{"id":"mcp-kali-server","name":"MCP Kali Server","af_score":52.8,"security_score":18.0,"reliability_score":null,"what_it_does":"A lightweight Flask API bridge that connects Claude Desktop (or any MCP-compatible client) to a Kali Linux machine, enabling AI-assisted command execution for authorized penetration testing and CTF challenges. The server exposes a thin HTTP API on port 5000 that accepts arbitrary shell commands and returns their output, effectively giving an AI assistant a live Kali terminal. Tools like Nmap, Metasploit, sqlmap, Gobuster, enum4linux, and any other Kali tool are accessible by name. The architecture is intentionally minimal — a single Flask server with no auth, no sandboxing, and no command filtering — making it fast to set up for isolated testing environments but completely unsuitable for production or shared infrastructure.","best_when":"You are running authorized penetration testing or CTF challenges in a fully isolated, single-user Kali VM and want an AI to iteratively suggest and execute recon/exploitation commands.","avoid_when":"You need any form of access control, audit logging, or safe command sandboxing — the complete absence of authentication makes this unsuitable for anything beyond a dedicated personal lab VM.","last_evaluated":"2026-03-01T09:50:05.867871+00:00"}