AIDA

v1.0.0Securitystable

Turn any LLM into an autonomous pentester. You define the scope, the agent does the work, you review the findings.

aiai-poweredclaudedockerexegol
Share:
387
Stars
0
Downloads
0
Weekly
0/5

What is AIDA?

AIDA is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to turn any llm into an autonomous pentester. you define the scope, the agent does the work, you review the findings.

Turn any LLM into an autonomous pentester. You define the scope, the agent does the work, you review the findings.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Turn any LLM into an autonomous pentester. You define the sc

Use Cases

Autonomous pentesting agent
Security vulnerability discovery
Exegol and Docker support
Vasco0x4

Maintainer

LicenseAGPL-3.0
Languagejavascript
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx aida

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use AIDA

AIDA (AI-Driven Assessment) is an autonomous pentesting agent that turns any tool-calling LLM into a security researcher, running reconnaissance, vulnerability scanning, and exploitation workflows inside an isolated Docker container. You define the assessment scope and target, and AIDA executes nmap scans, subdomain enumeration, SSL auditing, technology fingerprinting, and HTTP probing — logging findings with CVSS 4.0 scores to a real-time web dashboard. Security professionals and red teamers use it to accelerate initial reconnaissance and surface attack vectors without manually chaining together individual security tools.

Prerequisites

  • Docker Desktop installed and running
  • An AI client with tool-calling support: Claude Desktop, Claude Code, ChatGPT Desktop, or an OpenAI-compatible API
  • Python 3.8+ (for running aida.py directly)
  • git (to clone the repository)
1

Clone the repository

Clone the AIDA repository to your local machine. The repository includes the start.sh launcher, the aida.py agent, and Docker configuration for the pentesting container.

git clone https://github.com/Vasco0x4/AIDA.git
cd AIDA
2

Start the AIDA environment

Run start.sh to build and launch the Docker-based pentesting environment and the web dashboard. This pulls the aida-pentest container (~2 GB) on first run.

./start.sh
3

Open the dashboard

The AIDA web dashboard runs at http://localhost:31337. Use it to create assessment scopes, review findings, and switch between the built-in aida-pentest container and Exegol (which has 400+ security tools).

4

Define your assessment scope

In the dashboard, create a named assessment (e.g., 'target-corp') and set the scope: target URLs, allowed subdomains, excluded paths, and any credentials or authentication tokens the agent can use.

5

Launch the pentesting agent

Run aida.py with your assessment name. Use --cli to specify the AI provider (claude, openai-compatible). Add --yes to auto-approve all tool calls without interactive prompts.

python3 aida.py --assessment "target-corp" --cli claude
# Or with auto-approval:
python3 aida.py --assessment "target-corp" --cli claude --yes
6

Review findings on the dashboard

AIDA logs each finding via the add_card tool with CVSS 4.0 scoring as it discovers vulnerabilities. Monitor progress in real time on the dashboard and review the full report when the assessment completes.

AIDA Examples

Client configuration

Configure AIDA as an MCP server so Claude Desktop or Claude Code can invoke its pentesting tools directly. The server exposes tools like execute, scan, subdomain_enum, and add_card.

{
  "mcpServers": {
    "aida": {
      "command": "python3",
      "args": ["/path/to/AIDA/aida.py", "--assessment", "target-corp"]
    }
  }
}

Prompts to try

These prompts demonstrate how to direct the AIDA agent through an assessment once it is connected to your AI client.

- "Load assessment 'target-corp' and start reconnaissance on https://example.com — scope: all subdomains, exclude /admin brute-force"
- "Run a full port scan on 192.168.1.0/24 and identify services running on open ports"
- "Enumerate subdomains of example.com and check each one for exposed admin panels"
- "Perform SSL/TLS analysis on api.example.com and report any weak cipher suites or expired certificates"
- "Fingerprint the technology stack on https://target.example.com and suggest likely vulnerabilities"

Troubleshooting AIDA

start.sh fails — Docker not running

Ensure Docker Desktop is open and the Docker daemon is running. Run `docker info` to confirm. On Linux, run `sudo systemctl start docker` if the daemon is not active.

aida.py fails to connect to the AI provider

Check that your AI client API key is correctly set. For Claude, ensure ANTHROPIC_API_KEY is exported in your shell. For OpenAI-compatible endpoints, use the --base-url flag: `python3 aida.py --assessment target --base-url https://your-endpoint/v1`.

Dashboard shows no findings even after agent runs

Confirm the Docker pentesting container is running (`docker ps`) and that the network target is reachable from within the container. For local network targets, ensure Docker's network mode allows the container to reach the host network.

Frequently Asked Questions about AIDA

What is AIDA?

AIDA is a Model Context Protocol (MCP) server that turn any llm into an autonomous pentester. you define the scope, the agent does the work, you review the findings. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install AIDA?

Follow the installation instructions on the AIDA GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with AIDA?

AIDA works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is AIDA free to use?

Yes, AIDA is open source and available under the AGPL-3.0 license. You can use it freely in both personal and commercial projects.

AIDA Alternatives — Similar Security Servers

Looking for alternatives to AIDA? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "aida": { "command": "npx", "args": ["-y", "aida"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use AIDA?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides