AI-Pentesting-Tool is an educational workflow for using an AI agent with Kali tooling through MCP (Model Context Protocol) in VS Code insiders.
Use this project to:
- practice authorized pentest workflows in a structured way
- use prompt templates for repeatable AI-guided assessments
- generate learning-focused findings and reports
Prompt templates are available in PromptExample-agent.md.
The Kali MCP server must run on Kali Linux.
Minimum recommended setup:
- Kali Linux (current rolling release)
- VS Code insiders
- GitHub Copilot extension for VS Code
- internet access for model/API access and package installation
Install the server package on Kali:
sudo apt update
sudo apt install mcp-kali-serverCheck that it is installed:
dpkg -l | grep mcp-kali-serverIf the package is installed correctly, you should see a line with mcp-kali-server.
read the Kali mcp documentation on: https://www.kali.org/tools/mcp-kali-server/
Create or update your MCP configuration file and add a Kali server entry For Github Copilot.
I used this video for the configuration of the files: https://www.youtube.com/watch?v=X2Al2soEX2s .
mcp.json used in video:
{
"servers": {
"kali-mcp": {
"type": "http",
"url": "http://....:5000/",
"transport": "streamable-http",
"displayName": "Kali MCP (local)",
"description": "Local Kali MCP server for tools/resources",
"timeout": 60000,
"capabilities": ["tools", "resources", "prompts"]
}
}
}If you're planning on using it locally i recommend using the already configured mcp.json and using the mcp-server wrapper command (which calls client.py, the MCP stdio bridge).
Example mcp.json:
{
"servers": {
"kali-mcp-stdio": {
"type": "stdio",
"command": "mcp-server",
"args": [
"--server",
"http://127.0.0.1:5000"
]
}
}
}Quick validation from terminal:
which mcp-server
which kali-server-mcpuse the present .yaml settings in the repository
name: Kali MCP
version: 0.0.1
schema: v1
mcpServers:
- name: kali-mcp-stdio
type: stdio
command: /usr/bin/mcp-server ##edit this directory to your mcp-server directory
args:
- "--server"
- "http://127.0.0.1:5000"
env: {}After the package upgrade, the Kali MCP server was split into two components:
| Component | Wrapper command | Script | Purpose |
|---|---|---|---|
| API Server | kali-server-mcp |
server.py |
Flask API server on port 5000 (runs the actual tools) |
| MCP Bridge | mcp-server |
client.py |
MCP stdio client (VS Code talks to this) |
The API server must be running before the MCP bridge can work. The recommended way is to use the systemd service:
sudo systemctl enable --now kali-server-mcp.serviceVerify it is running:
systemctl status kali-server-mcp.servicethe output of the command should be something like this:
So if project is downloaded in the directory:
cd /Documents/AI-Pentesting-Tool
code-insiders .then the kali API server needs to be running (via systemd or manually):
kali-server-mcpIn VS Code insiders:
- Open Extensions.
- Search for
GitHub Copilot. - Install and sign in with your GitHub account.
In VS Code Copilot settings:
- Open
Manage Language Models. - Add a custom/provider model.
- Paste your API key when prompted.
- Save the model profile.
- Select this model in Copilot Chat before starting your session.
example of the SURF agent configuration:
{
"name": "openai/gpt-oss-120b",
"vendor": "customai",
"apiKey": "....",
"models": [
{
"id": "openai/gpt-oss-120b",
"name": "SURF-gpt-oss-120b",
"url": "....",
"toolCalling": true,
"vision": true,
"maxInputTokens": 128000,
"maxOutputTokens": 16000
}
]
}
In Copilot Chat:
- Open Tool Selection.
- Confirm the Kali MCP server appears in the available tools list.
- If visible, the MCP bridge is active and ready.
If it does not appear:
- re-check
mcp.jsonsyntax - restart VS Code
- verify
mcp-kali-serveris installed (dpkg -l | grep mcp-kali-server) - verify
mcp-serverandkali-server-mcpare in your PATH
In VS Code insiders:
- Open Extensions.
- Search for
Continue - open-source AI code agent. - Install and use your own LLM-agent API-key.
the config is mostly already configurated.
- look for the filestructure: /AI-Pentesting-Tool/.continue/mcpServers/kali-mcp.yaml
- use the present config. or customize it:
name: Kali MCP
version: 0.0.1
schema: v1
mcpServers:
- name: kali-mcp-stdio
type: stdio
command: /usr/bin/mcp-server ##edit this directory to your mcp-server directory
args:
- "--server"
- "http://127.0.0.1:5000"
env: {}- Go to the Continue chat bubble
- Open:
Open Settings - Open:
Tools - Verify the kali mcp usage
For better model access and higher request handling capacity, this project recommends a GitHub Copilot Pro license.
