Awsome Kali Mcpservers
    Awsome Kali Mcpservers

    Awsome Kali Mcpservers

    awsome kali MCPServers is a set of MCP servers tailored for Kali Linux, designed to empower AI Agents in reverse engineering and security testing. It offers flexible network analysis, target sniffing, traffic analysis, binary understanding, and automation, enhancing AI-driven workflows.

    4.3

    GitHub Stats

    Stars

    63

    Forks

    5

    Release Date

    6/8/2025

    about a month ago

    Detailed Description

    awsome-kali-MCPServers

    Overview

    Welcome to awsome-kali-MCPServers! This repository is a collection of Model Context Protocol (MCP) servers designed specifically for Kali Linux environments. The goal is to enhance reverse engineering, security testing, and automation workflows by integrating powerful tools and flexible features. Whether you're a security researcher or a developer, this project aims to streamline your tasks with Kali Linux.

    Quick Start

    Follow these steps to quickly get started with kali-mcps:

    1. Build the Docker Image First, build the Docker image, temporarily named kali-mcps. Run the following command in the project root directory:
    docker build -t kali-mcps:latest .
    
    1. Launch an MCP Client Ensure you have an MCP client installed, such as claude desktop, cline, goose, or roo code. Open your chosen MCP client.
    2. Configure the MCP Client In your MCP client, create a configuration file (e.g., config.json) with the following content:
    {
      "mcpServers": {
        "kali-docker": {
          "command": "docker",
          "args": ["run", "-i", "kali-mcps:latest"]
        }
      }
    }
    
    • "kali-docker" is the server name, which you can customize.
    • "command": "docker" specifies that Docker will be used to run the container.
    • "args" defines the Docker run parameters: -i enables interactive mode, and kali-mcps:latest is the image you just built.
    1. Use Kali Tools Once configured, connect to the kali-mcps container via the MCP client and start using the built-in Kali tools (e.g., Nmap, nm, objdump, strings, tshark) for your tasks. Examples include:
    • Run basic_scan for basic network scanning.
    • Run disassemble to disassemble a target file.
    • Run capture_live to capture real-time network traffic.

    What to Expect

    Network Analysis: Tools for sniffing and analyzing traffic. Binary Understanding: Support for reverse engineering and function analysis. Automation: Scripts and servers to simplify repetitive tasks.

    New Features

    Since the last update, we have added the following features, integrating a series of tools based on the FastMCP framework:

    1. Network Scanning (Nmap)

    • basic_scan: Basic network scanning.
    • intense_scan: In-depth network scanning.
    • stealth_scan: Stealth network scanning.
    • quick_scan: Quick network scanning.
    • vulnerability_scan: Vulnerability scanning.

    2. Symbol Analysis (nm)

    • basic_symbols: Lists basic symbols.
    • dynamic_symbols: Lists dynamic symbols.
    • demangle_symbols: Decodes symbols.
    • numeric_sort: Sorts symbols numerically.
    • size_sort: Sorts symbols by size.
    • undefined_symbols: Lists undefined symbols.

    3. Binary Analysis (objdump)

    • file_headers: Lists file headers.
    • disassemble: Disassembles the target file.
    • symbol_table: Lists the symbol table.
    • section_headers: Lists section headers.
    • full_contents: Lists full contents.

    4. String Extraction (strings)

    • basic_strings: Basic string extraction.
    • min_length_strings: Extracts strings with a specified minimum length.
    • offset_strings: Extracts strings with offsets.
    • encoding_strings: Extracts strings based on encoding.

    5. Network Traffic Analysis (Wireshark/tshark)

    • capture_live: Captures network traffic in real-time.
    • analyze_pcap: Analyzes pcap files.
    • extract_http: Extracts HTTP data.
    • protocol_hierarchy: Lists protocol hierarchy.
    • conversation_statistics: Provides conversation statistics.
    • expert_info: Analyzes expert information.

    6. Sandbox Support (Docker)

    A new sandbox feature has been added, enabling secure command execution in an isolated container environment:

    Runs commands using Docker containers, with the default image being ubuntu-systemd:22.04. Configurable memory limit (default: 2GB), CPU limit (default: 1 core), network mode, and timeout duration. Supports bidirectional file copying between the host and the container. Automatically cleans up container resources.

    TODO

    • [ ] Docker Sandbox Support: Add containerized environments for safe testing and execution.
    • [ ] Network Tools Integration: Support for tools like Nmap and Wireshark for advanced network analysis.
    • [ ] Reverse Engineering Tools: Integrate Ghidra and Radare2 for enhanced binary analysis.
    • [ ] Agent Support: Enable agent-based functionality for distributed tasks or remote operations.

    Current Status

    This project is still in its early stages. I’m working on preparing the content, including server configurations, tool integrations, and documentation. Nothing is fully ready yet, but stay tuned—exciting things are coming soon!

    Stay Updated

    Feel free to star or watch this repository to get updates as I add more features and files. Contributions and suggestions are welcome once the groundwork is laid out.

    Star History

    Star History

    Mar 31Apr 3Apr 8Apr 17Apr 24May 9May 19Jun 1Jun 11Jun 300306090120
    Powered by MSeeP Analytics

    About the Project

    This app has not been claimed by its owner yet.

    Claim Ownership

    Receive Updates

    Security Updates

    Get notified about trust rating changes

    to receive email notifications.