kroegha/kali-docker-pentesting
This project provides a comprehensive Kali Linux Docker container with 200+ pentesting tools, optimized for use with Claude Code through a custom skill. By using direct command execution instead of MCP protocol, this system achieves **70% token efficiency** compared to traditional MCP server approaches.
7 stars3 forksUpdated Nov 17, 2025
npx skills add kroegha/kali-docker-pentestingREADME
Kali Linux Docker + Claude Skill
Token-Efficient Pentesting System for Claude Code
šÆ Overview
This project provides a comprehensive Kali Linux Docker container with 200+ pentesting tools, optimized for use with Claude Code through a custom skill. By using direct command execution instead of MCP protocol, this system achieves 70% token efficiency compared to traditional MCP server approaches.
šļø Architecture
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā Claude Code ā
ā ā
ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā ā kali-docker-pentesting skill ā ā
ā ā (Tool catalog + usage patterns) ā ā
ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā ā ā
ā ā¼ ā
ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā ā bash_tool ā ā
ā ā (Direct docker exec commands) ā ā
ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā
ā¼
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā Kali Linux Docker Container ā
ā ā
ā ā¢ 200+ pentesting tools ā
ā ā¢ No MCP server overhead ā
ā ā¢ Direct command execution ā
ā ā¢ Persistent storage via volumes ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
š¦ What's Included
Docker Container
- Base: Kali Linux Rolling
- Tools: 200+ pentesting tools
- Network scanners (nmap, masscan, zmap)
- Web app testing (nikto, sqlmap, burp suite)
- Password cracking (john, hashcat, hydra)
- Wireless tools (aircrack-ng, wifite, reaver)
- Forensics (volatility, binwalk, foremost)
- Exploitation (metasploit, SET, beef)
- And much more!
Claude Skill
- Complete tool catalog
- Usage examples for every tool
- Common pentesting workflows
- Troubleshooting guides
- Best practices
Supporting Files
Dockerfile-kali-simple- Simplified container (no MCP)docker-compose-kali.yml- Easy container managementSKILL.md- Claude skill documentationQUICK-START.md- Quick start guide
š Quick Start
1. Build Container
# Clone or create project directory
mkdir kali-docker-pentest && cd kali-docker-pentest
# Copy files
# - Dockerfile-kali-simple (rename to Dockerfile)
# - docker-compose-kali.yml (rename to docker-compose.yml)
# Build
docker-compose build
2. Install Skill
# Copy skill to Claude skills directory
mkdir -p /mnt/skills/user/kali-docker-pentesting/
cp SKILL.md /mnt/skills/user/kali-docker-pentesting/
3. Start Container
docker-compose up -d
4. Test
docker exec kali-pentest nmap --version
š” Usage Examples
With Claude Code
Simply ask Claude naturally:
You: "Scan 192.168.1.1 with nmap"
Claude: [Executes] docker exec kali-pentest nmap -sV 192.168.1.1
You: "Test http://testsite.local for SQL injection"
Claude: [Executes] docker exec kali-pentest sqlmap -u "http://testsite.local" --batch
You: "Crack these password hashes using rockyou"
Claude: [Executes workflow with john/hashcat]
Direct Command Line
# Network scanning
docker exec kali-pentest nmap -sV 192.168.1.0/24
# Web testing
docker exec kali-pentest nikto -h http://target.com
# Password cracking
docker exec kali-pentest john --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt
# Interactive shell
docker exec -it kali-pentest /bin/bash
š Token Efficiency
Traditional MCP Server Approach
- Load MCP server: ~500 tokens
- JSON-RPC protocol: ~300 tokens
- Tool discovery: ~200 tokens
- Response formatting: ~200 tokens
- Total: ~1,200 tokens per interaction
This Approach (Skill + Direct Execution)
- Read skill: ~100 tokens
- Direct command: ~50 tokens
- Raw output: ~200 tokens
- Total: ~350 tokens per interaction
Result: 70% token savings! š
š Project Structure
kali-docker-pentest/
āāā Dockerfile # Container definition
āāā docker-compose.yml # Container orchestration
āāā SKILL.md # Claude skill
āāā QUICK-START.md # Quick start guide
āāā README.md # This file
āāā workspace/ # Working files
āāā results/ # Scan outputs
āāā wordlists/ # Custom wordlists
āāā tools/ # Additional tools
ā ļø Legal Notice
IMPORTANT: This toolset is for authorized security testing only.
- Always obtain written permission
- Test on
...
Publisher
kroeghaStatistics
Stars7
Forks3
Open Issues0
CreatedNov 17, 2025