# Directory Structure
```
├── .gitignore
├── app.py
├── config.yaml
├── Dockerfile
├── LICENSE
├── README.md
├── requirements.txt
└── src
├── kali_mcps
│ ├── __init__.py
│ ├── base
│ │ ├── __init__.py
│ │ └── kali_command.py
│ ├── manual.yaml
│ ├── nm
│ │ └── actions.py
│ ├── nmap
│ │ ├── __init__.py
│ │ └── actions.py
│ ├── objdump
│ │ └── actions.py
│ ├── strings
│ │ └── actions.py
│ ├── traceroute
│ │ └── actions.py
│ └── wireshark
│ └── actions.py
├── mcp_server.py
└── sandbox.py
```
# Files
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
```
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | build/
12 | develop-eggs/
13 | dist/
14 | downloads/
15 | eggs/
16 | .eggs/
17 | lib/
18 | lib64/
19 | parts/
20 | sdist/
21 | var/
22 | wheels/
23 | share/python-wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 | MANIFEST
28 |
29 | # PyInstaller
30 | # Usually these files are written by a python script from a template
31 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
32 | *.manifest
33 | *.spec
34 |
35 | # Installer logs
36 | pip-log.txt
37 | pip-delete-this-directory.txt
38 |
39 | # Unit test / coverage reports
40 | htmlcov/
41 | .tox/
42 | .nox/
43 | .coverage
44 | .coverage.*
45 | .cache
46 | nosetests.xml
47 | coverage.xml
48 | *.cover
49 | *.py,cover
50 | .hypothesis/
51 | .pytest_cache/
52 | cover/
53 |
54 | # Translations
55 | *.mo
56 | *.pot
57 |
58 | # Django stuff:
59 | *.log
60 | local_settings.py
61 | db.sqlite3
62 | db.sqlite3-journal
63 |
64 | # Flask stuff:
65 | instance/
66 | .webassets-cache
67 |
68 | # Scrapy stuff:
69 | .scrapy
70 |
71 | # Sphinx documentation
72 | docs/_build/
73 |
74 | # PyBuilder
75 | .pybuilder/
76 | target/
77 |
78 | # Jupyter Notebook
79 | .ipynb_checkpoints
80 |
81 | # IPython
82 | profile_default/
83 | ipython_config.py
84 |
85 | # pyenv
86 | # For a library or package, you might want to ignore these files since the code is
87 | # intended to run in multiple environments; otherwise, check them in:
88 | # .python-version
89 |
90 | # pipenv
91 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
92 | # However, in case of collaboration, if having platform-specific dependencies or dependencies
93 | # having no cross-platform support, pipenv may install dependencies that don't work, or not
94 | # install all needed dependencies.
95 | #Pipfile.lock
96 |
97 | # UV
98 | # Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
99 | # This is especially recommended for binary packages to ensure reproducibility, and is more
100 | # commonly ignored for libraries.
101 | #uv.lock
102 |
103 | # poetry
104 | # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
105 | # This is especially recommended for binary packages to ensure reproducibility, and is more
106 | # commonly ignored for libraries.
107 | # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
108 | #poetry.lock
109 |
110 | # pdm
111 | # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
112 | #pdm.lock
113 | # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
114 | # in version control.
115 | # https://pdm.fming.dev/latest/usage/project/#working-with-version-control
116 | .pdm.toml
117 | .pdm-python
118 | .pdm-build/
119 |
120 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
121 | __pypackages__/
122 |
123 | # Celery stuff
124 | celerybeat-schedule
125 | celerybeat.pid
126 |
127 | # SageMath parsed files
128 | *.sage.py
129 |
130 | # Environments
131 | .env
132 | .venv
133 | env/
134 | venv/
135 | ENV/
136 | env.bak/
137 | venv.bak/
138 |
139 | # Spyder project settings
140 | .spyderproject
141 | .spyproject
142 |
143 | # Rope project settings
144 | .ropeproject
145 |
146 | # mkdocs documentation
147 | /site
148 |
149 | # mypy
150 | .mypy_cache/
151 | .dmypy.json
152 | dmypy.json
153 |
154 | # Pyre type checker
155 | .pyre/
156 |
157 | # pytype static type analyzer
158 | .pytype/
159 |
160 | # Cython debug symbols
161 | cython_debug/
162 |
163 | # PyCharm
164 | # JetBrains specific template is maintained in a separate JetBrains.gitignore that can
165 | # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
166 | # and can be added to the global gitignore or merged into this file. For a more nuclear
167 | # option (not recommended) you can uncomment the following to ignore the entire idea folder.
168 | #.idea/
169 |
170 | # Ruff stuff:
171 | .ruff_cache/
172 |
173 | # PyPI configuration file
174 | .pypirc
175 | sandbox_expire/
176 | logs/
177 | tests/
178 |
```
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
```markdown
1 | # awsome-kali-MCPServers
2 |
3 | ## Overview
4 | Welcome to awsome-kali-MCPServers! This repository is a collection of Model Context Protocol (MCP) servers designed specifically for Kali Linux environments. The goal is to enhance reverse engineering, security testing, and automation workflows by integrating powerful tools and flexible features. Whether you're a security researcher or a developer, this project aims to streamline your tasks with Kali Linux.
5 |
6 | ## Quick Start
7 | Follow these steps to quickly get started with `kali-mcps`:
8 | 1. **Build the Docker Image**
9 | First, build the Docker image, temporarily named kali-mcps. Run the following command in the project root directory:
10 | ```bash
11 | docker build -t kali-mcps:latest .
12 | ```
13 | 2. **Launch an MCP Client**
14 | Ensure you have an MCP client installed, such as claude desktop, cline, goose, or roo code. Open your chosen MCP client.
15 | 3. **Configure the MCP Client**
16 | In your MCP client, create a configuration file (e.g., config.json) with the following content:
17 | ```json
18 | {
19 | "mcpServers": {
20 | "kali-docker": {
21 | "command": "docker",
22 | "args": ["run", "-i", "kali-mcps:latest"]
23 | }
24 | }
25 | }
26 | ```
27 | - `"kali-docker"` is the server name, which you can customize.
28 | - `"command": "docker"` specifies that Docker will be used to run the container.
29 | - `"args"` defines the Docker run parameters: `-i` enables interactive mode, and `kali-mcps:latest` is the image you just built.
30 |
31 | 4. **Use Kali Tools**
32 | Once configured, connect to the kali-mcps container via the MCP client and start using the built-in Kali tools (e.g., Nmap, nm, objdump, strings, tshark) for your tasks. Examples include:
33 | - Run `basic_scan` for basic network scanning.
