CTF Solver

Provides automated access to 55+ security tools for CTF solving and security testing via MCP.
  • python

8

GitHub Stars

python

Language

6 months ago

First Indexed

2 months ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs

You can leverage the CTF Solver MCP Server to orchestrate 55+ security tools from Kali Linux through an AI-powered workflow. This server lets your AI assistant, via the MCP protocol, automate CTF challenge solving, vulnerability assessments, and complex security workflows with natural language prompts.

How to use

Connect your MCP client (such as Claude Desktop or 5ire Desktop) to the Kali server using either the provided HTTP URL or the local stdio command. You will issue natural language prompts describing security tasks or CTF challenges, and the AI assistant will orchestrate the appropriate tools, run multi-step attack chains, and return results. Typical use cases include decrypting cryptography challenges, scanning a web app for vulnerabilities, performing memory forensics, and running automated forensics workflows. The system maintains persistent workspaces for multi-step analysis and offers interactive sessions to manage running exploits.

How to install

Prerequisites vary by deployment method. Choose Docker (recommended) for a zero-setup experience, or install natively on Kali Linux or a Linux environment with Python 3.12+.

# Option A: Docker (recommended)
# Start the server with pre-installed tools

Option B: Native installation on your Kali-equipped environment. Follow these steps to prepare and run the server locally.

Step-by-step commands for native installation

# 1. Clone the project
git clone https://github.com/foxibu/CTF-Solver.git
cd CTF-Solver

# 2. Install Python dependencies
pip install -e .
# OR use uvx for faster installation
uv pip install -e .

# 3. Install security tools (essential quickly; full guide available in follow-up steps)
sudo apt install -y nmap gobuster dirb nikto sqlmap wpscan hydra john \
    checksec binwalk steghide volatility3 radare2

# 4. Start the Kali server (Flask-based API on port 5000)
python3 kali_server.py
# Server runs on http://0.0.0.0:5000

Configure your MCP client to point at the server. Use the explicit commands shown below for Claude Desktop or 5ire Desktop.

MCP connection configurations

{
  "mcpServers": {
    "kali_mcp": {
      "command": "python3",
      "args": [
        "/absolute/path/to/src/my_server/mcp_server.py",
        "--server",
        "http://localhost:5000/"
      ]
    }
  }
}
{
  "mcpServers": {
    "kali_mcp": {
      "command": "python3",
      "args": [
        "/absolute/path/to/src/my_server/mcp_server.py",
        "--server",
        "http://KALI_IP:5000/"
      ]
    }
  }
}

Notes on Docker deployment

If you prefer containerized deployment, you can run the pre-built image with Docker Compose. The Docker setup provides persistent sessions and workspaces, and keeps 55+ tools readily available. Use docker-compose up -d to start, and docker-compose down to stop.

Security and usage notes

Only use this server for authorized testing, CTF participation, or educational purposes within defined scopes. Obtain explicit permission before testing any real systems, and adhere to applicable laws and ethical guidelines. The server is intended for controlled environments where you own the data or have written authorization.

Troubleshooting and tips

  • Ensure the Kali server URL is reachable from your MCP client. If you run the server on a private network, consider an SSH tunnel or VPN to expose the correct address.
  • Verify Python dependencies are installed and that the server process is running without errors. Check log output for hints about missing tools or misconfigurations.
  • If a tool endpoint times out, adjust the request timeout to fit your environment and retry.
  • Use persistent workspaces to organize challenges and keep results across sessions.

Configuration details

Environment variables shown in the deployment notes include KALI_SERVER_URL, KALI_REQUEST_TIMEOUT, and DEBUG_MODE. You can set these on your host to influence the server behavior, such as the target Kali server URL, request timeout duration, and whether to enable verbose debug logs.

Examples of typical use cases

RSA cryptography challenges: prompt the AI to factor the modulus, apply Wiener's attack, or run RsaCtfTool to decrypt ciphertext and extract the flag. Web application testing: prompt to run port scans, directory enumeration, vulnerability scans, and SQLi checks, then compile a security report. Memory forensics: prompt to run Volatility3 workflows for memory analysis, process enumeration, and IOC extraction to locate indicators of compromise.

Tools and capabilities overview

The server exposes 73+ tool endpoints and supports automated forensics workflows, session-based workspaces, interactive shell management, and AI-guided workflow prompts to streamline CTF solving and security testing.

Structured configuration and environment details

The following environment variables and MCP connection options are provided for configuring runtime behavior and MCP client integration. Use the exact commands and configurations shown to ensure compatibility with the MCP protocol.

Available tools

Session Management

Maintain persistent workspaces for multi-step analysis and manage analysis sessions across prompts.

Interactive Shells

Bidirectional communication with running exploits and tools within a session.

Workflow Prompts

Pre-built templates and AI-driven prompts to guide common CTF scenarios.

Tool Wrappers

50+ MCP tool wrappers enabling automated security tasks from Kali Linux tools.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
CTF Solver MCP Server - foxibu/ctf-solver | VeilStrat