awsome-kali-MCPServers
awsome kali MCPServers is a set of MCP servers tailored for Kali Linux, designed to empower AI Agents in reverse engineering and security testing. It offers flexible network analysis, target sniffing, traffic analysis, binary understanding, and automation, enhancing AI-driven workflows.
ccq1
README
awsome-kali-MCPServers
Overview
Welcome to awsome-kali-MCPServers! This repository is a collection of Model Context Protocol (MCP) servers designed specifically for Kali Linux environments. The goal is to enhance reverse engineering, security testing, and automation workflows by integrating powerful tools and flexible features. Whether you're a security researcher or a developer, this project aims to streamline your tasks with Kali Linux.
Quick Start
Follow these steps to quickly get started with kali-mcps
:
- Build the Docker Image First, build the Docker image, temporarily named kali-mcps. Run the following command in the project root directory:
docker build -t kali-mcps:latest .
- Launch an MCP Client Ensure you have an MCP client installed, such as claude desktop, cline, goose, or roo code. Open your chosen MCP client.
- Configure the MCP Client In your MCP client, create a configuration file (e.g., config.json) with the following content:
{
"mcpServers": {
"kali-docker": {
"command": "docker",
"args": ["run", "-i", "kali-mcps:latest"]
}
}
}
"kali-docker"
is the server name, which you can customize."command": "docker"
specifies that Docker will be used to run the container."args"
defines the Docker run parameters:-i
enables interactive mode, andkali-mcps:latest
is the image you just built.
- Use Kali Tools Once configured, connect to the kali-mcps container via the MCP client and start using the built-in Kali tools (e.g., Nmap, nm, objdump, strings, tshark) for your tasks. Examples include:
- Run
basic_scan
for basic network scanning. - Run
disassemble
to disassemble a target file. - Run
capture_live
to capture real-time network traffic.
<p align="center"> <img width="482" alt="image" src="https://github.com/user-attachments/assets/0e9fff0a-059d-424b-bb36-450a1d11adf9" /> </p>
What to Expect
Network Analysis: Tools for sniffing and analyzing traffic. Binary Understanding: Support for reverse engineering and function analysis. Automation: Scripts and servers to simplify repetitive tasks.
New Features
Since the last update, we have added the following features, integrating a series of tools based on the FastMCP framework:
1. Network Scanning (Nmap)
basic_scan
: Basic network scanning.intense_scan
: In-depth network scanning.stealth_scan
: Stealth network scanning.quick_scan
: Quick network scanning.vulnerability_scan
: Vulnerability scanning.
2. Symbol Analysis (nm)
basic_symbols
: Lists basic symbols.dynamic_symbols
: Lists dynamic symbols.demangle_symbols
: Decodes symbols.numeric_sort
: Sorts symbols numerically.size_sort
: Sorts symbols by size.undefined_symbols
: Lists undefined symbols.
3. Binary Analysis (objdump)
file_headers
: Lists file headers.disassemble
: Disassembles the target file.symbol_table
: Lists the symbol table.section_headers
: Lists section headers.full_contents
: Lists full contents.
4. String Extraction (strings)
basic_strings
: Basic string extraction.min_length_strings
: Extracts strings with a specified minimum length.offset_strings
: Extracts strings with offsets.encoding_strings
: Extracts strings based on encoding.
5. Network Traffic Analysis (Wireshark/tshark)
capture_live
: Captures network traffic in real-time.analyze_pcap
: Analyzes pcap files.extract_http
: Extracts HTTP data.protocol_hierarchy
: Lists protocol hierarchy.conversation_statistics
: Provides conversation statistics.expert_info
: Analyzes expert information.
6. Sandbox Support (Docker)
A new sandbox feature has been added, enabling secure command execution in an isolated container environment:
Runs commands using Docker containers, with the default image being ubuntu-systemd:22.04. Configurable memory limit (default: 2GB), CPU limit (default: 1 core), network mode, and timeout duration. Supports bidirectional file copying between the host and the container. Automatically cleans up container resources.
TODO
- [ ] Docker Sandbox Support: Add containerized environments for safe testing and execution.
- [ ] Network Tools Integration: Support for tools like Nmap and Wireshark for advanced network analysis.
- [ ] Reverse Engineering Tools: Integrate Ghidra and Radare2 for enhanced binary analysis.
- [ ] Agent Support: Enable agent-based functionality for distributed tasks or remote operations.
Current Status
This project is still in its early stages. I’m working on preparing the content, including server configurations, tool integrations, and documentation. Nothing is fully ready yet, but stay tuned—exciting things are coming soon!
Stay Updated
Feel free to star or watch this repository to get updates as I add more features and files. Contributions and suggestions are welcome once the groundwork is laid out.
Recommended Servers
Crypto Price & Market Analysis MCP Server
A Model Context Protocol (MCP) server that provides comprehensive cryptocurrency analysis using the CoinCap API. This server offers real-time price data, market analysis, and historical trends through an easy-to-use interface.
MCP PubMed Search
Server to search PubMed (PubMed is a free, online database that allows users to search for biomedical and life sciences literature). I have created on a day MCP came out but was on vacation, I saw someone post similar server in your DB, but figured to post mine.
dbt Semantic Layer MCP Server
A server that enables querying the dbt Semantic Layer through natural language conversations with Claude Desktop and other AI assistants, allowing users to discover metrics, create queries, analyze data, and visualize results.
mixpanel
Connect to your Mixpanel data. Query events, retention, and funnel data from Mixpanel analytics.

Sequential Thinking MCP Server
This server facilitates structured problem-solving by breaking down complex issues into sequential steps, supporting revisions, and enabling multiple solution paths through full MCP integration.

Nefino MCP Server
Provides large language models with access to news and information about renewable energy projects in Germany, allowing filtering by location, topic (solar, wind, hydrogen), and date range.
Vectorize
Vectorize MCP server for advanced retrieval, Private Deep Research, Anything-to-Markdown file extraction and text chunking.
Mathematica Documentation MCP server
A server that provides access to Mathematica documentation through FastMCP, enabling users to retrieve function documentation and list package symbols from Wolfram Mathematica.
kb-mcp-server
An MCP server aimed to be portable, local, easy and convenient to support semantic/graph based retrieval of txtai "all in one" embeddings database. Any txtai embeddings db in tar.gz form can be loaded
Research MCP Server
The server functions as an MCP server to interact with Notion for retrieving and creating survey data, integrating with the Claude Desktop Client for conducting and reviewing surveys.