Kali Linux MCP Server

69 tools. 63 can modify or destroy data without limits.

63 write tools that can modify data. Rate limits recommended.

Last updated:

63 can modify or destroy data
6 read-only
69 tools total

Community server · catalogue entry verified 29/06/2026

How to control Kali Linux MCP Server ↓

What Kali Linux MCP Server exposes to your agents

Read (6) Write / Execute (63) Destructive / Financial (0)
High Risk

The most dangerous Kali Linux MCP Server tools

63 of Kali Linux MCP Server's 69 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Kali Linux MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Kali Linux MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Cap read operations
{
  "foremost_recover": {
    "limits": [
      {
        "counter": "foremost_recover_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Kali Linux MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON KALI LINUX →

Instant setup, no code required.

All 69 Kali Linux MCP Server tools

EXECUTE 63 tools
Execute aircrack_attack aircrack_attack Execute amass_scan amass_scan Execute apktool_run apktool_run Execute arping_scan arping_scan Execute beef_start Start BeEF Browser Exploitation Framework. Execute binwalk_analyze Execute Binwalk for firmware analysis. Execute bully_attack bully_attack Execute commix_scan commix_scan Execute crackmapexec_scan crackmapexec_scan Execute dirb_scan Execute Dirb web content scanner. Execute dnsenum_scan Execute DNSEnum for DNS enumeration. Execute dnsrecon_scan dnsrecon_scan Execute enum4linux_scan Execute Enum4linux Windows/Samba enumeration tool. Execute evil_winrm_connect evil_winrm_connect Execute execute_command Execute an arbitrary command on the Kali server. Execute fcrackzip_crack fcrackzip_crack Execute ffuf_scan ffuf_scan Execute fierce_scan Execute Fierce for DNS reconnaissance. Execute gobuster_scan gobuster_scan Execute hashcat_crack hashcat_crack Execute hping3_scan hping3_scan Execute hydra_attack hydra_attack Execute impacket_run impacket_run Execute john_crack john_crack Execute kerbrute_attack kerbrute_attack Execute kismet_scan Execute Kismet wireless network detection. Execute lynis_audit Execute Lynis security audit. Execute masscan_scan masscan_scan Execute medusa_attack medusa_attack Execute metagoofil_scan metagoofil_scan Execute metasploit_run Execute a Metasploit module. Execute mimikatz_run mimikatz_run Execute msfvenom_generate msfvenom_generate Execute netcat_run netcat_run Execute netdiscover_scan netdiscover_scan Execute nikto_scan Execute Nikto web server scanner. Execute nmap_scan nmap_scan Execute nosqlmap_scan Execute NoSQLMap for NoSQL injection testing. Execute nuclei_scan nuclei_scan Execute openvas_scan openvas_scan Execute patator_attack patator_attack Execute proxychains_run proxychains_run Execute reaver_attack reaver_attack Execute reconng_run reconng_run Execute responder_attack responder_attack Execute routersploit_exploit routersploit_exploit Execute setoolkit_run setoolkit_run Execute skipfish_scan skipfish_scan Execute socat_run socat_run Execute spiderfoot_scan spiderfoot_scan Execute sqlmap_scan Execute SQLmap SQL injection scanner. Execute sublist3r_scan sublist3r_scan Execute tcpdump_capture tcpdump_capture Execute tshark_capture tshark_capture Execute unicornscan_scan unicornscan_scan Execute wapiti_scan wapiti_scan Execute weevely_run weevely_run Execute wfuzz_scan wfuzz_scan Execute whatweb_scan whatweb_scan Execute wifite_attack wifite_attack Execute wpscan_analyze Execute WPScan WordPress vulnerability scanner. Execute xsstrike_scan xsstrike_scan Execute zap_scan Execute OWASP ZAP web application security scan.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Kali Linux MCP Server

Is the Kali Linux MCP Server MCP server safe to use without restrictions? +

The Kali Linux MCP Server server is primarily read-only with 6 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.

How many tools does the Kali Linux MCP Server MCP server expose? +

69 tools across 3 categories: Execute, Read, Write. 6 are read-only. 63 can modify, create, or delete data.

How do I enforce a policy on Kali Linux MCP Server? +

Register the Kali Linux MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Kali Linux MCP Server tool call.

Deterministic rules across all 69 Kali Linux MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

69 Kali Linux MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.