Zebbern Kali MCP

The Zebbern Kali MCP server is a comprehensive penetration testing platform based on the Model Context Protocol (MCP), providing 139 functions for AI assistants (such as GitHub Copilot) to directly execute security tools on the Kali Linux system through a standardized API, covering network reconnaissance, web application testing, password cracking, vulnerability exploitation, and Active Directory attacks.

Security Developer tools #Penetration Testing #Security Tools #Kali Integration #AI Assistant .Python

rating : 2.5 points

downloads : 7.5K

update time : 2026-03-13

Open Site

What is Zebbern Kali MCP Server?

Zebbern Kali MCP Server is a penetration testing tool server based on the Model Context Protocol (MCP). It allows AI assistants (such as GitHub Copilot) to remotely control and execute security testing tools in the Kali Linux system through a standardized API interface. This means that you can directly communicate with Copilot in VS Code and let it help you perform security testing tasks such as Nmap scans, SQL injection tests, and password cracking without manually logging in to the Kali system or memorizing complex command-line parameters.

How to use Zebbern Kali MCP Server?

The usage process is divided into three main steps: 1) Install the server components on the Kali Linux system; 2) Configure the MCP client on your development machine (Windows/Mac/Linux); 3) Conduct interactive security testing through VS Code and Copilot. The entire process is connected via HTTP/REST API, enabling the AI assistant to securely execute penetration testing commands and return results.

Applicable Scenarios

This server is particularly suitable for the following scenarios: Security researchers need to quickly perform repetitive testing tasks; Penetration testing teams want to standardize the tool usage process; Students in educational environments learn security testing tools; Developers need quick security testing during code auditing; Red teams need to coordinate multiple testing tools during drills.

Main Features

Complete Penetration Testing Tool Set

Integrates 139 MCP tool functions, covering the entire lifecycle of penetration testing, including information gathering, vulnerability scanning, exploitation, and post - penetration stages.

Support for 22 External Security Tools

Directly integrates industry - standard security testing tools such as Nmap, SQLMap, Hydra, Metasploit, and Nuclei without additional configuration.

API Security Testing Capability

Provides professional API security testing functions such as GraphQL introspection, JWT analysis, FFUF fuzz testing, and Arjun parameter discovery.

Active Directory Testing Tools

Integrates AD domain penetration testing tools such as BloodHound, Kerberoasting, Pass - the - Hash, and LDAP enumeration.

Network Penetration and Proxy

Supports network penetration tools such as Chisel, SSH tunnels, Ligolo - ng, and ProxyChains, facilitating lateral movement within the intranet.

SSH Security Audit

Provides comprehensive SSH server security analysis functions to identify weak passwords, insecure configurations, and known vulnerabilities.

Evidence Collection and Management

Built - in screenshot, note, and discovery management functions to help systematically record the testing process and results.

Session Management

Supports centralized management and control of sessions such as Metasploit sessions, reverse shells, and SSH connections.

Advantages

AI - driven automation: Automatically execute complex security testing commands through AI assistants such as Copilot

Unified interface: Standardize the invocation methods of 139 security tools, reducing the learning cost

Remote operation: Execute tests remotely through the API without directly logging in to the Kali system

Improve efficiency: Reduce the time for manual command input and focus on testing strategies and analysis

Easy integration: Seamlessly integrate with development environments such as VS Code, supporting existing workflows

Comprehensive coverage: Support a full - set of toolchains from information gathering to post - penetration

Flexible deployment: Support local and remote installation, adapting to different network environments

Limitations

Security risk: Provide remote access to powerful penetration testing tools, requiring strict control of access permissions

Network dependency: Require a stable network connection to communicate with the Kali server

Learning curve: Need to understand the MCP protocol and basic penetration testing concepts

Tool updates: Depend on the tool package updates of the Kali system and may not be the latest version

Performance impact: API calls may be slightly slower than direct command - line execution

Complex configuration: Initial installation and configuration require certain technical knowledge

Compatibility limitations: Mainly targeted at Kali Linux, and other systems may need adjustments

How to Use

Prepare the Kali Linux Environment

Ensure that you have a Kali Linux virtual machine or physical machine with network access. It is recommended to use the latest version of Kali Linux for the best compatibility.