34 | - Run `disassemble` to disassemble a target file.
35 | - Run `capture_live` to capture real-time network traffic.
36 |
37 | <p align="center">
38 | <img width="482" alt="image" src="https://github.com/user-attachments/assets/0e9fff0a-059d-424b-bb36-450a1d11adf9" />
39 | </p>
40 |
41 | ## What to Expect
42 | Network Analysis: Tools for sniffing and analyzing traffic.
43 | Binary Understanding: Support for reverse engineering and function analysis.
44 | Automation: Scripts and servers to simplify repetitive tasks.
45 |
46 | ## New Features
47 | Since the last update, we have added the following features, integrating a series of tools based on the FastMCP framework:
48 |
49 | ### 1. Network Scanning (Nmap)
50 | - `basic_scan`: Basic network scanning.
51 | - `intense_scan`: In-depth network scanning.
52 | - `stealth_scan`: Stealth network scanning.
53 | - `quick_scan`: Quick network scanning.
54 | - `vulnerability_scan`: Vulnerability scanning.
55 |
56 | ### 2. Symbol Analysis (nm)
57 | - `basic_symbols`: Lists basic symbols.
58 | - `dynamic_symbols`: Lists dynamic symbols.
59 | - `demangle_symbols`: Decodes symbols.
60 | - `numeric_sort`: Sorts symbols numerically.
61 | - `size_sort`: Sorts symbols by size.
62 | - `undefined_symbols`: Lists undefined symbols.
63 |
64 | ### 3. Binary Analysis (objdump)
65 | - `file_headers`: Lists file headers.
66 | - `disassemble`: Disassembles the target file.
67 | - `symbol_table`: Lists the symbol table.
68 | - `section_headers`: Lists section headers.
69 | - `full_contents`: Lists full contents.
70 |
71 | ### 4. String Extraction (strings)
72 | - `basic_strings`: Basic string extraction.
73 | - `min_length_strings`: Extracts strings with a specified minimum length.
74 | - `offset_strings`: Extracts strings with offsets.
75 | - `encoding_strings`: Extracts strings based on encoding.
76 |
77 | ### 5. Network Traffic Analysis (Wireshark/tshark)
78 | - `capture_live`: Captures network traffic in real-time.
79 | - `analyze_pcap`: Analyzes pcap files.
80 | - `extract_http`: Extracts HTTP data.
81 | - `protocol_hierarchy`: Lists protocol hierarchy.
82 | - `conversation_statistics`: Provides conversation statistics.
83 | - `expert_info`: Analyzes expert information.
84 | ### 6. Sandbox Support (Docker)
85 | A new sandbox feature has been added, enabling secure command execution in an isolated container environment:
86 |
87 | Runs commands using Docker containers, with the default image being ubuntu-systemd:22.04.
88 | Configurable memory limit (default: 2GB), CPU limit (default: 1 core), network mode, and timeout duration.
89 | Supports bidirectional file copying between the host and the container.
90 | Automatically cleans up container resources.
91 |
92 |
93 | ## TODO
94 | - [ ] **Docker Sandbox Support**: Add containerized environments for safe testing and execution.
95 | - [ ] **Network Tools Integration**: Support for tools like Nmap and Wireshark for advanced network analysis.
96 | - [ ] **Reverse Engineering Tools**: Integrate Ghidra and Radare2 for enhanced binary analysis.
97 | - [ ] **Agent Support**: Enable agent-based functionality for distributed tasks or remote operations.
98 |
99 | ## Current Status
100 | This project is still in its early stages. I’m working on preparing the content, including server configurations, tool integrations, and documentation. Nothing is fully ready yet, but stay tuned—exciting things are coming soon!
101 |
102 | ## Stay Updated
103 | Feel free to star or watch this repository to get updates as I add more features and files. Contributions and suggestions are welcome once the groundwork is laid out.
104 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/base/__init__.py:
--------------------------------------------------------------------------------
```python
1 | """
2 | Base package for Kali commands
3 | """
```
--------------------------------------------------------------------------------
/src/kali_mcps/nmap/__init__.py:
--------------------------------------------------------------------------------
```python
1 | """
2 | Nmap package for network scanning
3 | """
```
--------------------------------------------------------------------------------
/config.yaml:
--------------------------------------------------------------------------------
```yaml
1 | kalilinux:
2 | name: kali-tools
3 | image: kalimcps:latest # docker built -t kalimcps:latest .
4 |
5 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/__init__.py:
--------------------------------------------------------------------------------
```python
1 | """
2 | Kali MCP Servers package
3 | """
4 | from src.kali_mcps.base.kali_command import CommandRunner
5 | from src.kali_mcps.objdump.actions import (
6 | file_headers_action,
7 | disassemble_action,
8 | symbol_table_action,
9 | section_headers_action,
10 | )
11 |
12 | __all__ = [
13 | "CommandRunner",
14 | "file_headers_action",
15 | "disassemble_action",
16 | "symbol_table_action",
17 | "section_headers_action",
18 | ]
```
--------------------------------------------------------------------------------
/src/kali_mcps/traceroute/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class TracerouteCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("traceroute", network_enabled=True, memory_limit="1g", timeout=120)
7 |
8 | def traceroute_action(target: str):
9 | """
10 | Traceroute to the target
11 | """
12 | cmd = TracerouteCommand()
13 | command = ["traceroute", target]
14 | return cmd.execute(command)
15 |
16 |
17 | if __name__ == "__main__":
18 | print(traceroute_action("8.8.8.8"))
```
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
```dockerfile
1 | FROM python:3.12-slim-bookworm
2 |
3 | WORKDIR /app
4 |
5 | ENV DEBIAN_FRONTEND=noninteractive
6 |
7 | RUN apt-get update && \
8 | apt-get install -y \
9 | iputils-ping \
10 | net-tools \
11 | dnsutils \
12 | nmap \
13 | binutils \
14 | traceroute \
15 | tshark && \
16 | apt-get clean && \
17 | rm -rf /var/lib/apt/lists/*
18 |
19 | COPY requirements.txt .
20 |
21 | RUN pip install --no-cache-dir -r requirements.txt
22 |
23 |
24 | COPY . .
