HexStrike AI
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
What is HexStrike AI?
HexStrike AI is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to hexstrike ai mcp agents is an advanced mcp server that lets ai agents (claude, gpt, copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug boun...
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- HexStrike AI MCP Agents is an advanced MCP server that lets
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx hexstrike-aiConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use HexStrike AI
HexStrike AI is an advanced cybersecurity MCP server that lets AI agents like Claude autonomously orchestrate 150+ security tools for penetration testing, vulnerability discovery, bug bounty automation, and CTF challenges. It runs a local server that wraps industry-standard tools including Nmap, SQLMap, Nuclei, Burp Suite integrations, and binary analysis tools like Ghidra, allowing security researchers to describe a target in natural language and have the AI plan and execute a comprehensive security assessment.
Prerequisites
- Python 3.9+ installed
- The target cybersecurity tools installed on your system (Nmap, Gobuster, Nuclei, SQLMap, etc. — HexStrike wraps tools you already have)
- Git to clone the repository
- An MCP-compatible client such as Claude Desktop
- Only use against systems you own or have explicit written permission to test
Clone the HexStrike AI repository
Clone the repository from GitHub to get the server code and install its dependencies.
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-aiCreate a virtual environment and install dependencies
Set up an isolated Python environment and install the required packages from requirements.txt.
python3 -m venv hexstrike-env
source hexstrike-env/bin/activate
pip3 install -r requirements.txtStart the HexStrike server
Launch the server process which listens on port 8888 by default. The server wraps local security tools and exposes them via an HTTP API that the MCP client proxy calls.
python3 hexstrike_server.pyVerify the server is running
Check the health endpoint to confirm the server is accepting requests.
curl http://localhost:8888/healthAdd the MCP client configuration for Claude Desktop
Configure Claude Desktop to connect to the running HexStrike server via the MCP proxy script.
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": ["/path/to/hexstrike-ai/hexstrike_mcp.py", "--server", "http://localhost:8888"],
"timeout": 300,
"disabled": false
}
}
}Restart Claude Desktop and begin a security assessment
Restart Claude Desktop so it connects to the HexStrike MCP server. You can now instruct it to run security tools against authorized targets.
HexStrike AI Examples
Client configuration
Claude Desktop config block connecting to a locally running HexStrike AI server.
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": ["/home/user/hexstrike-ai/hexstrike_mcp.py", "--server", "http://localhost:8888"],
"timeout": 300,
"disabled": false
}
}
}Prompts to try
Example prompts for authorized security research and penetration testing with HexStrike AI.
- "Run a comprehensive port scan on 192.168.1.100 and report all open services."
- "Perform a web application scan on http://testphp.vulnweb.com and identify SQL injection points."
- "Enumerate subdomains for example.com using Amass and Subfinder."
- "Analyze this binary for vulnerabilities using Ghidra and Radare2."
- "Run a nuclei scan against the target URL using the CVE templates."
- "Start a full bug bounty workflow assessment against my test lab environment."Troubleshooting HexStrike AI
Server fails to start with 'module not found' errors
Ensure you activated the virtual environment before running the server: 'source hexstrike-env/bin/activate'. Then run 'pip3 install -r requirements.txt' again to ensure all dependencies are installed.
Tools return 'command not found' errors during execution
HexStrike wraps tools that must already be installed on your system. Install the missing tool (e.g., 'sudo apt install nmap' or 'pip install nuclei') and ensure it is on your PATH. Run 'which nmap' to verify availability.
Connection refused when Claude tries to call tools
The hexstrike_server.py process must be running before Claude connects. Start it in a separate terminal and confirm 'curl http://localhost:8888/health' returns a 200 OK. If using a custom port, update the --server argument in the MCP config accordingly.
Frequently Asked Questions about HexStrike AI
What is HexStrike AI?
HexStrike AI is a Model Context Protocol (MCP) server that hexstrike ai mcp agents is an advanced mcp server that lets ai agents (claude, gpt, copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. seamlessly b It connects AI assistants to external tools and data sources through a standardized interface.
How do I install HexStrike AI?
Follow the installation instructions on the HexStrike AI GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with HexStrike AI?
HexStrike AI works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is HexStrike AI free to use?
Yes, HexStrike AI is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
HexStrike AI Alternatives — Similar Security Servers
Looking for alternatives to HexStrike AI? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Viper
★ 5.0kAdversary simulation and Red teaming platform with AI
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up HexStrike AI in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use HexStrike AI?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.