Install the Server on Kali

Connect to the Kali system via SSH, clone the repository, and run the installation script. The installation process will automatically set up the Flask API server and system services.

Configure the VS Code Client

On your development machine, edit the MCP configuration file of VS Code and add the connection information of the Kali server. You need to specify the IP address and port of the Kali system.

Test the Connection

Restart VS Code and ask simple test commands in the Copilot chat window to verify that the connection is successfully established.

Start Security Testing

Now you can use natural - language commands to let Copilot perform various security testing tasks. From simple port scans to complex vulnerability exploitation can be completed through conversations.

Usage Cases

Website Security Assessment

Conduct a comprehensive security assessment of the target website, including port scanning, directory enumeration, and vulnerability scanning.

Intranet Penetration Testing

After obtaining initial access rights, conduct intranet lateral movement and privilege escalation tests.

API Security Testing

Conduct security testing on REST API or GraphQL endpoints to discover authentication, authorization, and data exposure issues.

Emergency Response Drill

Simulate the security incident response process, collect evidence, analyze logs, and identify signs of intrusion.

Frequently Asked Questions

Do I need to have penetration testing experience to use this tool?

Is this tool legal? Can I use it on any system?

Is the installation process complex? How much time does it take?

Which AI assistants are supported? Can I only use GitHub Copilot?

What if the Kali server and my development machine are not on the same network?

What should I do if the tool execution fails or returns an error?

How can I update the tool or add new security tools?

Is this tool suitable for team use?

Related Resources

Official GitHub Repository

Project source code, issue tracking, and latest version releases

Complete Documentation

Detailed installation guides, tool references, API documentation, and best practices

Model Context Protocol Official Website

Official documentation and specification of the MCP protocol

Kali Linux Official Documentation

Documentation for using the Kali Linux system and tool references

Penetration Testing Learning Resources

Penetration testing training and certification provided by Offensive Security

Security Testing Best Practices

OWASP Top 10 Web application security risks and testing guidelines

VS Code MCP Configuration Guide

Tutorial on configuring and using the MCP server in Visual Studio Code

🚀 Zebbern Kali MCP Server

A comprehensive Model Context Protocol (MCP) server for Kali Linux penetration testing, enabling AI assistants like GitHub Copilot to execute security tools on a Kali Linux system via a standardized API.

✨ Features

139 MCP Tool Functions: A complete penetration testing toolkit.
22 External Tools: Including Nmap, SQLMap, Hydra, Metasploit, Nuclei, etc.
API Security Testing: GraphQL introspection, JWT analysis, FFUF, Arjun.
Active Directory Tools: BloodHound, Kerberoasting, Pass-the-Hash, LDAP enumeration.
Network Pivoting: Chisel, SSH tunneling, Ligolo-ng, ProxyChains.
SSH Audit: Comprehensive SSH server security analysis.
Evidence Collection: Screenshots, notes, and findings management.
Session Management: Metasploit sessions, reverse shells, SSH connections.

📚 Documentation

Full documentation is available in the docs/ folder:

Installation Guide: All installation methods.
Architecture: System design and components.
Tools Reference: Documentation for all 139 MCP tools.
API Reference: REST API endpoints.
Workflows: Practical pentest examples.
Security: Hardening recommendations.
Troubleshooting: Common issues.

To view docs locally:

pip install mkdocs mkdocs-material
mkdocs serve

🚀 Quick Start

Prerequisites

Kali Linux VM (or any Debian-based system with pentest tools).
VS Code with GitHub Copilot (or any MCP-compatible client).
Network access between your machine and Kali VM.

Step 1: Install Server (on Kali Linux)

# Clone the repository
git clone https://github.com/zebbern/zebbern-mcp.git
cd zebbern-mcp

# Run the installer (requires root)
sudo ./install.sh

# Or use Python installer
sudo python3 install.py --server

This installs:

Flask API server at /opt/zebbern-kali.
Systemd service kali-mcp (auto-starts on boot).
All pentesting tools (nmap, sqlmap, nuclei, etc.).