25 |
26 | ENV PYTHONPATH=/app
27 | ENV IS_SAFE=false
28 |
29 | # set run cmd
30 | ENTRYPOINT ["python", "app.py"]
```
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
```
1 | annotated-types==0.7.0
2 | anyio==4.9.0
3 | certifi==2025.1.31
4 | charset-normalizer==3.4.1
5 | click==8.1.8
6 | docker==7.1.0
7 | h11==0.14.0
8 | httpcore==1.0.7
9 | httpx==0.28.1
10 | httpx-sse==0.4.0
11 | idna==3.10
12 | iniconfig==2.1.0
13 | loguru==0.7.3
14 | mcp==1.6.0
15 | packaging==24.2
16 | pluggy==1.5.0
17 | pydantic==2.11.1
18 | pydantic-settings==2.8.1
19 | pydantic_core==2.33.0
20 | pytest==8.3.5
21 | pytest-asyncio==0.26.0
22 | python-dotenv==1.1.0
23 | requests==2.32.3
24 | sniffio==1.3.1
25 | sse-starlette==2.2.1
26 | starlette==0.46.1
27 | typing-inspection==0.4.0
28 | typing_extensions==4.13.0
29 | urllib3==2.3.0
30 | uvicorn==0.34.0
31 |
```
--------------------------------------------------------------------------------
/app.py:
--------------------------------------------------------------------------------
```python
1 | from src.mcp_server import mcp
2 | import argparse # 添加 argparse 模块
3 | import docker
4 | from mcp.server.models import InitializationOptions
5 |
6 |
7 | if __name__ == "__main__":
8 | # create arg parser
9 | parser = argparse.ArgumentParser(description='MCP Server with Kali image configuration')
10 | parser.add_argument('--kali-image',
11 | type=str,
12 | required=False,
13 | help='Specify the Kali Linux image name to use')
14 |
15 | args = parser.parse_args()
16 | if args.kali_image:
17 | image_name = args.kali_image
18 | # use docker lib to check if the image exists
19 | client = docker.from_env()
20 | try:
21 | client.images.get(image_name)
22 | print(f"Kali image {image_name} found")
23 | client.close()
24 | except docker.errors.ImageNotFound:
25 | print(f"Kali image {image_name} not found")
26 | exit(1)
27 | print(f"Using Kali image: {image_name}")
28 |
29 | print("Starting server is running")
30 |
31 | # pass image name to mcp
32 | mcp.run(transport="stdio")
```
--------------------------------------------------------------------------------
/src/kali_mcps/objdump/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class ObjdumpCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("objdump", network_enabled=False, memory_limit="1g", timeout=120)
7 |
8 | def file_headers_action(target: str) -> tuple[str, str]:
9 | """
10 | Display file headers
11 | For example: objdump -f /path/to/file
12 | """
13 | cmd = ObjdumpCommand()
14 | command = ["objdump", "-f", target]
15 | return cmd.execute(command)
16 |
17 | def disassemble_action(target: str, section: str = ".text") -> tuple[str, str]:
18 | """
19 | Disassemble section (default: .text)
20 | For example: objdump -d -j .text /path/to/file
21 | """
22 | cmd = ObjdumpCommand()
23 | command = ["objdump", "-d", "-j", section, target]
24 | return cmd.execute(command)
25 |
26 | def symbol_table_action(target: str) -> tuple[str, str]:
27 | """
28 | Display symbol table
29 | For example: objdump -t /path/to/file
30 | """
31 | cmd = ObjdumpCommand()
32 | command = ["objdump", "-t", target]
33 | return cmd.execute(command)
34 |
35 | def section_headers_action(target: str) -> tuple[str, str]:
36 | """
37 | Display all section headers
38 | For example: objdump -h /path/to/file
39 | """
40 | cmd = ObjdumpCommand()
41 | command = ["objdump", "-h", target]
42 | return cmd.execute(command)
43 |
44 | def full_contents_action(target: str) -> tuple[str, str]:
45 | """
46 | Display all information including headers and disassembly
47 | For example: objdump -x /path/to/file
48 | """
49 | cmd = ObjdumpCommand()
50 | command = ["objdump", "-x", target]
51 | return cmd.execute(command)
52 |
53 | if __name__ == "__main__":
54 | # Test example
55 | target_file = "/bin/ls"
56 | print(file_headers_action(target_file))
57 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/nmap/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class NmapCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("nmap",
7 | network_enabled=True, # nmap需要网络访问
8 | memory_limit="2g", # 需要更多内存
9 | timeout=300) # 需要更长的超时时间
10 |
11 | def basic_scan_action(target: str) -> tuple[str, str]:
12 | """
13 | Basic scan
14 | For example: nmap 192.168.1.1
15 | """
16 | cmd = NmapCommand()
17 | command = ["nmap", target]
18 | return cmd.execute(command)
19 |
20 | def intense_scan_action(target: str) -> tuple[str, str]:
21 | """
22 | Intense scan (-T4 -A)
23 | Includes: OS detection, version detection, script scanning, and traceroute
24 | """
25 | cmd = NmapCommand()
26 | command = ["nmap", "-T4", "-A", target]
27 | return cmd.execute(command)
28 |
29 | def stealth_scan_action(target: str) -> tuple[str, str]:
30 | """
31 | SYN scan (-sS)
32 | Half-open scan, more stealthy
33 | Requires root privileges
34 | """
35 | cmd = NmapCommand()
36 | command = ["nmap", "-sS", target]
37 | return cmd.execute(command)
38 |
39 | def quick_scan_action(target: str) -> tuple[str, str]:
40 | """
41 | Quick scan (-T4 -F)
42 | Only scans the most common ports
43 | """
44 | cmd = NmapCommand()
45 | command = ["nmap", "-T4", "-F", target]
46 | return cmd.execute(command)
47 |
48 | def vulnerability_scan_action(target: str) -> tuple[str, str]:
49 | """
50 | Vulnerability scan (-sV --script vuln)
51 | Uses vulnerability detection scripts
52 | """
53 | cmd = NmapCommand()
54 | command = ["nmap", "-sV", "--script", "vuln", target]
55 | return cmd.execute(command)
56 |
57 | if __name__ == "__main__":
58 | # Test example
59 | print(quick_scan_action("10.1.1.106"))
60 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/nm/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class NmCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("nm", network_enabled=False, memory_limit="1g", timeout=120)
7 |
8 | def basic_symbols_action(target: str) -> tuple[str, str]:
9 | """
10 | Basic symbol listing
11 | For example: nm /path/to/file
12 | """
13 | cmd = NmCommand()
14 | command = ["nm", target]
15 | return cmd.execute(command)
16 |
17 | def dynamic_symbols_action(target: str) -> tuple[str, str]:
18 | """
19 | Display dynamic symbols
20 | For example: nm -D /path/to/file
21 | """
22 | cmd = NmCommand()
23 | command = ["nm", "-D", target]
24 | return cmd.execute(command)
25 |
26 | def demangle_symbols_action(target: str) -> tuple[str, str]:
27 | """
28 | Demangle C++ symbols
29 | For example: nm -C /path/to/file
30 | """
31 | cmd = NmCommand()
32 | command = ["nm", "-C", target]
33 | return cmd.execute(command)
34 |
35 | def numeric_sort_action(target: str) -> tuple[str, str]:
36 | """
37 | Sort symbols numerically by address
38 | For example: nm -n /path/to/file
39 | """
40 | cmd = NmCommand()
41 | command = ["nm", "-n", target]
42 | return cmd.execute(command)
43 |
44 | def size_sort_action(target: str) -> tuple[str, str]:
45 | """
46 | Sort symbols by size
47 | For example: nm -S /path/to/file
48 | """
49 | cmd = NmCommand()
50 | command = ["nm", "-S", target]
51 | return cmd.execute(command)
52 |
53 | def undefined_symbols_action(target: str) -> tuple[str, str]:
54 | """
55 | Display only undefined symbols
56 | For example: nm -u /path/to/file
57 | """
58 | cmd = NmCommand()
59 | command = ["nm", "-u", target]
60 | return cmd.execute(command)
61 |
62 | if __name__ == "__main__":
63 | # Test example
64 | target_file = "/bin/ls"
65 | print(basic_symbols_action(target_file))
66 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/strings/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class StringsCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("strings", network_enabled=False, memory_limit="1g", timeout=120)
7 |
8 | def basic_strings_action(target: str, input_file: bytes = None) -> tuple[str, str]:
9 | """
10 | Basic strings analysis
11 | For example: strings /path/to/file
12 | """
13 | cmd = StringsCommand()
14 | command = ["strings", target]
15 | return cmd.execute(command, input_files={"input_file": "/tmp/input_file"})
16 |
17 | def min_length_strings_action(target: str, length: int = 6) -> tuple[str, str]:
18 | """
19 | Strings analysis with specified minimum length
20 | For example: strings -n 6 /path/to/file
21 | """
22 | cmd = StringsCommand()
23 | command = ["strings", "-n", str(length), target]
24 | return cmd.execute(command)
25 |
26 | def offset_strings_action(target: str, format: str = "x") -> tuple[str, str]:
27 | """
28 | Strings analysis showing string offsets
29 | format can be: 'd' (decimal), 'o' (octal), 'x' (hexadecimal)
30 | For example: strings -t x /path/to/file
31 | """
32 | cmd = StringsCommand()
33 | command = ["strings", "-t", format, target]
34 | return cmd.execute(command)
35 |
36 | def encoding_strings_action(target: str, encoding: str = "S") -> tuple[str, str]:
37 | """
38 | Strings analysis with specified character encoding
39 | encoding can be:
40 | - 's' = 7-bit string
41 | - 'S' = 8-bit string
42 | - 'b' = 16-bit big-endian
43 | - 'l' = 16-bit little-endian
44 | For example: strings -e S /path/to/file
45 | """
46 | cmd = StringsCommand()
47 | command = ["strings", "-e", encoding, target]
48 | return cmd.execute(command)
49 |
50 | if __name__ == "__main__":
51 | # Test example
52 | target_file = "/bin/ls"
53 | input_file = bytes.fromhex("68656c6c6f20776f726c64")
54 | print(basic_strings_action(target_file, {"input_file": input_file , "output_file": "/tmp/output_file"}))
55 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/wireshark/actions.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | from src.kali_mcps.base.kali_command import CommandRunner
3 |
4 | class TsharkCommand(CommandRunner):
5 | def __init__(self):
6 | super().__init__("tshark",
7 | network_enabled=True, # 需要网络访问
8 | memory_limit="2g", # 需要更多内存
9 | timeout=300) # 需要更长的超时时间
10 |
11 | def capture_live_action(interface: str, duration: int = 30, filter: str = "") -> tuple[str, str]:
12 | """
13 | Capture live traffic from network interface
14 | For example: tshark -i eth0 -a duration:30 -f "port 80"
15 | """
16 | cmd = TsharkCommand()
17 | command = ["tshark", "-i", interface, "-a", f"duration:{duration}"]
18 | if filter:
19 | command.extend(["-f", filter])
20 | return cmd.execute(command)
21 |
22 | def analyze_pcap_action(pcap_file: str, display_filter: str = "") -> tuple[str, str]:
23 | """
24 | Analyze existing pcap file
25 | For example: tshark -r file.pcap -Y "http"
26 | """
27 | cmd = TsharkCommand()
28 | command = ["tshark", "-r", pcap_file]
29 | if display_filter:
30 | command.extend(["-Y", display_filter])
31 | return cmd.execute(command)
32 |
33 | def extract_http_action(pcap_file: str) -> tuple[str, str]:
34 | """
35 | Extract HTTP objects from pcap file
36 | For example: tshark -r file.pcap -Y "http" -T fields -e http.request.method -e http.request.uri
37 | """
38 | cmd = TsharkCommand()
39 | command = [
40 | "tshark", "-r", pcap_file,
41 | "-Y", "http",
42 | "-T", "fields",
43 | "-e", "http.request.method",
44 | "-e", "http.request.uri"
45 | ]
46 | return cmd.execute(command)
47 |
48 | def protocol_hierarchy_action(pcap_file: str) -> tuple[str, str]:
49 | """
50 | Show protocol hierarchy statistics
51 | For example: tshark -r file.pcap -q -z io,phs
52 | """
53 | cmd = TsharkCommand()
54 | command = ["tshark", "-r", pcap_file, "-q", "-z", "io,phs"]
55 | return cmd.execute(command)
56 |
57 | def conversation_statistics_action(pcap_file: str) -> tuple[str, str]:
58 | """
59 | Show conversation statistics
60 | For example: tshark -r file.pcap -q -z conv,ip
61 | """
62 | cmd = TsharkCommand()
63 | command = ["tshark", "-r", pcap_file, "-q", "-z", "conv,ip"]
64 | return cmd.execute(command)
65 |
66 | def expert_info_action(pcap_file: str) -> tuple[str, str]:
67 | """
68 | Show expert information (errors, warnings, notes)
69 | For example: tshark -r file.pcap -q -z expert
70 | """
71 | cmd = TsharkCommand()
72 | command = ["tshark", "-r", pcap_file, "-q", "-z", "expert"]
73 | return cmd.execute(command)
74 |
75 | if __name__ == "__main__":
76 | # Test example
77 | pcap_file = "capture.pcap"
78 | print(protocol_hierarchy_action(pcap_file))
79 |
```
--------------------------------------------------------------------------------
/src/kali_mcps/base/kali_command.py:
--------------------------------------------------------------------------------
```python
1 | import subprocess
2 | import os
3 | import asyncio
4 | from src.sandbox import create_sandbox_client, SandboxSettings, SandboxTimeoutError, SandboxError
5 |
6 | class CommandRunner:
7 | """Base class for executing Kali commands"""
8 |
9 | def __init__(self, command_name: str, network_enabled: bool = False,
10 | memory_limit: str = "1g", timeout: int = 120):
11 | """
12 | Initialize CommandRunner
13 | Args:
14 | command_name: Name of the command (e.g. 'objdump', 'nm', etc.)
15 | network_enabled: Whether network access is needed
16 | memory_limit: Memory limit for sandbox
17 | timeout: Timeout in seconds
18 | """
19 | self.command_name = command_name
20 | self.network_enabled = network_enabled
21 | self.memory_limit = memory_limit
22 | self.timeout = timeout
23 | self.IS_SAFE = os.environ.get("IS_SAFE", "false").lower() == "true"
24 |
25 | def run_command(self, command: list) -> tuple[str, str]:
26 | """Execute command and return output results"""
27 | try:
28 | process = subprocess.Popen(
29 | command,
30 | stdout=subprocess.PIPE,
31 | stderr=subprocess.PIPE,
32 | universal_newlines=True
33 | )
34 | stdout, stderr = process.communicate()
35 | return stdout, stderr
36 | except Exception as e:
37 | return "", str(e)
38 |
39 | async def run_with_sandbox(self, command: list, input_files: dict = None) -> tuple[str, str]:
40 | """
41 | Execute command in Kali sandbox
42 | Args:
43 | command: Command to execute
44 | input_files: Dict of {local_path: container_path} for files to copy into container
45 | """
46 | kali_config = SandboxSettings(
47 | image="kalilinux/kali-rolling",
48 | memory_limit=self.memory_limit,
49 | cpu_limit=1.0,
50 | network_enabled=self.network_enabled,
51 | timeout=self.timeout
52 | )
53 | client = create_sandbox_client()
54 | try:
55 | await client.create(config=kali_config)
56 |
57 | # 如果有输入文件,先复制到容器中
58 | if input_files:
59 | for local_path, container_path in input_files.items():
60 | await client.copy_to_container(local_path, container_path)
61 |
62 | # 执行命令
63 | cmd_str = " ".join(command)
64 | stdout = await client.run_command(cmd_str)
65 | return stdout, ""
66 | except Exception as e:
67 | return "", str(e)
68 | finally:
69 | await client.cleanup()
70 |
71 | async def safe_execute_kali_command(self, command: list, input_files: dict = None) -> tuple[str, str]:
72 | """
73 | Safely execute Kali command
74 | Args:
75 | command: Command to execute
76 | input_files: Dict of {local_path: container_path} for files to copy into container
77 | """
78 | try:
79 | result = await self.run_with_sandbox(command, input_files)
80 | return result
81 | except SandboxTimeoutError:
82 | return "", "Command execution timed out"
83 | except SandboxError as e:
84 | return "", f"Sandbox execution error: {str(e)}"
85 | except Exception as e:
86 | return "", f"Unknown error: {str(e)}"
87 |
88 | def execute(self, command: list, input_files: dict = None) -> tuple[str, str]:
89 | """
90 | Execute command with safety check
91 | Args:
92 | command: Command to execute
93 | input_files: Dict of {local_path: container_path} for files to copy into container
94 | """
95 | # if self.IS_SAFE:
96 | # return await self.safe_execute_kali_command(command, input_files)
97 | # else:
98 | return self.run_command(command)
```
--------------------------------------------------------------------------------
/src/sandbox.py:
--------------------------------------------------------------------------------
```python
1 | import asyncio
2 | import docker
3 | import tarfile
4 | import os
5 | import io
6 | from typing import Optional, Dict, Any
7 | from dataclasses import dataclass
8 |
9 | class SandboxSettings:
10 | """sandbox configuration settings"""
11 | def __init__(
12 | self,
13 | image: str = "kalimcps:latest",
14 | memory_limit: str = "2g",
15 | cpu_limit: float = 1.0,
16 | network_enabled: bool = True,
17 | network_mode: str = "bridge",
18 | timeout: int = 300
19 | ):
20 | self.image = image
21 | self.memory_limit = memory_limit
22 | self.cpu_limit = cpu_limit
23 | self.network_enabled = network_enabled
24 | self.network_mode = network_mode
25 | self.timeout = timeout
26 |
27 | class SandboxError(Exception):
28 | """Base exception for sandbox-related errors."""
29 |
30 |
31 | class SandboxTimeoutError(SandboxError):
32 | """Exception raised when a sandbox operation times out."""
33 |
34 |
35 | class SandboxResourceError(SandboxError):
36 | """Exception raised for resource-related errors."""
