Pentester MCP
Elevate your AI assistants (like Claude & Cursor) into autonomous cybersecurity experts. Pentester-MCP integrates 200+ pentesting tools via the Model Context Protocol (MCP) using a secure Docker sandbox.
What is Pentester MCP?
Pentester MCP is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to elevate your ai assistants (like claude & cursor) into autonomous cybersecurity experts. pentester-mcp integrates 200+ pentesting tools via the model context protocol (mcp) using a secure docker sandb...
Elevate your AI assistants (like Claude & Cursor) into autonomous cybersecurity experts. Pentester-MCP integrates 200+ pentesting tools via the Model Context Protocol (MCP) using a secure Docker sandbox.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Elevate your AI assistants (like Claude & Cursor) into auton
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx pentesterConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Pentester MCP
Pentester-MCP transforms AI assistants such as Claude and Cursor into autonomous cybersecurity agents by integrating 235+ open-source penetration testing tools via the Model Context Protocol inside a secure Docker sandbox. Rather than registering each tool individually, it uses a unified server architecture where the AI agent can invoke reconnaissance tools (nmap, amass, subfinder), web exploitation frameworks (sqlmap, ffuf, nikto), Active Directory attack tools (impacket, BloodHound, Evil-WinRM), and password crackers (hashcat, John the Ripper) through natural language. Security professionals and red teams use it to automate multi-stage attack chains, from initial port scanning through vulnerability identification to targeted exploitation.
Prerequisites
- Docker and Docker Compose installed on your machine
- Python 3.8+ and pip (for local non-Docker setup)
- An MCP-compatible AI client such as Claude Desktop or Cursor
- Basic familiarity with penetration testing concepts and legal authorization for target systems
Clone the repository
Download the Pentester-MCP source code, which includes the Docker Compose configuration, tool config YAML files, and the Python MCP server.
git clone https://github.com/halilkirazkaya/pentester-mcp.git
cd pentester-mcpReview and customize tool configurations
The configs/ directory contains YAML files that define which tools are available and their settings. Review example-config.yaml and adjust it for your needs before building the container.
ls configs/
# Edit example-config.yaml to enable/disable specific toolsBuild and start the Docker container
Use Docker Compose to build the container image and start the pentester-mcp service in the background. The container must be running before your AI client connects.
docker compose up -d --buildAdd the server to your MCP client configuration
Copy the MCP config block from the repository's mcp-config.json into your AI client's configuration file. The server executes tool commands inside the Docker container via 'docker exec'.
{
"mcpServers": {
"pentester": {
"command": "docker",
"args": ["exec", "-i", "pentester-mcp", "python", "server.py"],
"env": {}
}
}
}Restart your AI client and begin testing
Restart Claude Desktop or Cursor, then ask your AI assistant to run a penetration test. Describe the target scope and the assistant will autonomously select and chain the appropriate tools.
Pentester MCP Examples
Client configuration
Claude Desktop config to run Pentester-MCP tools inside the running Docker container.
{
"mcpServers": {
"pentester": {
"command": "docker",
"args": ["exec", "-i", "pentester-mcp", "python", "server.py"],
"env": {}
}
}
}Prompts to try
Sample prompts for reconnaissance, web scanning, and vulnerability exploitation workflows.
- "Run an nmap SYN scan on 192.168.1.0/24 and list all open ports and service versions."
- "Use subfinder and amass to enumerate subdomains for example.com, then check which ones are live."
- "Scan the web application at http://testphp.vulnweb.com for SQL injection vulnerabilities using sqlmap."
- "Run nikto against https://target-host.local and summarize the critical findings."
- "Use gobuster to brute-force directories on http://192.168.1.50 with the common.txt wordlist."Troubleshooting Pentester MCP
docker exec fails with 'No such container: pentester-mcp'
The Docker container must be running before your MCP client connects. Run 'docker compose up -d' from the pentester-mcp directory, then verify with 'docker ps | grep pentester-mcp' before restarting your AI client.
Tools fail to execute inside the container
Some tools may not be installed in the default image. Check the build logs with 'docker compose logs' and ensure the configs/*.yaml file includes the tools you need. Rebuild the image with 'docker compose up -d --build' after config changes.
AI client shows no tools after connecting
Confirm that the container name in your docker exec args matches the running container name exactly (default: pentester-mcp). Run 'docker ps --format "{{.Names}}"' to check. Also verify that python server.py starts successfully inside the container with 'docker exec -it pentester-mcp python server.py'.
Frequently Asked Questions about Pentester MCP
What is Pentester MCP?
Pentester MCP is a Model Context Protocol (MCP) server that elevate your ai assistants (like claude & cursor) into autonomous cybersecurity experts. pentester-mcp integrates 200+ pentesting tools via the model context protocol (mcp) using a secure docker sandbox. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Pentester MCP?
Follow the installation instructions on the Pentester MCP GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Pentester MCP?
Pentester MCP works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Pentester MCP free to use?
Yes, Pentester MCP is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Pentester MCP Alternatives — Similar Security Servers
Looking for alternatives to Pentester MCP? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Pentester MCP in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Pentester MCP?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.