
ikaliMCP Server
Provides a secure interface for AI assistants to interact with penetration testing tools like nmap, hydra, sqlmap, and nikto for educational cybersecurity purposes. Includes input sanitization and runs in a Docker container with Kali Linux tools for authorized testing scenarios.
README
ikaliMCP Server
A Model Context Protocol (MCP) server for educational penetration testing using authentic Kali Linux tools.
Purpose
This MCP server provides a secure interface for AI assistants to interact with penetration testing tools for educational purposes only. Designed for the sole usage and sell by HeWhoMustNBN, whobcode.
Features
Manually Scaffolded Tools (10 Primary Tools)
hydra_bruteforce
- Password brute force attacks against network servicesnmap_scan
- Network discovery and port scanningsqlmap_injection
- Automatic SQL injection detection and exploitationnikto_webscan
- Web server vulnerability scanningwpscan_wordpress
- WordPress security scanningdirb_directory_scan
- Directory and file brute forcingsearchsploit_exploits
- Exploit database searchinggobuster_directory_scan
- Fast directory brute forcingjohn_password_crack
- Password hash crackinghashcat_gpu_crack
- GPU-accelerated password cracking
Dynamic Tool Registry (Additional Tools — CLI Only)
- Wireshark Suite: tshark
- Metasploit Suite: msfconsole, msfvenom
- Aircrack-ng Suite: aircrack-ng, airodump-ng, aireplay-ng
- Reconnaissance: theharvester, sherlock
- Network Tools: netcat, hping3
- Web Tools: whatweb, ffuf
- Enumeration: enum4linux, dnsrecon, fierce, sublist3r
Prerequisites
- Docker Desktop with MCP Toolkit enabled
- Docker MCP CLI plugin (
docker mcp
command) - Proper authorization for penetration testing activities
Installation
See the step-by-step instructions provided with the files.
Usage Examples
In Claude Desktop, OpenAI's Codex, or Abacus.AI, you can ask:
- "Scan 192.168.1.1 for open ports using nmap"
- "Perform a directory scan on http://example.com using dirb"
- "Search for WordPress vulnerabilities on http://target.com"
- "Brute force SSH login on 192.168.1.100 with hydra"
- "Check for SQL injection vulnerabilities in http://site.com/page.php?id=1"
Architecture
AI Assistant → MCP Gateway → ikaliMCP Server → Kali Linux Tools ↓ Docker Container (Root Access) (Hydra, Nmap, SQLMap, Nikto, etc.)
Security & Legal Notice
CRITICAL WARNING: This tool is for authorized educational use only!
- Only use on systems you own or have explicit permission to test
- Unauthorized penetration testing is illegal
- Users are responsible for compliance with all applicable laws
- Tool includes input sanitization for safety (see code comments for transparency)
Development
Local Testing
# Run directly for testing
python3 ikaliMCP_server.py
# Test MCP protocol
echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' | python3 ikaliMCP_server.py
Container Self-Check
After building the image, verify CLI tools are present:
docker build -t ikaliMCP-mcp-server .
docker run --rm ikaliMCP-mcp-server python3 /app/self_check.py
Warnings for some -h
checks may be benign; Missing indicates an install issue.
Adding New Tools
- Add tool to TOOL_REGISTRY in ikaliMCP_server.py
- Include description and base command
- Rebuild Docker image
- Update catalog entry
Input Sanitization Transparency
All inputs are sanitized to prevent command injection. The code includes comments showing the "desanitized" version for educational transparency:
# DESANITIZED:
nmap -sS -p 80 192.168.1.1
# This shows what the command would look like without sanitization
Troubleshooting
Tools Not Appearing
- Verify Docker image built successfully
- Check catalog and registry files
- Ensure AI assistant config includes custom catalog
- Restart AI assistant
- Run container self-check:
docker run --rm ikaliMCP-mcp-server python3 /app/self_check.py
macOS Intel Setup (Command Line)
Use the included script to install Docker Desktop (via Homebrew), build the image, and run self-check:
bash scripts/setup_mac_intel.sh
If you don't have the repo locally, provide your repo URL:
REPO_URL="git@github.com:your-org/ikaliMCP.git" bash -c "curl -fsSL https://raw.githubusercontent.com/your-org/ikaliMCP/main/scripts/setup_mac_intel.sh | bash"
Replace the URL above with your actual repository path if different.
macOS Intel Setup (No Homebrew)
Install Docker Desktop directly (no Homebrew), then build and self-check:
bash scripts/setup_mac_intel_no_brew.sh
If you don't have the repo locally, provide your repo URL env var:
REPO_URL="git@github.com:your-org/ikaliMCP.git" bash -c "curl -fsSL https://raw.githubusercontent.com/your-org/ikaliMCP/main/scripts/setup_mac_intel_no_brew.sh | bash"
Replace the URL above with your actual repository path if different. For Apple Silicon, use the appropriate Docker Desktop download URL (arm64) by setting DOCKER_DMG_URL
.
Permission Errors
- Container runs as root for full tool access
- Verify Docker has necessary privileges
- Check tool installation in container
License
MIT License - Educational Use Only
Disclaimer
This software is provided for educational purposes only. The authors assume no liability for misuse or damage caused by this program. Users must comply with all applicable laws and regulations.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.