I Saw Someone Build an AI-Powered Kali Lab at BSides San…
    Neura MarketNeura Market/Stable Diffusion
    ChatGPTChatGPTClaudeClaudeGeminiGeminiCursorCursorGrokGrokPerplexityPerplexityStable DiffusionStable Diffusion
    DeepSeekDeepSeekCoPilotCoPilotMidjourneyMidjourney
    View All Directories
    OverviewPromptsBlogVideosGuidesCoursesCommunityModelsLoRAsComfyUI WorkflowsTrending
    Stable DiffusionBlogI Saw Someone Build an AI-Powered Kali Lab at BSides San Diego. Then I Built My Own.
    Back to Blog
    I Saw Someone Build an AI-Powered Kali Lab at BSides San Diego. Then I Built My Own.
    security

    I Saw Someone Build an AI-Powered Kali Lab at BSides San Diego. Then I Built My Own.

    spac3gh0st April 13, 2026
    0 views

    How a conference demo turned into a full bug bounty lab with Claude Desktop, Discord remote access,...

    How a conference demo turned into a full bug bounty lab with Claude Desktop, Discord remote access, and automated health monitoring on Windows and Linux.


    I'll be upfront. I've been to a handful of security conferences and I'm not completely new to this world, but I'm not a full-time security researcher either and I don't have a long list of bug bounty wins. This is also the first time I've written about anything publicly, so bear with me. What I do have is a habit of seeing something interesting and refusing to let it go until I actually understand it.

    That habit kicked in hard at BSides San Diego.

    focustime


    The Demo That Started It

    I was at a talk where Kannan Prabu Ramamoorthy spun up an MCP server connected to a handful of Kali tools. If you haven't seen MCP (Model Context Protocol) before, the short version is this: it lets you connect Claude Desktop to external tools so you can control them through natural language. Instead of typing nmap flags into a terminal, you just describe what you want and Claude figures out the command, runs it, and hands you the output.

    His demo, BsidesMCPDemo, was clean and intentionally minimal. Each security tool had its own Python file, a thin server.py wired them together, and that was it. nmap, nikto, gobuster, header scanning, all callable through Claude. It ran on a Mac. The design philosophy was one file per tool, debug one thing at a time. For a workshop setting that made perfect sense.

    Watching it work clicked something for me. This wasn't just a neat trick. It was a genuinely different way to run recon. You could chain tools, ask follow-up questions about the output, and have Claude help you interpret what you were seeing, all in one place.

    I left that talk wanting to build the same thing.


    The Problem

    When I got home and started looking for resources, I ran into a wall. Almost everything I found assumed you were on a Mac, or glossed over the networking side completely, or stopped at "here's a Docker container, good luck." I'm on Windows. My lab runs on a Linux VM in VMware. The gap between a cool macOS demo and actually making this work in a Windows/Linux environment was bigger than I expected.

    Maybe I didn't look hard enough. But I decided if I was going to actually understand this, I needed to build it myself from scratch rather than copy a setup I only half understood.


    Thinking

    What I Built

    The core idea is pretty straightforward. Claude Desktop on Windows talking to a Kali Linux Docker container running inside an Ubuntu VM. The bridge between them is an MCP server that exposes 35 security tools, nmap, nikto, gobuster, sqlmap, subfinder and more, as things Claude can call directly.

    You ask Claude to run a scan. Claude picks the right tool, runs it through the MCP server, gets the output back, and can reason about what it found. No switching between terminals, no copying output between windows.

    Windows (Claude Desktop)
        │
        └── mcp-remote → localhost:8000
                              │
                         netsh portproxy
                              │
                        Ubuntu VM (VMware)
                              │
                           Docker
                              │
                      Kali Container (35 tools)
    

    Getting the networking right took longer than I expected. The netsh portproxy setup on Windows to forward traffic into the VM, UFW firewall rules on the Ubuntu side to keep things locked down, making sure Docker bound to 0.0.0.0 so the port mapping actually worked. None of this is hard once you know it but it's the kind of thing that isn't documented anywhere in one place.


    Going Further Than the Demo

    Once the basic setup was working I kept adding things. This is where it got interesting.

    I wanted to be able to kick off recon from my phone without SSHing into anything, so I built a Discord bot with slash commands. /port_scan, /dns_enum, /web_audit, /subdomain_enum and about 20 others. The bot only responds to my user ID, only works in my private server, and blocks the most dangerous tools from being run remotely. Every command gets logged to an audit file. I can run recon from anywhere with a phone signal.

    The /investigate command is probably my favourite part of the whole thing. You point it at a target domain and it plans the recon strategy itself. It picks the first tool, runs it, reads the output, decides what to run next, chains up to 8 tool calls automatically, then writes a structured bug bounty report at the end. It costs maybe $0.10 per run on the Anthropic API. Watching it work is genuinely impressive.

    I also added a /health endpoint to the MCP server and a separate monitor that polls it every 10 seconds. If the server goes down or comes back up, I get a Discord embed immediately. Both the bot and the monitor run as systemd services so they restart automatically on boot.

    And for mobile access, I set up Tailscale so I can reach the whole lab from my phone over a WireGuard-encrypted tunnel without opening any ports to the internet. Combined with the Discord bot it means I have full recon capability from my phone wherever I am.


