目前只是个玩具,只支持执行可以返回的命令,如burp suite和metasploit等不能进行界面和命令交互,metasploit倒是可以叫ai agent直接执行不进入命令交互模式,有时间弄得的哥们可以拿去加强一下 😜
kalilinuxmcp
kali linux mcp,pentest,penetration test
更新:
20250401更新: 新增简单的交互式处理
如何安装:
1: 首先要用ssh-keygen -t rsa做一个私钥和公钥,替换公钥到Dockerfile的,替换私钥到"C:Users[Username].sshkali000",这里自行去srcindex.ts里搜索"kali000"替换路径
'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsoJo7WJIHDQgmEdKwm6IqS61xaGWa/OVVMCrMwcVh13xvYbAD7wdMufzNhWRxSso3SKvTHbQjIszvYQgkVFjRPiJW5vGCU0847CX0zZytGLnKpKWDZ5ccShMPlIxVuy2+WUQlKNL7f+w59PMX+3BLcikhtwk0xwG7tpS4kAtXHlrwt1B1vFj3CoF8rBofGJAahOuPvruRh9i1i73i5JJHJFeDdJVfNnY5/8HnBvtWtJzbsbmlyaTODfrDCeYZ32zxDZdsPVEls3RDsfgUadyC71mpXloJ8JTiUU37H5DY+xtIuz3XICwA7DsVm9jiKaSR96DZyogYxx+UKdrDsIH4JQwBNs3RDCX+t7ivKj75KkhhrW2X2h90EOjwQPQOhuVU2FtMXbWlfbZL5UwXGgA7Efe3N0ZzrKac+RGM6vY/jsnESgZaTayF/N/BysMpjI18xy6Y12CyPXVYsvF3v04d2XR1Fs5rduERjpot7o9N+i5FcoTfUb5WP5nVU9X0b2s= hack004@DESKTOP-H4HRI73'
2:因为是国内环境,docker里我加了使用主机的socks5代理,自行搜索来替换"192.168.31.110",还有dns服务器也强制用dns2socks转到了本地127.0.0.1使用socks5代理,可自行去Dockerfile里替换或者去掉
3:原始使用的"booyaabes/kali-linux-full"镜像,但是里面软件版本有点老,自行选择是否要执行以下操作更新(主要需要更新很久!)
1:wget -q -O - https://archive.kali.org/archive-key.asc | gpg --import
2:curl -fsSL https://archive.kali.org/archive-key.asc | sudo gpg --dearmor -o /usr/share/keyrings/kali-archive-keyring.gpg
3:sudo apt update && sudo apt full-upgrade -y
4:(下载更新最新版kali linux的所有工具,注意很大很慢)sudo apt install kali-linux-everything -y
5:如果只需更新单独的软件,就无需执行4因为要很久,例如sudo apt install wpscan
6:我自己倒是完成了最新更新,但是容器太大了几十G就不传了,需要的自行操作就行了```
4:(编译MCP),先npm install后直接npm run build,得到build目录,核心是index.js
5:(编译Docker镜像),
1:编译镜像:"docker build -t kali-pentest-mcp ."
2:部署镜像:"docker run --name kali-container -d --privileged -p 2222:22 kali-pentest-mcp"
6:安装MCP:
"kali-pentest-mcp-server": {
"command": "node",
"args": ["D:/kalimcp/build/index.js"],
"env": {}
}
注意事项:
1: 每次重启docker后记得刷新MCP,因为可能SSH连接会断开
参考项目:
效果展示:
1:Lab: Blind SQL injection with out-of-band data exfiltration
2:command injection:
3:Lab: Web shell upload via Content-Type restriction bypass
Kali Linux Penetration Testing MCP Server
Project Details
- sfz009900/kalilinuxmcp
- Last Updated: 4/12/2025
Categories
Recomended MCP Servers
🔗 Model Context Protocol (MCP) Server for retrieving saved articles from Pocket API and loading them into Claude
A Model Context Protocol (MCP) server that provides AI assistants access to AWS CloudWatch Logs for analysis, searching,...
A Model Context Protocol (MCP) server facilitating secure interactions with MSSQL databases.
Official Notion MCP Server
An open source framework for building AI-powered apps with familiar code-centric patterns. Genkit makes it easy to develop,...
🤖 Automatically generate MCP tools from your Fastify API routes.
MCP server for Cursor that leverages Gemini's much larger context window to enhance the capabilities of the AI...
QMT-MCP-Server
Bringing the bankless onchain API to MCP
Use AI to edit image in Claude Desktop / Cursor (AI P图)
Featured Templates
View More
