mirror of
https://github.com/BillyOutlast/sec-mcp.git
synced 2026-07-01 12:50:00 -04:00
b1bdb0bf88a61666bab24e712eee019b3259221e
kali-mcp
@ f63799770c
sec-mcp Stack
Security-focused MCP stack routed through mcpo, with Open WebUI + Ollama included.
This stack is ROCm-only for Ollama.
Included MCP servers
triv3/mcp-kali-serverk3nn3dy-ai/kali-mcpGH05TCREW/MetasploitMCPsocteam-ai/nvd-cve-mcp-serverdtkmn/mcp-zap-serverzcaceres/markdownify-mcp
Files
docker-compose.yml- Main stack (Ollama runs with ROCm)mcpo-config.template.json- Templatedmcpomulti-server config.env.example- Environment variable templateOPENWEBUI_MCP_SETUP.md- Step-by-step MCP setup inside Open WebUI
Quick start
Prerequisites for Ollama on ROCm hosts:
- Linux host with ROCm-compatible AMD GPU
- Device access available for
/dev/kfdand/dev/dri
Running in Proxmox LXC?
- Follow the dedicated LXC section in
OPENWEBUI_MCP_SETUP.mdbefore launching (includes known caveats and quick fixes).
- Create env file:
Copy-Item .env.example .env
- Start base stack:
docker compose up -d --build
Recommended for Podman/LXC first:
chmod +x ./preflight.sh
./preflight.sh
Podman users:
podman compose up -d --build
Or use the bootstrap helper:
chmod +x ./preflight.sh
./preflight.sh
chmod +x ./bootstrap.sh
./bootstrap.sh
The bootstrap script runs preflight checks for /dev/net/tun, /dev/kfd, and /dev/dri before starting Podman Compose.
- Open services:
- Open WebUI:
http://localhost:3000 - MCPO docs:
http://localhost:8000/docs - Ollama API:
http://localhost:11434
MCPO routes
Each MCP server is exposed by mcpo under its own path:
http://localhost:8000/triv3-kali-server/docshttp://localhost:8000/k3nn3dy-kali-mcp/docshttp://localhost:8000/metasploit-mcp/docshttp://localhost:8000/mcp-zap-server/docshttp://localhost:8000/nvd-cve-mcp-server/docshttp://localhost:8000/markdownify-mcp/docs
Open WebUI MCP setup
Follow the full guide in:
OPENWEBUI_MCP_SETUP.md
This includes:
- UI steps for adding OpenAPI servers
- Correct internal Docker URL usage (
http://mcpo:8000/...) - Auth header guidance for
MCPO_API_KEY - Validation and troubleshooting steps
- A first-success test flow (section 6) to quickly verify MCP tool calls end-to-end
Notes
- First startup is slower because dependencies are built/installed.
markdownify-mcpis built atmcpocontainer startup.mcp-zap-serverauth values are injected via.envintomcpo-config.template.jsonat runtime.MD_SHARE_DIRcontrols markdown file access scope formarkdownify-mcp.
Description
Languages
Shell
100%