This repository includes a small login + CRUD + profile app you can run locally to test agents and tool usage. It is intentionally vulnerable and meant for learning and authorized testing only.
Location: vuln-web/
On Kali/Debian, install venv support first:
sudo apt update
sudo apt install -y python3-venv python3-pipcd vuln-web
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
python app.pyOpen: http://127.0.0.1:8000
- SQL injection (login, item search, and profile update)
- XSS (stored in item descriptions and profile bio)
- IDOR on item edit/delete
- Weak authentication and no CSRF protection
These are enabled when VULN_MODE=on (default).
The lab supports a simple toggle so you can compare behavior or add your own issues.
Turn vulnerabilities on (default):
VULN_MODE=on python app.pyTurn vulnerabilities off (safe-ish mode):
VULN_MODE=off python app.pyIn safe-ish mode, SQL queries are parameterized, ownership is enforced on item edits/deletes, and output is escaped to reduce XSS.
The app is designed to be easy to edit. You can add or change vulnerabilities in these files:
- Routes and SQL logic:
vuln-web/app.py - HTML rendering:
vuln-web/templates/
Recommended workflow:
- Start in
VULN_MODE=offto see the safer baseline. - Modify a route or template to introduce a new issue.
- Restart the app and test the change.
- The app creates a local SQLite database on first run.
- If you used an older version of the lab, delete
vuln-web/data/app.dbto recreate the schema. - Do not expose this app to the internet.
- Change the port by setting
PORT, for example:PORT=8001 python app.py - If
source .venv/bin/activateis missing, installpython3-venvand recreate the venv.
git clone https://github.com/xgledsp/AI-Pentesting-Tool.git
cd ~/AI-Pentesting-Tool
code-insiders .Open Copilot Chat and choose your preferred agent/model configuration.
Github copilot:
- make sure the API server is running:
sudo systemctl start kali-server-mcp.service - start the mcp bridge in VS Code via the mcp.json configuration.
Continue extension:
- when using the Continue extension, you dont have to start the mcp server in VS code.
- Check if the mcp server is enabled in the tool settings in the Continue chat.
Use the prompts from PromptExample-agent.md as your starting point and adapt:
- scope
- credentials
- target environment
- expected output format
- Define authorized scope and rules.
- In chat, provide context and paste/adapt a prompt template.
- Ask the agent to use Kali MCP tools for analysis.
- Review and validate results manually.
- Export a report in
report/.
I want my application pentested.
Scope: <authorized domains/apps only>
Credentials: <if applicable>
Use the Kali MCP server tools for testing.
Focus on both network and application-level issues.
At the end, provide a clear findings report with severity and remediation.
Use the RuleSet-agent.md
Always use the RuleSet-agent.md when pentesting!
If kali-server-mcp.service fails with "Address already in use", an old process is occupying port 5000:
# Find the process
sudo ss -tlnp | grep 5000
# Kill it (replace PID with the actual process ID)
sudo kill <PID>
# Restart the service
sudo systemctl restart kali-server-mcp.serviceAfter installing the updated mcp-kali-server package, the health check endpoint may report all tools (nmap, nikto, dirb, gobuster) as false, even though they are installed.
This is a bug in server.py where CommandExecutor only accepts string commands, but the health check and all tool endpoints pass list commands. The execute_command docstring states it supports both lists and strings, but CommandExecutor.execute() rejects lists with a ValueError.
This bug affects:
- The
/healthendpoint (tools show as unavailable) - All tool-specific endpoints (
/api/tools/nmap,/api/tools/gobuster, etc.)
Note: the execute_command MCP tool (which goes through /api/command) still works because it receives a string from the client.
In /usr/share/mcp-kali-server/server.py, find the execute method of CommandExecutor (around line 64):
# Before (broken):
if not isinstance(self.command, str):
raise ValueError(f"CommandExecutor expects a string, but got {type(self.command).__name__}")
# After (fixed):
if isinstance(self.command, list):
self.command = " ".join(shlex.quote(str(c)) for c in self.command)
self.use_shell = True
elif not isinstance(self.command, str):
raise ValueError(f"CommandExecutor expects a string or list, but got {type(self.command).__name__}")After editing, restart the service:
sudo systemctl restart kali-server-mcp.serviceThis project is strictly for educational purposes and authorized security testing.
You must:
- only test systems you own or have explicit written permission to assess
- follow all local laws and policies
- never use this project for unauthorized or malicious activity
The maintainers are not responsible for misuse.