AIDA
Turn any LLM into an autonomous pentester. You define the scope, the agent does the work, you review the findings.
What is AIDA?
AIDA is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to turn any llm into an autonomous pentester. you define the scope, the agent does the work, you review the findings.
Turn any LLM into an autonomous pentester. You define the scope, the agent does the work, you review the findings.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Turn any LLM into an autonomous pentester. You define the sc
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx aidaConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use AIDA
AIDA (AI-Driven Assessment) is an autonomous pentesting agent that turns any tool-calling LLM into a security researcher, running reconnaissance, vulnerability scanning, and exploitation workflows inside an isolated Docker container. You define the assessment scope and target, and AIDA executes nmap scans, subdomain enumeration, SSL auditing, technology fingerprinting, and HTTP probing — logging findings with CVSS 4.0 scores to a real-time web dashboard. Security professionals and red teamers use it to accelerate initial reconnaissance and surface attack vectors without manually chaining together individual security tools.
Prerequisites
- Docker Desktop installed and running
- An AI client with tool-calling support: Claude Desktop, Claude Code, ChatGPT Desktop, or an OpenAI-compatible API
- Python 3.8+ (for running aida.py directly)
- git (to clone the repository)
Clone the repository
Clone the AIDA repository to your local machine. The repository includes the start.sh launcher, the aida.py agent, and Docker configuration for the pentesting container.
git clone https://github.com/Vasco0x4/AIDA.git
cd AIDAStart the AIDA environment
Run start.sh to build and launch the Docker-based pentesting environment and the web dashboard. This pulls the aida-pentest container (~2 GB) on first run.
./start.shOpen the dashboard
The AIDA web dashboard runs at http://localhost:31337. Use it to create assessment scopes, review findings, and switch between the built-in aida-pentest container and Exegol (which has 400+ security tools).
Define your assessment scope
In the dashboard, create a named assessment (e.g., 'target-corp') and set the scope: target URLs, allowed subdomains, excluded paths, and any credentials or authentication tokens the agent can use.
Launch the pentesting agent
Run aida.py with your assessment name. Use --cli to specify the AI provider (claude, openai-compatible). Add --yes to auto-approve all tool calls without interactive prompts.
python3 aida.py --assessment "target-corp" --cli claude
# Or with auto-approval:
python3 aida.py --assessment "target-corp" --cli claude --yesReview findings on the dashboard
AIDA logs each finding via the add_card tool with CVSS 4.0 scoring as it discovers vulnerabilities. Monitor progress in real time on the dashboard and review the full report when the assessment completes.
AIDA Examples
Client configuration
Configure AIDA as an MCP server so Claude Desktop or Claude Code can invoke its pentesting tools directly. The server exposes tools like execute, scan, subdomain_enum, and add_card.
{
"mcpServers": {
"aida": {
"command": "python3",
"args": ["/path/to/AIDA/aida.py", "--assessment", "target-corp"]
}
}
}Prompts to try
These prompts demonstrate how to direct the AIDA agent through an assessment once it is connected to your AI client.
- "Load assessment 'target-corp' and start reconnaissance on https://example.com — scope: all subdomains, exclude /admin brute-force"
- "Run a full port scan on 192.168.1.0/24 and identify services running on open ports"
- "Enumerate subdomains of example.com and check each one for exposed admin panels"
- "Perform SSL/TLS analysis on api.example.com and report any weak cipher suites or expired certificates"
- "Fingerprint the technology stack on https://target.example.com and suggest likely vulnerabilities"Troubleshooting AIDA
start.sh fails — Docker not running
Ensure Docker Desktop is open and the Docker daemon is running. Run `docker info` to confirm. On Linux, run `sudo systemctl start docker` if the daemon is not active.
aida.py fails to connect to the AI provider
Check that your AI client API key is correctly set. For Claude, ensure ANTHROPIC_API_KEY is exported in your shell. For OpenAI-compatible endpoints, use the --base-url flag: `python3 aida.py --assessment target --base-url https://your-endpoint/v1`.
Dashboard shows no findings even after agent runs
Confirm the Docker pentesting container is running (`docker ps`) and that the network target is reachable from within the container. For local network targets, ensure Docker's network mode allows the container to reach the host network.
Frequently Asked Questions about AIDA
What is AIDA?
AIDA is a Model Context Protocol (MCP) server that turn any llm into an autonomous pentester. you define the scope, the agent does the work, you review the findings. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install AIDA?
Follow the installation instructions on the AIDA GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with AIDA?
AIDA works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is AIDA free to use?
Yes, AIDA is open source and available under the AGPL-3.0 license. You can use it freely in both personal and commercial projects.
AIDA Alternatives — Similar Security Servers
Looking for alternatives to AIDA? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up AIDA in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use AIDA?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.