pentest-mcp

pentest-mcp

3.8
securitydeveloper_tools

If you are the rightful owner of pentest-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcpreview.com.

Pentest MCP is a Model Context Protocol server that integrates essential pentesting tools into a unified natural language interface, allowing security professionals to execute, chain, and analyze multiple tools through conversational commands.

🏠📄

Pentest MCP: Professional Penetration Testing Toolkit

Multi-transport MCP server for penetration testing - works locally via stdio, over the network via HTTP streaming, or with legacy SSE clients. Run it in Docker, deploy it remotely, or use it locally - your choice.

🚀 Key Features

Multi-Transport Architecture

  • STDIO Transport: Traditional subprocess communication for local MCP clients
  • HTTP Streaming Transport: Modern network protocol with full bidirectional support
  • SSE Transport: Legacy compatibility for older MCP clients
  • One Server, Three Ways to Connect: Same tools, same interface, your choice of transport

Professional Pentesting Tools

  • Network Reconnaissance with Nmap - full port scanning, service detection, OS fingerprinting
  • Web Directory Enumeration with Gobuster - find hidden paths and files
  • Web Vulnerability Scanning with Nikto - comprehensive security checks
  • Password Cracking with John the Ripper - including custom wordlist generation

Intelligent Workflow Integration

  • Natural language interface for complex commands
  • Tool chaining for comprehensive assessments
  • Context-aware suggestions for next steps
  • Automated client-ready reporting
  • Voice control compatible (with speech-to-text)

🎯 Quick Start

Install via npm

npm install -g pentest-mcp

Install via Smithery

npx -y @smithery/cli install @DMontgomery40/pentest-mcp --client claude

Run with your preferred transport

# Local subprocess mode (default)
pentest-mcp

# Network mode with HTTP streaming
MCP_TRANSPORT=http pentest-mcp

# Legacy SSE mode
MCP_TRANSPORT=sse pentest-mcp

📡 Transport Options

STDIO (Default) - Local Subprocess

Perfect for Claude Desktop and local development:

{
  "servers": [{
    "name": "pentest-mcp",
    "command": "pentest-mcp"
  }]
}

HTTP Streaming - Network Mode

Deploy anywhere, access from anywhere:

# Start server
MCP_TRANSPORT=http pentest-mcp

# Or with Docker
docker run -p 8000:8000 -e MCP_TRANSPORT=http --privileged pentest-mcp:latest

Configure your client:

{
  "servers": [{
    "name": "pentest-mcp",
    "url": "http://localhost:8000/mcp"
  }]
}

SSE - Legacy Support

For backward compatibility with older clients:

MCP_TRANSPORT=sse MCP_SERVER_PORT=8001 pentest-mcp

🐳 Docker Deployment

Simple Docker Run

# STDIO mode (for local MCP clients)
docker run -it --rm --privileged pentest-mcp:latest

# HTTP mode (for network access)
docker run -p 8000:8000 -e MCP_TRANSPORT=http --privileged pentest-mcp:latest

Docker Compose with Profiles

# Clone and build
git clone https://github.com/dmontgomery40/pentest-mcp.git
cd pentest-mcp
docker-compose build

# Run your preferred transport
docker-compose --profile stdio up
docker-compose --profile http up
docker-compose --profile sse up

Environment Variables

  • MCP_TRANSPORT: Choose transport (stdio, http, sse)
  • MCP_SERVER_HOST: Bind address (default: 0.0.0.0)
  • MCP_SERVER_PORT: Server port (default: 8000)

💬 Usage Examples

Network Discovery

Set mode to professional.
Scan 192.168.1.0/24 with SYN scan and service detection.

Web Application Assessment

Scan 10.0.1.0/24 for web servers.
For each web server found, enumerate directories with gobuster using common.txt.
Run nikto against all discovered web servers.
Create a client report summarizing the findings.

Custom Password Attack

Generate a wordlist for company "Acme Corp" founded in 1995 by John Smith.
Crack these hashes using the generated wordlist:
admin:$1$xyz$...
user:$1$abc$...

🔧 System Requirements

  • Tools Required: nmap, john, gobuster, nikto (must be in PATH)
  • Node.js: v16+ for ESM support
  • Permissions: Root/admin for SYN scans and OS detection
  • Platform: Works on any OS, optimized for Kali Linux

📦 Installation Options

Global Install

npm install -g pentest-mcp

Local Development

git clone https://github.com/dmontgomery40/pentest-mcp.git
cd pentest-mcp
npm install
npm run build

Platform-Specific Tool Installation

# macOS
brew install nmap john-jumbo gobuster nikto

# Debian/Ubuntu
sudo apt update
sudo apt install nmap john gobuster nikto

# Kali Linux (pre-installed)
# All tools come pre-installed

🛡️ Security & Legal

⚠️ AUTHORIZED USE ONLY: This toolkit is for professional penetration testers operating under valid scope of work. Use only on systems and networks for which you have explicit written authorization.

🐳 Docker Security Note: The --privileged flag is required for certain scans (SYN, OS detection). Only use in trusted environments or VMs.

🔍 Troubleshooting

Tools Not Found

Ensure all required tools are in your PATH:

which nmap john gobuster nikto

Permission Denied

For SYN scans and OS detection:

# Run with sudo locally
sudo pentest-mcp

# Or use Docker with --privileged
docker run --privileged pentest-mcp:latest

Build Issues

rm -rf node_modules dist
npm install
npm run build

Transport-Specific Issues

  • HTTP not accessible: Check firewall rules and port bindings
  • SSE connection drops: Ensure keep-alive is enabled
  • STDIO hangs: Verify MCP client supports stdio transport

📚 Documentation

  • - Upgrading to v0.5.0
  • - Detailed transport examples
  • - Version history

🤝 Contributing

Pull requests welcome at the GitHub repository. Built for professionals by professionals.

📄 License

GPL-3.0-or-later - See LICENSE file for details.

Related MCP Servers

View all security servers →
gateway

gateway

4.6

by centralmind

CentralMind Gateway is a tool designed to expose databases to AI agents via MCP or OpenAPI protocols, providing secure, LLM-optimized APIs.

databases
better-auth-mcp-server

better-auth-mcp-server

4.2

by nahmanmate

MCP Server for Authentication Management

security
kubectl-mcp-server

kubectl-mcp-server

4.2

by rohitg00

Kubectl MCP Server is a Model Context Protocol server for Kubernetes, enabling AI assistants to interact with Kubernetes clusters using natural language.

os_automation
ida-pro-mcp

ida-pro-mcp

4.1

by mrexodia

Simple MCP Server to allow vibe reversing in IDA Pro.

developer_tools
LitterBox

LitterBox

4.1

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
volatility3-mcp

volatility3-mcp

4.0

by Kirandawadi

Volatility3 MCP Server is a tool that integrates MCP clients with the Volatility3 memory forensics framework, enabling LLMs to perform memory forensics tasks through a conversational interface.

security
mcp

mcp

4.0

by semgrep

Semgrep MCP Server is a Model Context Protocol server that uses Semgrep to scan code for security vulnerabilities.

security
win-cli-mcp-server

win-cli-mcp-server

4.0

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation
code-sandbox-mcp

code-sandbox-mcp

4.0

by Automata-Labs-team

A secure sandbox environment for executing code within Docker containers. This MCP server provides AI applications with a safe and isolated environment for running code while maintaining security through containerization.

security