- Home
- MCP servers
- CTF Solver
CTF Solver
- python
8
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
You can leverage the CTF Solver MCP Server to orchestrate 55+ security tools from Kali Linux through an AI-powered workflow. This server lets your AI assistant, via the MCP protocol, automate CTF challenge solving, vulnerability assessments, and complex security workflows with natural language prompts.
How to use
Connect your MCP client (such as Claude Desktop or 5ire Desktop) to the Kali server using either the provided HTTP URL or the local stdio command. You will issue natural language prompts describing security tasks or CTF challenges, and the AI assistant will orchestrate the appropriate tools, run multi-step attack chains, and return results. Typical use cases include decrypting cryptography challenges, scanning a web app for vulnerabilities, performing memory forensics, and running automated forensics workflows. The system maintains persistent workspaces for multi-step analysis and offers interactive sessions to manage running exploits.
How to install
Prerequisites vary by deployment method. Choose Docker (recommended) for a zero-setup experience, or install natively on Kali Linux or a Linux environment with Python 3.12+.
# Option A: Docker (recommended)
# Start the server with pre-installed tools
Option B: Native installation on your Kali-equipped environment. Follow these steps to prepare and run the server locally.
Step-by-step commands for native installation
# 1. Clone the project
git clone https://github.com/foxibu/CTF-Solver.git
cd CTF-Solver
# 2. Install Python dependencies
pip install -e .
# OR use uvx for faster installation
uv pip install -e .
# 3. Install security tools (essential quickly; full guide available in follow-up steps)
sudo apt install -y nmap gobuster dirb nikto sqlmap wpscan hydra john \
checksec binwalk steghide volatility3 radare2
# 4. Start the Kali server (Flask-based API on port 5000)
python3 kali_server.py
# Server runs on http://0.0.0.0:5000
Configure your MCP client to point at the server. Use the explicit commands shown below for Claude Desktop or 5ire Desktop.
MCP connection configurations
{
"mcpServers": {
"kali_mcp": {
"command": "python3",
"args": [
"/absolute/path/to/src/my_server/mcp_server.py",
"--server",
"http://localhost:5000/"
]
}
}
}
{
"mcpServers": {
"kali_mcp": {
"command": "python3",
"args": [
"/absolute/path/to/src/my_server/mcp_server.py",
"--server",
"http://KALI_IP:5000/"
]
}
}
}
Notes on Docker deployment
If you prefer containerized deployment, you can run the pre-built image with Docker Compose. The Docker setup provides persistent sessions and workspaces, and keeps 55+ tools readily available. Use docker-compose up -d to start, and docker-compose down to stop.
Security and usage notes
Only use this server for authorized testing, CTF participation, or educational purposes within defined scopes. Obtain explicit permission before testing any real systems, and adhere to applicable laws and ethical guidelines. The server is intended for controlled environments where you own the data or have written authorization.
Troubleshooting and tips
- Ensure the Kali server URL is reachable from your MCP client. If you run the server on a private network, consider an SSH tunnel or VPN to expose the correct address.
- Verify Python dependencies are installed and that the server process is running without errors. Check log output for hints about missing tools or misconfigurations.
- If a tool endpoint times out, adjust the request timeout to fit your environment and retry.
- Use persistent workspaces to organize challenges and keep results across sessions.
Configuration details
Environment variables shown in the deployment notes include KALI_SERVER_URL, KALI_REQUEST_TIMEOUT, and DEBUG_MODE. You can set these on your host to influence the server behavior, such as the target Kali server URL, request timeout duration, and whether to enable verbose debug logs.
Examples of typical use cases
RSA cryptography challenges: prompt the AI to factor the modulus, apply Wiener's attack, or run RsaCtfTool to decrypt ciphertext and extract the flag. Web application testing: prompt to run port scans, directory enumeration, vulnerability scans, and SQLi checks, then compile a security report. Memory forensics: prompt to run Volatility3 workflows for memory analysis, process enumeration, and IOC extraction to locate indicators of compromise.
Tools and capabilities overview
The server exposes 73+ tool endpoints and supports automated forensics workflows, session-based workspaces, interactive shell management, and AI-guided workflow prompts to streamline CTF solving and security testing.
Structured configuration and environment details
The following environment variables and MCP connection options are provided for configuring runtime behavior and MCP client integration. Use the exact commands and configurations shown to ensure compatibility with the MCP protocol.
Available tools
Session Management
Maintain persistent workspaces for multi-step analysis and manage analysis sessions across prompts.
Interactive Shells
Bidirectional communication with running exploits and tools within a session.
Workflow Prompts
Pre-built templates and AI-driven prompts to guide common CTF scenarios.
Tool Wrappers
50+ MCP tool wrappers enabling automated security tasks from Kali Linux tools.