Pentester MCP

v1.0.0Securitystable

Elevate your AI assistants (like Claude & Cursor) into autonomous cybersecurity experts. Pentester-MCP integrates 200+ pentesting tools via the Model Context Protocol (MCP) using a secure Docker sandbox.

ai-agentcybersecuritycybersecurity-toolsdockermcp
Share:
34
Stars
0
Downloads
0
Weekly
0/5

What is Pentester MCP?

Pentester MCP is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to elevate your ai assistants (like claude & cursor) into autonomous cybersecurity experts. pentester-mcp integrates 200+ pentesting tools via the model context protocol (mcp) using a secure docker sandb...

Elevate your AI assistants (like Claude & Cursor) into autonomous cybersecurity experts. Pentester-MCP integrates 200+ pentesting tools via the Model Context Protocol (MCP) using a secure Docker sandbox.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Elevate your AI assistants (like Claude & Cursor) into auton

Use Cases

Run penetration tests
Access 200+ security tools
Automated vulnerability detection
halilkirazkaya

Maintainer

LicenseMIT
Languagepython
Versionv1.0.0
UpdatedMay 1, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx pentester

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Pentester MCP

Pentester-MCP transforms AI assistants such as Claude and Cursor into autonomous cybersecurity agents by integrating 235+ open-source penetration testing tools via the Model Context Protocol inside a secure Docker sandbox. Rather than registering each tool individually, it uses a unified server architecture where the AI agent can invoke reconnaissance tools (nmap, amass, subfinder), web exploitation frameworks (sqlmap, ffuf, nikto), Active Directory attack tools (impacket, BloodHound, Evil-WinRM), and password crackers (hashcat, John the Ripper) through natural language. Security professionals and red teams use it to automate multi-stage attack chains, from initial port scanning through vulnerability identification to targeted exploitation.

Prerequisites

  • Docker and Docker Compose installed on your machine
  • Python 3.8+ and pip (for local non-Docker setup)
  • An MCP-compatible AI client such as Claude Desktop or Cursor
  • Basic familiarity with penetration testing concepts and legal authorization for target systems
1

Clone the repository

Download the Pentester-MCP source code, which includes the Docker Compose configuration, tool config YAML files, and the Python MCP server.

git clone https://github.com/halilkirazkaya/pentester-mcp.git
cd pentester-mcp
2

Review and customize tool configurations

The configs/ directory contains YAML files that define which tools are available and their settings. Review example-config.yaml and adjust it for your needs before building the container.

ls configs/
# Edit example-config.yaml to enable/disable specific tools
3

Build and start the Docker container

Use Docker Compose to build the container image and start the pentester-mcp service in the background. The container must be running before your AI client connects.

docker compose up -d --build
4

Add the server to your MCP client configuration

Copy the MCP config block from the repository's mcp-config.json into your AI client's configuration file. The server executes tool commands inside the Docker container via 'docker exec'.

{
  "mcpServers": {
    "pentester": {
      "command": "docker",
      "args": ["exec", "-i", "pentester-mcp", "python", "server.py"],
      "env": {}
    }
  }
}
5

Restart your AI client and begin testing

Restart Claude Desktop or Cursor, then ask your AI assistant to run a penetration test. Describe the target scope and the assistant will autonomously select and chain the appropriate tools.

Pentester MCP Examples

Client configuration

Claude Desktop config to run Pentester-MCP tools inside the running Docker container.

{
  "mcpServers": {
    "pentester": {
      "command": "docker",
      "args": ["exec", "-i", "pentester-mcp", "python", "server.py"],
      "env": {}
    }
  }
}

Prompts to try

Sample prompts for reconnaissance, web scanning, and vulnerability exploitation workflows.

- "Run an nmap SYN scan on 192.168.1.0/24 and list all open ports and service versions."
- "Use subfinder and amass to enumerate subdomains for example.com, then check which ones are live."
- "Scan the web application at http://testphp.vulnweb.com for SQL injection vulnerabilities using sqlmap."
- "Run nikto against https://target-host.local and summarize the critical findings."
- "Use gobuster to brute-force directories on http://192.168.1.50 with the common.txt wordlist."

Troubleshooting Pentester MCP

docker exec fails with 'No such container: pentester-mcp'

The Docker container must be running before your MCP client connects. Run 'docker compose up -d' from the pentester-mcp directory, then verify with 'docker ps | grep pentester-mcp' before restarting your AI client.

Tools fail to execute inside the container

Some tools may not be installed in the default image. Check the build logs with 'docker compose logs' and ensure the configs/*.yaml file includes the tools you need. Rebuild the image with 'docker compose up -d --build' after config changes.

AI client shows no tools after connecting

Confirm that the container name in your docker exec args matches the running container name exactly (default: pentester-mcp). Run 'docker ps --format "{{.Names}}"' to check. Also verify that python server.py starts successfully inside the container with 'docker exec -it pentester-mcp python server.py'.

Frequently Asked Questions about Pentester MCP

What is Pentester MCP?

Pentester MCP is a Model Context Protocol (MCP) server that elevate your ai assistants (like claude & cursor) into autonomous cybersecurity experts. pentester-mcp integrates 200+ pentesting tools via the model context protocol (mcp) using a secure docker sandbox. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Pentester MCP?

Follow the installation instructions on the Pentester MCP GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Pentester MCP?

Pentester MCP works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Pentester MCP free to use?

Yes, Pentester MCP is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Pentester MCP Alternatives — Similar Security Servers

Looking for alternatives to Pentester MCP? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "pentester": { "command": "npx", "args": ["-y", "pentester"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Pentester MCP?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides