Copilot, etc.)

1. Start the container:

   docker compose up --build -d

2. Verify it's running:

   docker ps | grep kali-mcp-server

3. Configure your MCP client:

   ⚠️ IMPORTANT: Disable any built-in terminal or command execution tools in your MCP client to prevent commands from being unintentionally executed on your host system instead of the Kali container. All security tools should run exclusively within the containerized environment for safety and isolation.

Claude Desktop:

Gemini CLI:

VS Code (Copilot):

Create or edit .vscode/mcp.json in your workspace:

Others

After configuration: Restart your MCP client to load the Kali MCP server.

• run_kali_command - Execute commands in Kali environment
• get_job_status - Check background job status
• list_background_jobs - List all running jobs
• cancel_job - Cancel a running job
• get_workspace_info - Get workspace configuration

• start_interactsh - Start out-of-band interaction monitoring
• get_interactsh_status - Check interactsh worker status
• poll_interactsh - Retrieve recorded interactions
• stop_interactsh - Stop interactsh worker

• get_service_tokens - Get configured API service tokens

• Network Scanning: nmap, masscan
• Web Testing: dirb, ffuf, whatweb, nikto
• DNS/Domain: dig, whois, dnsrecon
• Utilities: curl, wget, jq, exiftool
• Wordlists: Seclists

Edit config.toml to configure:

• Workspace directory structure
• Interactsh settings
• API service tokens (GitHub, Shodan, VirusTotal, etc.)

• Container runs with necessary privileges for security tools
• Network tools require elevated capabilities (NET_ADMIN, NET_RAW)
• All command execution is contained within the Docker environment
• API tokens should be configured securely in production

This project is an independent open-source contribution and is not affiliated with, endorsed by, or associated with OffSec or Kali Linux. Kali Linux is a trademark of Offensive Security.