37 |
38 |
39 | class SandboxClient:
40 | """Sandbox client, providing only container creation and cleanup functionality"""
41 |
42 | def __init__(self):
43 | self.client = docker.from_env()
44 | self.container = None
45 |
46 | async def create(self, config: SandboxSettings) -> None:
47 | """Create and start the container"""
48 | try:
49 | # prepare container configuration
50 | container_config = {
51 | "image": config.image,
52 | "detach": True,
53 | "mem_limit": config.memory_limit,
54 | "nano_cpus": int(config.cpu_limit * 1e9),
55 | "network_mode": config.network_mode if config.network_enabled else "none",
56 | }
57 |
58 | # create and start container
59 | self.container = self.client.containers.run(**container_config)
60 | print(f"Container created: {self.container.id}")
61 | except Exception as e:
62 | raise SandboxError(f"Failed to create container: {str(e)}")
63 |
64 | async def run_command(self, command: str) -> str:
65 | """Execute a command in the container"""
66 | if not self.container:
67 | raise SandboxError("Container not created")
68 |
69 | try:
70 | exec_result = self.container.exec_run(command, tty=True)
71 | return exec_result.output.decode('utf-8')
72 | except Exception as e:
73 | raise SandboxError(f"Failed to execute command: {str(e)}")
74 |
75 | async def copy_to_container(self, source_path: str, container_path: str) -> None:
76 | """
77 | Copy a file from host to container
78 | Args:
79 | source_path: Path to the file on host
80 | container_path: Path where to put the file in container
81 | """
82 | if not self.container:
83 | raise SandboxError("Container not created")
84 |
85 | try:
86 | # create a memory-based tar file
87 | tar_stream = io.BytesIO()
88 | with tarfile.open(fileobj=tar_stream, mode='w') as tar:
89 | # add file to tar
90 | tar.add(source_path, arcname=os.path.basename(container_path))
91 |
92 | tar_stream.seek(0)
93 | # copy to container
94 | self.container.put_archive(
95 | path=os.path.dirname(container_path),
96 | data=tar_stream
97 | )
98 | print(f"File copied to container: {container_path}")
99 | except Exception as e:
100 | raise SandboxError(f"Failed to copy file to container: {str(e)}")
101 |
102 | async def copy_from_container(self, container_path: str, dest_path: str) -> None:
103 | """
104 | Copy a file from container to host
105 | Args:
106 | container_path: Path to the file in container
107 | dest_path: Path where to put the file on host
108 | """
109 | if not self.container:
110 | raise SandboxError("Container not created")
111 |
112 | try:
113 | # get the tar stream of the file from container
114 | bits, stat = self.container.get_archive(container_path)
115 |
116 | # create the destination directory (if it doesn't exist)
117 | os.makedirs(os.path.dirname(dest_path), exist_ok=True)
118 |
119 | # write the tar stream to a temporary file
120 | with open(dest_path, 'wb') as f:
121 | for chunk in bits:
122 | f.write(chunk)
123 | print(f"File copied from container: {dest_path}")
124 | except Exception as e:
125 | raise SandboxError(f"Failed to copy file from container: {str(e)}")
126 |
127 | async def cleanup(self) -> None:
128 | """Clean up and remove the container"""
129 | if self.container:
130 | try:
131 | self.container.stop()
132 | self.container.remove()
133 | print(f"Container cleaned up: {self.container.id}")
134 | self.container = None
135 | except Exception as e:
136 | print(f"Error cleaning up container: {str(e)}")
137 |
138 | def create_sandbox_client() -> SandboxClient:
139 | """Create a factory function for the sandbox client"""
140 | return SandboxClient()
141 |
142 |
143 |
144 | # example
145 | async def run_in_sandbox(command: str) -> str:
146 | """Run a command in the sandbox"""
147 | config = SandboxSettings()
148 | client = create_sandbox_client()
149 |
150 | try:
151 | await client.create(config=config)
152 | result = await client.run_command(command)
153 | return result
154 | except SandboxTimeoutError:
155 | return "Command execution timed out"
156 | except SandboxError as e:
157 | return f"Sandbox execution error: {str(e)}"
158 | except Exception as e:
159 | return f"Unknown error: {str(e)}"
160 | finally:
161 | await client.cleanup()
162 |
163 | # if you run this script directly
164 | if __name__ == "__main__":
165 | async def main():
166 | print("Starting sandbox test...")
167 |
168 | result = await run_in_sandbox("echo 'Sandbox test successful'")
169 | print(result)
170 |
171 | asyncio.run(main())
```
--------------------------------------------------------------------------------
/src/kali_mcps/manual.yaml:
--------------------------------------------------------------------------------
```yaml
1 |
2 | mcp:
3 | tools:
4 | - nmap:
5 | functions:
6 | - basic_scan
7 | description: "Perform a basic network scan using nmap."
8 | parameters:
9 | target:
10 | type: str
11 | description: "The target IP address or hostname to scan."
12 | - intense_scan
13 | description: "Perform an intense network scan using nmap."
14 | parameters:
15 | target:
16 | type: str
17 | description: "The target IP address or hostname to scan."
18 | - stealth_scan
19 | description: "Perform a stealth network scan using nmap."
20 | parameters:
21 | target:
22 | type: str
23 | description: "The target IP address or hostname to scan."
24 | - quick_scan
25 | description: "Perform a quick network scan using nmap."
26 | parameters:
27 | target:
28 | type: str
29 | description: "The target IP address or hostname to scan."
30 | - vulnerability_scan
31 | description: "Perform a vulnerability scan using nmap."
32 | parameters:
33 | target:
34 | type: str
35 | description: "The target IP address or hostname to scan."
36 |
37 | - strings:
38 | functions:
39 | - basic_strings
40 | description: "Perform a basic strings scan using strings."
41 | parameters:
42 | target:
43 | type: str
44 | description: "The target file to scan."
45 | - min_length_strings
46 | description: "Perform a min length strings scan using strings."
47 | parameters:
48 | target:
49 | type: str
50 | description: "The target file to scan."
51 | - offset_strings
52 | description: "Perform an offset strings scan using strings."
53 | parameters:
54 | target:
55 | type: str
56 | description: "The target file to scan."
57 | - encoding_strings
58 | description: "Perform an encoding strings scan using strings."
59 | parameters:
60 | target:
61 | type: str
62 | description: "The target file to scan."
63 |
64 | - objdump:
65 | functions:
66 | - file_headers
67 | description: "Perform a file headers scan using objdump."
68 | parameters:
69 | target:
70 | type: str
71 | description: "The target file to scan."
72 | - disassemble
73 | description: "Perform a disassemble scan using objdump."
74 | parameters:
75 | target:
76 | type: str
77 | description: "The target file to scan."
78 | - symbol_table
79 | description: "Perform a symbol table scan using objdump."
80 | parameters:
81 | target:
82 | type: str
83 | description: "The target file to scan."
84 | - section_headers
85 | description: "Perform a section headers scan using objdump."
86 | parameters:
87 | target:
88 | type: str
89 | description: "The target file to scan."
90 | - full_contents
91 | description: "Perform a full contents scan using objdump."
92 | parameters:
93 | target:
94 | type: str
95 | description: "The target file to scan."
96 |
97 | - nm:
98 | functions:
99 | - basic_symbols
100 | description: "Perform a basic symbols scan using nm."
101 | parameters:
102 | target:
103 | type: str
104 | description: "The target file to scan."
105 | - dynamic_symbols
106 | description: "Perform a dynamic symbols scan using nm."
107 | parameters:
108 | target:
109 | type: str
110 | description: "The target file to scan."
111 | - demangle_symbols
112 | description: "Perform a demangle symbols scan using nm."
113 | parameters:
114 | target:
115 | type: str
116 | description: "The target file to scan."
