Home
Softono
pentesting-cyber-mcp

pentesting-cyber-mcp

Open source MIT JavaScript
GitHub
16
Stars
10
Forks
1
Issues
0
Watchers
4 months
Last Commit
AI Agents Vulnerability Scanning

About pentesting-cyber-mcp

Pentesting Cyber MCP is a collection of 50 Model Context Protocol (MCP) servers that wrap popular security and penetration testing tools, exposing their functionality through a standardized interface for AI-powered automation. Written in TypeScript using MCP SDK 1.8+, each server runs as a standalone process and works with any MCP-compatible client. The servers are organized into categories covering the full penetration testing workflow. Reconnaissance includes Amass, Subfinder, dnsx, httpx, Katana, Masscan, and Shodan/Censys search via Uncover. Vulnerability scanning covers Nmap, Nuclei, SQLmap, FFUF, Dalfox, OWASP ZAP, Burp Suite, and Nessus. Exploitation and password testing is supported through Metasploit, Hydra, and Hashcat. Additional categories address cloud security, container scanning with Trivy, static analysis with Semgrep, Active Directory assessment via BloodHound, and notification streaming. By standardizing how security tools are invoked, the project enables AI assistants and MCP clients to cha

Platforms

Web Self-hosted Cloud

Languages

JavaScript

Links

Source Code
h
Published by
hackersatyamrastogi
Visit View Profile

README.md

View on GitHub

Pentesting Cyber MCP

MCP Security License: MIT TypeScript MCP SDK [Tools]()

50 MCP Servers for Security Tools

Standardized protocol interface for pentesting and bug bounty automation

Installation | Available Tools | Usage | Contributing

What is MCP?

Model Context Protocol (MCP) is an open protocol that standardizes how applications expose tools and capabilities. This repository provides MCP server implementations for 50 popular security tools.

Each MCP server:

  • Wraps a security tool with a standardized interface
  • Exposes tool functionality through MCP protocol
  • Can be used with any MCP-compatible client
  • Runs as a standalone process

Available MCP Servers

Reconnaissance (15)

MCP Server Tool Description
amass Amass Attack surface mapping & subdomain enumeration
alterx Alterx Subdomain wordlist generator
assetfinder Assetfinder Asset discovery
cero Cero Certificate-based subdomain discovery
crtsh crt.sh Certificate transparency logs
dnsx dnsx DNS toolkit
httpx httpx HTTP probing
katana Katana Web crawler
gowitness GoWitness Screenshot utility
masscan Masscan Port scanner
shuffledns ShuffleDNS DNS bruteforcer
subfinder Subfinder Subdomain enumeration
uncover Uncover Shodan/Censys/Fofa search
waybackurls Waybackurls Wayback Machine URLs
notify Notify Notification streaming

Vulnerability Scanning (11)

MCP Server Tool Description
nuclei Nuclei Template-based scanner
nmap Nmap Network scanner
sqlmap SQLmap SQL injection
ffuf FFUF Web fuzzer
arjun Arjun Parameter discovery
smuggler Smuggler Request smuggling
wpscan WPScan WordPress scanner
nessus Nessus Vulnerability scanner
dalfox Dalfox XSS scanner
zap OWASP ZAP Web app scanner
burpsuite Burp Suite Web security testing

Exploitation & Password (3)

MCP Server Tool Description
metasploit Metasploit Exploitation framework
hydra THC-Hydra Password brute force
hashcat Hashcat Password cracking

Cloud Security (4)

MCP Server Tool Description
prowler Prowler AWS/Azure/GCP security
scoutsuite ScoutSuite Cloud auditing
trivy Trivy Container/IaC scanner
checkov Checkov IaC security

Kubernetes Security (3)

MCP Server Tool Description
kube-hunter kube-hunter K8s penetration testing
kubeaudit kubeaudit K8s security audit
kube-bench kube-bench CIS benchmark

Threat Intelligence (3)