Step 2: Configure VS Code (on your machine)

Add to your VS Code MCP config (%APPDATA%\Code\User\mcp.json on Windows):

{
  "servers": {
    "zebbern-kali": {
      "type": "stdio",
      "command": "python",
      "args": [
        "C:/path/to/zebbern-mcp/mcp_server.py",
        "--server", "http://YOUR_KALI_IP:5000"
      ]
    }
  }
}

Replace:

C:/path/to/zebbern-mcp/ with the actual path to the cloned repo.
YOUR_KALI_IP with your Kali VM's IP address (e.g., 192.168.44.131).

Step 3: Verify Connection

Restart VS Code and ask Copilot:

"Use the Kali tools to check if nmap is available" If configured correctly, Copilot will execute the health check on your Kali VM.

Alternative: One-Command Remote Install

Install everything from your Windows/Mac machine via SSH:

python install.py --remote --host 192.168.1.100 --user kali --password kali

📦 Installation Options

Shell Script Options

sudo ./install.sh [OPTIONS]

Options:
  --no-tools     Skip installing pentesting tools (server only)
  --no-service   Skip systemd service setup
  --dev          Install in current directory (development mode)
  --help         Show help message

Python Script Options

python install.py [OPTIONS]

Options:
  --server       Install server components on Kali Linux
  --client       Install client components (Windows/Mac/Linux)
  --tools        Install pentesting tools only
  --no-service   Skip systemd service setup
  --no-tools     Skip pentesting tools installation
  --dev          Development mode
  --remote       Install on remote server via SSH
  --host HOST    Remote host for SSH installation
  --user USER    SSH username (default: kali)
  --password PW  SSH password
  --key FILE     SSH private key file

🔧 Technical Details

┌─────────────────┐       HTTP/REST      ┌─────────────────┐
│   VS Code       │ ◄──────────────────► │   Kali Linux    │
│   + Copilot     │                      │   API Server    │
│                 │                      │   (Flask)       │
│   MCP Client    │                      │                 │
│   (Python)      │                      │   Pentest Tools │
└─────────────────┘                      └─────────────────┘

💻 Usage Examples

Service Management

# Start the service
sudo systemctl start kali-mcp

# Stop the service
sudo systemctl stop kali-mcp

# Restart the service
sudo systemctl restart kali-mcp

# View logs
sudo journalctl -u kali-mcp -f

# Check status
sudo systemctl status kali-mcp

API Endpoints

# Health check
curl http://<kali-ip>:5000/health

# Run nmap scan
curl -X POST http://<kali-ip>:5000/api/tools/nmap \
  -H "Content-Type: application/json" \
  -d '{"target": "192.168.1.1", "scan_type": "-sV"}'

# SSH audit
curl -X POST http://<kali-ip>:5000/api/tools/ssh-audit \
  -H "Content-Type: application/json" \
  -d '{"target": "192.168.1.1", "port": 22}'

📄 Installed Tools

Reconnaissance

Nmap, Masscan
theHarvester, Recon-ng
Subfinder, Assetfinder
DNSenum, Fierce

Web Application

Nikto, Dirb, Gobuster
SQLMap, WPScan
FFUF, Nuclei
OWASP ZAP

API Testing

Arjun (parameter discovery)
Kiterunner (API endpoint discovery)
Newman (Postman collection runner)
GraphQL introspection

Password Cracking

John the Ripper
Hashcat
Hydra
Medusa, Ncrack

Exploitation

Metasploit Framework
Impacket suite
SET (Social Engineering Toolkit)

Active Directory

BloodHound
CrackMapExec
Responder
LDAP utilities

Network

Chisel, Ligolo-ng
SSH tunneling
Socat
Wireshark, tcpdump

Security Auditing

ssh-audit
SSLyze
wafw00f

💻 VS Code Configuration

After installation, the MCP configuration will be added to your VS Code settings: Location: %APPDATA%\Code\User\mcp.json (Windows) or ~/.config/Code/User/mcp.json (Linux)