    I did it

    What I Learned

    The networking is the hard part. The AI integration is honestly the easy part because Claude is good at this and the MCP protocol is well-designed. Getting Docker, VMware NAT networking, Windows port proxying, and UFW all playing nicely together is where the actual problem-solving happens.

    Building this also made me think more carefully about security in layers than I expected. What the Docker container can access, what UFW allows through, what the Discord bot will and won't run remotely, what gets logged. I learned more about defence-in-depth from building a home lab than from reading about it.

    Writing the installer scripts was the most revealing part though. When you have to automate something you can't hand-wave the parts you don't fully understand. I hit several points where I thought I understood how something worked and the script immediately proved me wrong.


    The Setup Is Open Source

    Everything is on GitHub at github.com/spac3gh0st00/Kali-MCP-Bounty-Lab.

    I wrote two installer scripts, one for the Ubuntu VM side and one for Windows, that handle the full setup automatically. If you want to run this yourself it should take about 20 to 30 minutes and most of that is Docker pulling the Kali image.

    Worth calling out the people whose work made this possible. The original inspiration was Kannan Prabu Ramamoorthy's BsidesMCPDemo, the workshop that started this whole thing. If you want to see the minimal clean foundation the concept is built on, his repo is the place to start. The expanded tool implementations and containerised server come from k3nn3dy-ai's kali-mcp. What I built on top is the Windows/Linux networking bridge, installer automation, Discord layer, health monitoring, and mobile access.


    Who This Is For

    If you're doing bug bounty research or security learning and you want a setup that actually works on Windows with a Linux VM, this is the gap I was trying to fill. It's not a professional red team platform. It's a home lab that lets you move faster and experiment with AI-assisted recon in a way that's more accessible than most of what I found documented.

    If you saw a similar demo at a conference and thought "I want that but I'm on Windows," this is for you.

    space ghost dance

    Thanks for stopping by!


    The repo is at github.com/spac3gh0st00/Kali-MCP-Bounty-Lab. Authorised testing only — bug bounty programs you're enrolled in, CTFs, systems you own.

    Tags

    securityaidockerbugbounty

    Comments

    More Blog

    View all
    Context bankruptcy: The case for strategic forgetting for AI Agentsai

    Context bankruptcy: The case for strategic forgetting for AI Agents

    Most of us have seen a coding agent fail to complete a task we know it can do. We just don't...

    J
    James O'Reilly
    Parallel Compliance Engine: Drive-to-Sheets Multi-Agent Orchestrationgooglecloud

    Parallel Compliance Engine: Drive-to-Sheets Multi-Agent Orchestration

    When building Generative AI applications, developers often encounter a massive bottleneck: sequential...

    A
    Aryan Irani
    Is It Ethical to Post and Ask About Circuits on Dev.to?discuss

    Is It Ethical to Post and Ask About Circuits on Dev.to?

    I’ve been thinking about sharing some electronic circuit posts on Dev.to — small circuits, DIY...

    C
    codebunny20
    The One-Click Exporter: AI Studio Antigravity, Probed to Its Limitsagents

    The One-Click Exporter: AI Studio Antigravity, Probed to Its Limits

    What nobody tells you about exporting your multi-agent prototype to a local workspace. Every...

    L
    leslysandra
    Guarding the till while autonomous data agents do the diggingagenticarchitect

    Guarding the till while autonomous data agents do the digging

    Autonomous agents are genuinely good at answering messy business questions. Give one an LLM and a set...

    S
    Sireesha Pulipati
    Return on Attention: Why AI Code Reviews Are Wearing Us Outai

    Return on Attention: Why AI Code Reviews Are Wearing Us Out

    PR volume went up, ticket quality didn't, and the gap got filled with LLMs on both sides of the review: bots reviewing, bots replying, bots occasionally arguing with bots about priorities that only existed in a teammate's head. Our CEO named the actual problem, and it's bigger than code review.

    C
    christine

    Stay up to date

    Get the latest Stable Diffusion prompts, rules, and resources delivered to your inbox weekly.

    Neura Market LogoNeura Market

    Discover the best AI prompts, plugins, and resources for Stable Diffusion and more.

    Content Types

    • Rules
    • Prompts
    • MCPs
    • Agents
    • Guides

    Platforms

    • ChatGPT Directory
    • Claude Directory
    • Gemini Directory
    • Cursor Directory
    • Grok Directory
    • Perplexity Directory
    • DeepSeek Directory
    • CoPilot Directory
    • Stable Diffusion Directory
    • Midjourney Directory
    • All Directories

    Resources

    • Blog
    • Documentation
    • Help Center
    • Marketplace

    Legal

    • Privacy Policy
    • Terms of Service

    © 2026 Neura Market. All rights reserved.

    |

    Not affiliated with any AI platform vendors.

    Ready-made automations for this

    Workflows from the Neura Market marketplace related to this Stable Diffusion resource

    • Create an AI-Powered Discord Assistant with GPT-4 for Multi-Channel Messagingn8n · Free · Related topic
    • Build RAG-Powered WhatsApp Chatbots for Docs with GPT-4-mini and MongoDBn8n · Free · Related topic
    • Build an AI Powered Phone Agent - with Retell, Google Calendar, and RAGn8n · Free · Related topic
    • AI-Powered Cold Call Machine with LinkedIn, OpenAI & Sales Navigatorn8n · Free · Related topic
    Browse all workflows