117 | - numeric_sort
118 | description: "Perform a numeric sort scan using nm."
119 | parameters:
120 | target:
121 | type: str
122 | description: "The target file to scan."
123 | - size_sort
124 | description: "Perform a size sort scan using nm."
125 | parameters:
126 | target:
127 | type: str
128 | description: "The target file to scan."
129 | - undefined_symbols
130 | description: "Perform an undefined symbols scan using nm."
131 | parameters:
132 | target:
133 | type: str
134 | description: "The target file to scan."
135 |
136 | - wireshark:
137 | functions:
138 | - capture_live
139 | description: "Perform a capture live scan using wireshark."
140 | parameters:
141 | interface:
142 | type: str
143 | description: "The network interface to capture live traffic on."
144 | duration:
145 | type: int
146 | description: "The duration of the capture in seconds."
147 | - analyze_pcap
148 | description: "Perform an analyze pcap scan using wireshark."
149 | parameters:
150 | pcap_file:
151 | type: str
152 | description: "The pcap file to analyze."
153 | - extract_http
154 | description: "Perform an extract http scan using wireshark."
155 | parameters:
156 | pcap_file:
157 | type: str
158 | description: "The pcap file to analyze."
159 | - protocol_hierarchy
160 | description: "Perform a protocol hierarchy scan using wireshark."
161 | parameters:
162 | pcap_file:
163 | type: str
164 | description: "The pcap file to analyze."
165 | - conversation_statistics
166 | description: "Perform a conversation statistics scan using wireshark."
167 | parameters:
168 | pcap_file:
169 | type: str
170 | description: "The pcap file to analyze."
171 | - expert_info
172 | description: "Perform an expert info scan using wireshark."
173 | parameters:
174 | pcap_file:
175 | type: str
176 | description: "The pcap file to analyze."
```
--------------------------------------------------------------------------------
/src/mcp_server.py:
--------------------------------------------------------------------------------
```python
1 | from mcp.server.fastmcp import FastMCP
2 | from pydantic import BaseModel, Field
3 | import os
4 | from src.kali_mcps.nmap.actions import basic_scan_action, intense_scan_action, stealth_scan_action, quick_scan_action, vulnerability_scan_action
5 | from src.kali_mcps.nm.actions import basic_symbols_action, dynamic_symbols_action, demangle_symbols_action, numeric_sort_action, size_sort_action, undefined_symbols_action
6 | from src.kali_mcps.objdump.actions import file_headers_action, disassemble_action, symbol_table_action, section_headers_action, full_contents_action
7 | from src.kali_mcps.strings.actions import basic_strings_action, min_length_strings_action, offset_strings_action, encoding_strings_action
8 | from src.kali_mcps.wireshark.actions import capture_live_action, analyze_pcap_action, extract_http_action, protocol_hierarchy_action, conversation_statistics_action, expert_info_action
9 | from src.kali_mcps.traceroute.actions import traceroute_action
10 | mcp = FastMCP("kali-tools")
11 |
12 |
13 | IS_SAFE = os.environ.get("IS_SAFE", "false").lower() == "true" # is safe mode, if true, the command will be executed in the sandbox
14 |
15 | # nmap start
16 | @mcp.tool()
17 | def basic_scan(target: str):
18 | """Perform a basic network scan using nmap.
19 |
20 | Args:
21 | target (str): The target IP address or hostname to scan.
22 |
23 | Returns:
24 | str: The output results of the basic scan.
25 | """
26 | return basic_scan_action(target)
27 |
28 | @mcp.tool()
29 | def intense_scan(target: str):
30 | """Perform an intense network scan using nmap.
31 |
32 | Args:
33 | target (str): The target IP address or hostname to scan.
34 |
35 | Returns:
36 | str: The output results of the intense scan.
37 | """
38 | return intense_scan_action(target)
39 |
40 | @mcp.tool()
41 | def stealth_scan(target: str):
42 | """Perform a stealth network scan using nmap.
43 |
44 | Args:
45 | target (str): The target IP address or hostname to scan.
46 |
47 | Returns:
48 | str: The output results of the stealth scan.
49 | """
50 | return stealth_scan_action(target)
51 |
52 | @mcp.tool()
53 | def quick_scan(target: str):
54 | """Perform a quick network scan using nmap.
55 |
56 | Args:
57 | target (str): The target IP address or hostname to scan.
58 |
59 | Returns:
60 | str: The output results of the quick scan.
61 | """
62 | return quick_scan_action(target)
63 |
64 | @mcp.tool()
65 | def vulnerability_scan(target: str):
66 | """Perform a vulnerability scan using nmap.
67 |
68 | Args:
69 | target (str): The target IP address or hostname to scan.
70 |
71 | Returns:
72 | str: The output results of the vulnerability scan.
73 | """
74 | return vulnerability_scan_action(target)
75 | # nmap end
76 |
77 | # nm start
78 | @mcp.tool()
79 | def basic_symbols(target: str):
80 | """Perform a basic symbol listing using nm.
81 |
82 | Args:
83 | target (str): The target file or executable to analyze.
84 |
85 | Returns:
86 | str: The output results of the basic symbol listing.
87 | """
88 | return basic_symbols_action(target)
89 |
90 | @mcp.tool()
91 | def dynamic_symbols(target: str):
92 | """Perform a dynamic symbol listing using nm.
93 |
94 | Args:
95 | target (str): The target file or executable to analyze.
96 |
97 | Returns:
98 | str: The output results of the dynamic symbol listing.
99 | """
100 | return dynamic_symbols_action(target)
101 |
102 | @mcp.tool()
103 | def demangle_symbols(target: str):
104 | """Perform a demangling of symbols using nm.
105 |
106 | Args:
107 | target (str): The target file or executable to analyze.
108 |
109 | Returns:
110 | str: The output results of the demangling of symbols.
111 | """
112 | return demangle_symbols_action(target)
113 |
114 | @mcp.tool()
115 | def numeric_sort(target: str):
116 | """Perform a numeric sort of symbols using nm.
117 |
118 | Args:
119 | target (str): The target file or executable to analyze.
120 |
121 | Returns:
122 | str: The output results of the numeric sort of symbols.
123 | """
124 | return numeric_sort_action(target)
125 |
126 | @mcp.tool()
127 | def size_sort(target: str):
128 | """Perform a size sort of symbols using nm.
129 |
130 | Args:
131 | target (str): The target file or executable to analyze.
132 |
133 | Returns:
134 | str: The output results of the size sort of symbols.