{
  "servers": {
    "zebbern-kali": {
      "type": "stdio",
      "command": "path/to/venv/python",
      "args": ["path/to/mcp_server.py"]
    }
  }
}

⚙️ Configuration

Edit mcp_server.py to configure the Kali server connection:

DEFAULT_KALI_SERVER = "http://192.168.44.131:5000"  # Your Kali IP
DEFAULT_REQUEST_TIMEOUT = 300  # Timeout in seconds

⚠️ Important Note

This server provides unrestricted access to powerful penetration testing tools.

Only run on isolated networks or authorized test environments.
Never expose to the public internet.
Use strong authentication if accessible remotely.
Ensure you have proper authorization before testing any systems.

🛠️ Troubleshooting

Service won't start

# Check logs
sudo journalctl -u kali-mcp -n 50

# Check if port is in use
sudo netstat -tlnp | grep 5000

# Verify Python environment
/opt/zebbern-kali/venv/bin/python --version

Tools not found

# Re-run tool installation
sudo ./install.sh --no-service

# Or manually install specific tools
sudo apt install nmap nikto sqlmap

Connection refused

# Check firewall
sudo ufw status

# Allow port
sudo ufw allow 5000/tcp

Contributions welcome! Please read docs/contributing.md for guidelines.

Built on the Model Context Protocol

Markdownify MCP

Markdownify is a multi-functional file conversion service that supports converting multiple formats such as PDFs, images, audio, and web page content into Markdown format.

TypeScript

34.6K

5 points

Duckduckgo MCP Server

Certified

The DuckDuckGo Search MCP Server provides web search and content scraping services for LLMs such as Claude.

A Python-based MCP Server that provides advanced to-do list management and content organization functions through the Notion API, enabling seamless integration between AI models and Notion.

The GitLab MCP server is a project based on the Model Context Protocol that provides a comprehensive toolset for interacting with GitLab accounts, including code review, merge request management, CI/CD configuration, and other functions.

Framelink Figma MCP Server is a server that provides access to Figma design data for AI programming tools (such as Cursor). By simplifying the Figma API response, it helps AI more accurately achieve one - click conversion from design to code.

UnityMCP is a Unity editor plugin that implements the Model Context Protocol (MCP), providing seamless integration between Unity and AI assistants, including real - time state monitoring, remote command execution, and log functions.

31.5K

5 points

Gmail MCP Server

A Gmail automatic authentication MCP server designed for Claude Desktop, supporting Gmail management through natural language interaction, including complete functions such as sending emails, label management, and batch operations.

The MiniMax Model Context Protocol (MCP) is an official server that supports interaction with powerful text-to-speech, video/image generation APIs, and is suitable for various client tools such as Claude Desktop and Cursor.

Python

48.5K

4.8 points

Zhiqi Future, Your AI Solution Think Tank

English 简体中文繁體中文にほんご

Zebbern Kali MCP

Overview

Content Details

Alternatives

What is Zebbern Kali MCP Server?

How to use Zebbern Kali MCP Server?

Applicable Scenarios

Main Features

How to Use

Usage Cases

Frequently Asked Questions

Related Resources

Installation

🚀 Zebbern Kali MCP Server

✨ Features

📚 Documentation

🚀 Quick Start

Prerequisites

Step 1: Install Server (on Kali Linux)

Step 2: Configure VS Code (on your machine)

Step 3: Verify Connection

Alternative: One-Command Remote Install

📦 Installation Options

Shell Script Options

Python Script Options

🔧 Technical Details

💻 Usage Examples

Service Management

API Endpoints

📄 Installed Tools

Reconnaissance

Web Application

API Testing

Password Cracking

Exploitation

Active Directory

Network

Security Auditing

💻 VS Code Configuration

⚙️ Configuration

⚠️ Important Note

🛠️ Troubleshooting

Service won't start

Tools not found

Connection refused

Alternatives