pentester-mcp
by halilkirazkaya·★ 34·Score 44
MCP server integrating 200+ penetration testing tools for AI assistants with Docker sandbox security.
Overview
Pentester-MCP transforms AI assistants into autonomous cybersecurity experts by providing access to over 200 open-source penetration testing tools through the Model Context Protocol. The platform offers two deployment methods: a secure Docker sandbox (recommended) that isolates tool execution from the host system, and local execution for users with existing tool installations. Each tool is equipped with AI-optimized documentation strings, enabling the AI to understand tool arguments, syntax, and requirements autonomously.
Try asking AI
After installing, here are 6 things you can ask your AI assistant:
When to choose this
Choose Pentester-MCP when you need AI assistants to autonomously perform security assessments and penetration testing in a controlled, sandboxed environment.
When NOT to choose this
Avoid this if you need active directory write capabilities, as most tools are read-only reconnaissance utilities, or if you require testing in non-containerized environments.
Tools this server exposes
12 tools extracted from the READMEnmapNetwork scanning tool to discover hosts and services
masscanFast TCP port scanner for large networks
sqlmapAutomatic SQL injection and database takeover tool
ffufFuzzing tool for discovering web content and directories
gobusterDirectory/file and DNS busting tool
dirsearchWeb path scanner for discovering hidden files and directories
niktoWeb server scanner that tests for dangerous files/CGIs
hydraOnline password cracking tool supporting various protocols
johnAdvanced password cracking tool for various hash types
hashcatFast password cracking tool supporting multiple attack modes
nucleiVulnerability scanner with templates for detecting security issues
recon-ngWeb-based reconnaissance framework
Note: Tools extracted from the 'The Arsenal' section which explicitly lists 235+ penetration testing tools available in the MCP server.
Comparable tools
Installation
Method A: Docker Sandbox (Recommended & Secure)
- Clone the repository:
git clone https://github.com/halilkirazkaya/pentester-mcp.git
cd pentester-mcp- Select your Tools (
configs/*.yaml):
Open your target configuration file in the configs/ directory (e.g., example-config.yaml) and set true for any tool you wish to enable.
- Build and Run the Sandbox:
docker compose up -d --build- Add to Claude Desktop:
Add this to your claude_desktop_config.json:
{
"mcpServers": {
"pentester_mcp": {
"command": "docker",
"args": [
"exec",
"-i",
"pentester-mcp",
"/app/.venv/bin/python",
"/app/server.py"
]
}
}
}Method B: Local Execution (Fastest Setup)
- Clone and Setup Virtual Environment:
git clone https://github.com/halilkirazkaya/pentester-mcp.git
cd pentester-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt- Configure your MCP client to use the specific tools from your local environment.
FAQ
- Is it safe to run penetration testing tools through AI assistants?
- Yes, Pentester-MCP uses a Docker sandbox that isolates tool execution from your host system, preventing any potential harm to your main machine. All tools run within a contained environment.
- How many tools are included in Pentester-MCP?
- The project provides access to over 200 penetration testing tools across various categories including reconnaissance, web exploitation, active directory, network analysis, and more. New tools are regularly added based on community requests.
- Can I add custom tools to Pentester-MCP?
- Currently, tools are auto-generated from YAML cheat sheets to ensure consistent API design and security practices. While you can't directly add arbitrary tools, you can request new tools by opening an issue on the GitHub repository.
Compare pentester-mcp with
Last updated · Auto-generated from public README + GitHub signals.