135 | """
136 | return size_sort_action(target)
137 |
138 | @mcp.tool()
139 | def undefined_symbols(target: str):
140 | """Perform an undefined symbol listing using nm.
141 |
142 | Args:
143 | target (str): The target file or executable to analyze.
144 |
145 | Returns:
146 | str: The output results of the undefined symbol listing.
147 | """
148 | return undefined_symbols_action(target)
149 | # nm end
150 |
151 | # objdump start
152 | @mcp.tool()
153 | def file_headers(target: str):
154 | """Perform a file header listing using objdump.
155 |
156 | Args:
157 | target (str): The target file or executable to analyze.
158 |
159 | Returns:
160 | str: The output results of the file header listing.
161 | """
162 | return file_headers_action(target)
163 |
164 | @mcp.tool()
165 | def disassemble(target: str):
166 | """Perform a disassembly of the target file using objdump.
167 |
168 | Args:
169 | target (str): The target file or executable to analyze.
170 |
171 | Returns:
172 | str: The output results of the disassembly of the target file.
173 | """
174 | return disassemble_action(target)
175 |
176 | @mcp.tool()
177 | def symbol_table(target: str):
178 | """Perform a symbol table listing using objdump.
179 |
180 | Args:
181 | target (str): The target file or executable to analyze.
182 |
183 | Returns:
184 | str: The output results of the symbol table listing.
185 | """
186 | return symbol_table_action(target)
187 |
188 | @mcp.tool()
189 | def section_headers(target: str):
190 | """Perform a section header listing using objdump.
191 |
192 | Args:
193 | target (str): The target file or executable to analyze.
194 |
195 | Returns:
196 | str: The output results of the section header listing.
197 | """
198 | return section_headers_action(target)
199 |
200 | @mcp.tool()
201 | def full_contents(target: str):
202 | """Perform a full contents listing using objdump.
203 |
204 | Args:
205 | target (str): The target file or executable to analyze.
206 |
207 | Returns:
208 | str: The output results of the full contents listing.
209 | """
210 | return full_contents_action(target)
211 | # objdump end
212 |
213 | # strings start
214 | @mcp.tool()
215 | def basic_strings(target: str):
216 | """Perform a basic string listing using strings.
217 |
218 | Args:
219 | target (str): The target file or executable to analyze.
220 |
221 | Returns:
222 | str: The output results of the basic string listing.
223 | """
224 | return basic_strings_action(target)
225 |
226 | @mcp.tool()
227 | def min_length_strings(target: str):
228 | """Perform a minimum length string listing using strings.
229 |
230 | Args:
231 | target (str): The target file or executable to analyze.
232 |
233 | Returns:
234 | str: The output results of the minimum length string listing.
235 | """
236 | return min_length_strings_action(target)
237 |
238 | @mcp.tool()
239 | def offset_strings(target: str):
240 | """Perform an offset string listing using strings.
241 |
242 | Args:
243 | target (str): The target file or executable to analyze.
244 |
245 | Returns:
246 | str: The output results of the offset string listing.
247 | """
248 | return offset_strings_action(target)
249 |
250 | @mcp.tool()
251 | def encoding_strings(target: str):
252 | """Perform an encoding string listing using strings.
253 |
254 | Args:
255 | target (str): The target file or executable to analyze.
256 |
257 | Returns:
258 | str: The output results of the encoding string listing.
259 | """
260 | return encoding_strings_action(target)
261 | # strings end
262 |
263 | # tshark start
264 | @mcp.tool()
265 | def capture_live(interface: str, duration: int = 30, filter: str = ""):
266 | """Perform a live capture of network traffic using tshark.
267 |
268 | Args:
269 | interface (str): The network interface to capture from.
270 | duration (int): The duration of the capture in seconds.
271 | filter (str): The filter to apply to the capture.
272 |
273 | Returns:
274 | str: The output results of the live capture of network traffic.
275 | """
276 | return capture_live_action(interface, duration, filter)
277 |
278 |
279 | @mcp.tool()
280 | def analyze_pcap(pcap_file: str, display_filter: str = ""):
281 | """Perform an analysis of a pcap file using tshark.
282 |
283 | Args:
284 | pcap_file (str): The path to the pcap file to analyze.
285 | display_filter (str): The filter to apply to the analysis.
286 |
287 | Returns:
288 | str: The output results of the analysis of the pcap file.
289 | """
290 | return analyze_pcap_action(pcap_file, display_filter)
291 |
292 | @mcp.tool()
293 | def extract_http(pcap_file: str):
294 | """Perform an HTTP extraction from a pcap file using tshark.
295 |
296 | Args:
297 | pcap_file (str): The path to the pcap file to extract HTTP from.
298 |
299 | Returns:
300 | str: The output results of the HTTP extraction from the pcap file.
301 | """
302 | return extract_http_action(pcap_file)
303 |
304 | @mcp.tool()
305 | def protocol_hierarchy(pcap_file: str):
306 | """Perform a protocol hierarchy listing using tshark.
307 |
308 | Args:
309 | pcap_file (str): The path to the pcap file to analyze.
310 |
311 | Returns:
312 | str: The output results of the protocol hierarchy listing.
313 | """
314 | return protocol_hierarchy_action(pcap_file)
315 |
316 | @mcp.tool()
317 | def conversation_statistics(pcap_file: str):
318 | """Perform a conversation statistics listing using tshark.
319 |
320 | Args:
321 | pcap_file (str): The path to the pcap file to analyze.
322 |
323 | Returns:
324 | str: The output results of the conversation statistics listing.
325 | """
326 | return conversation_statistics_action(pcap_file)
327 |
328 | @mcp.tool()
329 | def expert_info(pcap_file: str):
330 | """Perform an expert information listing using tshark.
331 |
332 | Args:
333 | pcap_file (str): The path to the pcap file to analyze.
334 |
335 | Returns:
336 | str: The output results of the expert information listing.
337 | """
338 | return expert_info_action(pcap_file)
339 | # tshark end
340 |
341 | # traceroute start
342 | @mcp.tool()
343 | def traceroute(target: str):
344 | """
345 | Perform a traceroute to the target.
346 |
347 | Args:
348 | target (str): The target IP address or hostname to traceroute to.
349 |
350 | Returns:
351 | str: The output results of the traceroute.
352 | """
353 | return traceroute_action(target)
354 | # traceroute end
355 |
356 | # run server, using stdio transport
357 | if __name__ == "__main__":
358 | print("Starting server is running")
359 | mcp.run(transport="stdio")
```