MCP Server Tool Description
shodan Shodan Internet search engine
virustotal VirusTotal Malware analysis
bloodhound BloodHound AD attack paths

Code Security (2)

MCP Server Tool Description
semgrep Semgrep Static analysis
gitleaks Gitleaks Secret detection

Network & AD (2)

MCP Server Tool Description
crackmapexec CrackMapExec AD/SMB toolkit
ghidra Ghidra Reverse engineering

Specialized (7)

MCP Server Tool Description
acunetix Acunetix Web vulnerability scanner
mobsf MobSF Mobile security
sslscan SSLScan SSL/TLS testing
http-headers Custom Security headers
commix Commix Command injection
nextjs-scanner Custom Next.js CVE scanner
unified All-in-one Single server for all tools

Installation

Prerequisites

  • Node.js 18+
  • The underlying security tool installed
  • Any MCP-compatible client

Install Individual Server

# Clone the repository
git clone https://github.com/hackersatyamrastogi/pentesting-cyber-mcp.git
cd pentesting-cyber-mcp

# Install dependencies
pnpm install

# Build all servers
pnpm build

# Or build specific server
cd servers/nmap && pnpm build

Run MCP Server

# Run nmap MCP server
node servers/nmap/build/index.js /usr/bin/nmap

# Run nuclei MCP server
node servers/nuclei/build/index.js /usr/bin/nuclei

# Run metasploit MCP server
node servers/metasploit/build/index.js msfconsole

Configuration

MCP Client Configuration

Add to your MCP client config:

{
  "mcpServers": {
    "nmap": {
      "command": "node",
      "args": ["path/to/servers/nmap/build/index.js", "/usr/bin/nmap"]
    },
    "nuclei": {
      "command": "node",
      "args": ["path/to/servers/nuclei/build/index.js", "nuclei"]
    },
    "sqlmap": {
      "command": "node",
      "args": ["path/to/servers/sqlmap/build/index.js", "sqlmap"]
    },
    "metasploit": {
      "command": "node",
      "args": ["path/to/servers/metasploit/build/index.js", "msfconsole"]
    }
  }
}

Unified Server (All Tools)

Use the unified server to access all 50 tools through a single MCP connection:

{
  "mcpServers": {
    "security-tools": {
      "command": "node",
      "args": ["path/to/servers/unified/build/index.js"]
    }
  }
}

Project Structure

pentesting-cyber-mcp/
├── servers/
│   ├── nmap/
│   │   ├── src/index.ts
│   │   ├── package.json
│   │   └── README.md
│   ├── nuclei/
│   ├── sqlmap/
│   ├── metasploit/
│   ├── hydra/
│   ├── hashcat/
│   ├── ... (50 servers)
│   └── unified/
├── scripts/
│   └── generate-config.sh
├── package.json
└── README.md

Usage Example

Each MCP server exposes tools that can be called through the MCP protocol:

// Example: nmap MCP server exposes these tools
- nmap-scan          // Run port scan
- nmap-service-scan  // Service detection
- nmap-vuln-scan     // Vulnerability scripts

// Example: nuclei MCP server
- do-nuclei          // Run template scan
- get-nuclei-tags    // List available tags

// Example: metasploit MCP server
- msf-search         // Search modules
- msf-exploit-check  // Check vulnerability
- msfvenom-generate  // Generate payload

Security Notice

⚠️ For authorized testing only

  • Obtain proper authorization before scanning
  • Some tools require root/admin privileges
  • Follow responsible disclosure practices
  • Secure your API keys

See SECURITY.md for details.

Contributing

Contributions welcome! See CONTRIBUTING.md.

Add a new MCP server:

mkdir servers/my-tool
cd servers/my-tool
# Create src/index.ts, package.json, README.md

License

MIT License - see LICENSE

Author

Satyam Rastogi - @hackersatyamrastogi

Pentesting Cyber MCP

50 Security Tools • One Protocol

GitHub