Pentesting Cyber

v1.0.0โ€ขSecurityโ€ขstable

๐Ÿ” 50+ MCP Security Servers for AI-Powered Pentesting | Integrate Nmap, Burp Suite, Nuclei, Shodan, BloodHound, Semgrep, Trivy | Model Context Protocol for Cybersecurity

active-directoryai-securitybug-bountyburpsuitecloud-security
Share:
15
Stars
0
Downloads
0
Weekly
0/5

What is Pentesting Cyber?

Pentesting Cyber is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to ๐Ÿ” 50+ mcp security servers for ai-powered pentesting | integrate nmap, burp suite, nuclei, shodan, bloodhound, semgrep, trivy | model context protocol for cybersecurity

๐Ÿ” 50+ MCP Security Servers for AI-Powered Pentesting | Integrate Nmap, Burp Suite, Nuclei, Shodan, BloodHound, Semgrep, Trivy | Model Context Protocol for Cybersecurity

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • ๐Ÿ” 50+ MCP Security Servers for AI-Powered Pentesting | Integ

Use Cases

Integrate 50+ cybersecurity tools
AI-powered penetration testing workflows
LicenseMIT
Languagejavascript
Versionv1.0.0
UpdatedApr 9, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx pentesting-cyber

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Pentesting Cyber

Pentesting Cyber MCP provides over 50 individual MCP servers that wrap professional-grade security tools โ€” including Nmap, Burp Suite, Nuclei, Shodan, BloodHound, Semgrep, and Trivy โ€” into a unified AI-accessible interface. Each tool is exposed through the Model Context Protocol so that AI clients like Claude can orchestrate reconnaissance, vulnerability scanning, exploitation, cloud security auditing, and threat intelligence workflows in plain English. Security researchers and penetration testers can use this to dramatically speed up structured assessments while keeping every action logged and auditable.

Prerequisites

  • Node.js 18 or higher and pnpm installed
  • The underlying security tools (Nmap, Nuclei, etc.) installed on your system and available in PATH
  • Authorization to perform security testing on all target systems
  • An MCP-compatible AI client such as Claude Desktop
1

Clone the repository

Clone the pentesting-cyber-mcp monorepo to your local machine. Each security tool has its own subdirectory under servers/.

git clone https://github.com/hackersatyamrastogi/pentesting-cyber-mcp.git
cd pentesting-cyber-mcp
2

Install dependencies and build all servers

Install Node.js dependencies for the entire monorepo and compile all TypeScript server files to JavaScript.

pnpm install
pnpm build
3

Install required security tools on your system

Each MCP server delegates to a native security binary. Install the tools you intend to use. Below are common examples โ€” install only what you need and have authorization to use.

# macOS examples
brew install nmap nuclei
# Debian/Ubuntu examples
sudo apt install nmap
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
4

Configure your MCP client for the servers you need

Each server is a separate Node.js process. Add entries to your claude_desktop_config.json for each tool you want to use, providing the path to the built index.js and the path to the underlying binary.

{
  "mcpServers": {
    "nmap": {
      "command": "node",
      "args": ["/path/to/pentesting-cyber-mcp/servers/nmap/build/index.js", "/usr/bin/nmap"]
    },
    "nuclei": {
      "command": "node",
      "args": ["/path/to/pentesting-cyber-mcp/servers/nuclei/build/index.js", "/usr/local/bin/nuclei"]
    }
  }
}
5

Restart your MCP client and verify tool availability

Restart Claude Desktop (or your chosen MCP client) so it picks up the new server configuration. Confirm the security tools appear in the available tools list before running any assessments.

Pentesting Cyber Examples

Client configuration

Claude Desktop config registering Nmap and Nuclei servers from the local build.

{
  "mcpServers": {
    "nmap": {
      "command": "node",
      "args": ["/home/user/pentesting-cyber-mcp/servers/nmap/build/index.js", "/usr/bin/nmap"]
    },
    "nuclei": {
      "command": "node",
      "args": ["/home/user/pentesting-cyber-mcp/servers/nuclei/build/index.js", "/usr/local/bin/nuclei"]
    }
  }
}

Prompts to try

Example prompts for AI-driven penetration testing workflows (only on systems you are authorized to test).

- "Run an Nmap SYN scan on 192.168.1.0/24 and identify open ports and service versions."
- "Use Nuclei to scan https://example.com for CVEs using the cve tag, and summarize critical findings."
- "Enumerate subdomains for example.com using the subdomain discovery tools."
- "Check the SSL/TLS configuration of api.example.com for weak ciphers or expired certificates."
- "Scan the Docker image myapp:latest with Trivy and list all high and critical vulnerabilities."

Troubleshooting Pentesting Cyber

Server fails to start with 'Cannot find module' error

Run pnpm build again from the repository root to ensure the TypeScript for that server compiled successfully. Also confirm pnpm install completed without errors.

Tool returns 'binary not found' or spawns an empty process

Verify the second argument in args points to the actual binary path (e.g. /usr/bin/nmap). Run which nmap in your terminal to find the correct path and update the config accordingly.

Nuclei reports no templates found

Run nuclei -update-templates to download the latest Nuclei template library to your home directory (~/.nuclei-templates). Nuclei requires templates to be present before scanning.

Frequently Asked Questions about Pentesting Cyber

What is Pentesting Cyber?

Pentesting Cyber is a Model Context Protocol (MCP) server that ๐Ÿ” 50+ mcp security servers for ai-powered pentesting | integrate nmap, burp suite, nuclei, shodan, bloodhound, semgrep, trivy | model context protocol for cybersecurity It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Pentesting Cyber?

Follow the installation instructions on the Pentesting Cyber GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Pentesting Cyber?

Pentesting Cyber works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Pentesting Cyber free to use?

Yes, Pentesting Cyber is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Pentesting Cyber Alternatives โ€” Similar Security Servers

Looking for alternatives to Pentesting Cyber? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

โ˜… 13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

โ˜… 9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

โ˜… 8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

โ˜… 8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

โ˜… 6.6k

754 structured cybersecurity skills for AI agents ยท Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF ยท agentskills.io standard ยท Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

โ˜… 5.1k

๐Ÿ”ฅ๐Ÿ”ฅ hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "pentesting-cyber": { "command": "npx", "args": ["-y", "pentesting-cyber"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide โ†’

Ready to use Pentesting Cyber?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides