Kali MCP Server

A comprehensive Model Context Protocol (MCP) server that exposes popular Kali Linux security tools as MCP tools. This server allows AI assistants and other MCP clients to execute security reconnaissance and testing tools in a controlled manner.

🚀 Features

This MCP server provides access to 40+ security tools across multiple categories:

📡 Network Reconnaissance

• whois - WHOIS domain/IP lookups
• dig - DNS record queries
• dnsenum - DNS enumeration
• dnsrecon - DNS reconnaissance
• nmap - Network port scanning
• masscan - High-speed port scanning
• unicornscan - Asynchronous network scanning
• zmap - Internet-wide network scanning
• ike-scan - IKE/IPSec VPN scanning

🌐 Web Reconnaissance

• whatweb - Web application fingerprinting
• wafw00f - Web Application Firewall detection
• dirb - Web content directory scanning
• gobuster - Directory/DNS/VHost fuzzing
• feroxbuster - Fast recursive content discovery
• nikto - Web vulnerability scanning
• wfuzz - Web application fuzzing
• arachni - Web application security scanning

🔍 Enumeration

• enum4linux - Windows/Samba enumeration
• enum4linux-ng - Next-gen Windows/Samba enumeration
• smbmap - SMB share enumeration
• rpcclient - MS-RPC enumeration
• snmpwalk - SNMP enumeration
• ldapsearch - LDAP directory searches

📶 Wireless Security

• airmon-ng - Monitor mode management
• airodump-ng - 802.11 packet capture
• wash - WPS-enabled AP scanner
• kismet - Wireless network detection
• bettercap - Network reconnaissance framework

🔐 SSL/Network Tools

• netcat - Network connections utility
• curl - HTTP client
• wget - Network downloader
• sslscan - SSL/TLS security scanner
• sslyze - SSL/TLS configuration analyzer

🕵️ OSINT (Open Source Intelligence)

• theharvester - Email/subdomain gathering
• sublist3r - Subdomain enumeration
• amass - Attack surface mapping
• maltego - Link analysis and data mining
• shodan - Internet-connected device search
• recon-ng - Reconnaissance framework
• metagoofil - Metadata extraction

📋 Prerequisites

System Requirements

• Kali Linux (recommended) or any Linux distribution with security tools installed
• Rust 1.70+ for building the server
• Root privileges for some tools (wireless, certain network scans)

Tool Installation

Most tools come pre-installed on Kali Linux. For other distributions:

# Debian/Ubuntu
sudo apt update
sudo apt install nmap masscan nikto dirb gobuster whatweb wafw00f \
                 enum4linux smbclient rpcclient snmp ldap-utils \
                 aircrack-ng kismet netcat curl wget sslscan \
                 theharvester sublist3r amass recon-ng metagoofil

# Install additional tools
sudo apt install unicornscan zmap feroxbuster wfuzz arachni \
                 enum4linux-ng sslyze bettercap wash

🛠️ Installation

Option 1: Build from Source

1. Clone the repository:

   git clone <repository-url>
   cd kali-mcp-server

2. Build the server:

   cargo build --release

3. Install (optional):

   sudo cp target/release/kali-mcp-server /usr/local/bin/

Option 2: Direct Cargo Install

cargo install --path .

🚀 Usage

Starting the Server

The server uses stdio transport for MCP communication:

# Run directly
./target/release/kali-mcp-server --stdio

# Or if installed globally
kali-mcp-server --stdio

MCP Client Integration

Configure your MCP client to connect to this server. Example configuration:

{
  "mcpServers": {
    "kali-tools": {
      "command": "/usr/local/bin/kali-mcp-server",
      "args": ["--stdio"]
    }
  }
}

📖 Tool Usage Examples

Network Scanning with Nmap

{
  "name": "nmap",
  "arguments": {
    "target": "192.168.1.1",
    "ports": "22,80,443",
    "scan_type": "-sS",
    "service_detection": true,
    "timing": "T3"
  }
}

DNS Enumeration with DNSEnum

{
  "name": "dnsenum",
  "arguments": {
    "domain": "example.com",
    "threads": 5,
    "timeout": 10
  }
}

Web Directory Scanning with Gobuster

{
  "name": "gobuster",
  "arguments": {
    "url": "https://example.com",
    "wordlist": "/usr/share/wordlists/dirb/common.txt",
    "extensions": "php,html,txt",
    "threads": 20
  }
}

OSINT with theHarvester

{
  "name": "theharvester",
  "arguments": {
    "domain": "example.com",
    "data_source": "google",
    "limit": 500
  }
}

SSL/TLS Analysis with SSLScan

{
  "name": "sslscan",
  "arguments": {
    "target": "example.com:443",
    "show_certificate": true
  }
}

🔧 Configuration

Environment Variables

• RUST_LOG - Set logging level (debug, info, warn, error)
• MCP_TIMEOUT - Default command timeout in seconds

Tool-Specific Configuration

Some tools require additional setup:

Shodan

# Set your Shodan API key
shodan init YOUR_API_KEY

Wireless Tools

# Enable monitor mode
sudo airmon-ng start wlan0

Amass

# Configure data sources in ~/.config/amass/config.ini

⚠️ Security Considerations

IMPORTANT SECURITY WARNINGS:

1. Privileged Access: Some tools require root privileges
2. Command Execution: This server executes system commands
3. Network Impact: Scanning tools can generate significant network traffic
4. Legal Compliance: Ensure you have permission to scan target systems
5. Rate Limiting: Some tools may trigger rate limiting or blocking

Best Practices

• Run in isolated/controlled environments
• Implement proper access controls
• Monitor and log all activities
• Respect rate limits and target policies
• Only scan systems you own or have permission to test

🛡️ Error Handling

The server includes comprehensive error handling:

• Tool Not Found: Validates tool availability
• Invalid Arguments: Checks required parameters
• Execution Timeouts: Prevents hanging processes
• Permission Errors: Handles privilege issues
• Network Errors: Manages connection failures

🔍 Troubleshooting

Common Issues

1. Tool Not Found

   # Check if tool is installed
   which nmap
   # Install missing tools
   sudo apt install nmap

2. Permission Denied

   # Some tools need root privileges
   sudo kali-mcp-server --stdio

3. Timeout Errors

   # Increase timeout in tool arguments
   # Or set environment variable
   export MCP_TIMEOUT=300

4. Wireless Interface Issues

   # Check wireless interfaces
   iwconfig
   # Enable monitor mode
   sudo airmon-ng start wlan0

🤝 Contributing

Contributions are welcome! Please:

1. Fork the repository
2. Create a feature branch
3. Add tests for new functionality
4. Ensure all tests pass
5. Submit a pull request

Adding New Tools

To add a new security tool:

1. Create tool definition in appropriate module
2. Implement execution function
3. Register tool in ToolRegistry
4. Add tests
5. Update documentation

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Kali Linux team for the comprehensive security toolkit
• MCP Protocol developers for the standardized interface
• Security community for developing these essential tools

📞 Support

For issues and questions:

1. Check the troubleshooting section
2. Search existing GitHub issues
3. Create a new issue with detailed information
4. Include system information and error logs

🔄 Version History

• v0.1.0 - Initial release with 40+ security tools
  • Network reconnaissance tools
  • Web application testing tools
  • Enumeration utilities
  • Wireless security tools
  • SSL/TLS analysis tools
  • OSINT capabilities

---

⚠️ Disclaimer: This tool is for educational and authorized testing purposes only. Users are responsible for complying with applicable laws and obtaining proper authorization before scanning or testing any systems.