Pwno

v1.0.0Securitystable

MCP for Pwn

mcpmcp-serverpwnpwnopwno-mcp
Share:
266
Stars
0
Downloads
0
Weekly
0/5

What is Pwno?

Pwno is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp for pwn

MCP for Pwn

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • MCP for Pwn

Use Cases

Interact with Pwn platform through MCP protocol.
Execute penetration testing and security workflows.
Automate security testing and exploit development.
pwno-io

Maintainer

LicenseNOASSERTION
Languagepython
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx pwno

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Pwno

Pwno MCP (pwno-mcp) is a stateful binary exploitation and reverse engineering environment that runs GDB with pwndbg inside an isolated Docker container and exposes debugger sessions, exploit I/O, and workspace automation over MCP. It provides deterministic execution control via GDB/MI, fast context snapshots covering registers, stack, disassembly, source, and backtrace, interactive exploit workflows with pwncli, and multi-session support for parallel analysis. Security researchers and CTF players use it to let AI agents autonomously debug and exploit binary targets through structured tool calls over HTTP or STDIO.

Prerequisites

  • Docker installed and running (the server runs as a Docker container)
  • A target binary to analyze, placed in a local workspace directory
  • Linux capabilities SYS_PTRACE and SYS_ADMIN available on the Docker host
  • Claude Desktop or another MCP-compatible client
  • Basic familiarity with GDB and binary exploitation concepts
1

Create a workspace directory and place your binary

Create a local workspace directory and copy your target binary into it. The container mounts this directory at /workspace.

mkdir -p ./workspace
cp ./path/to/your/binary ./workspace/chal
chmod +x ./workspace/chal
2

Pull and run the pwno-mcp Docker container

Run the container with the required Linux capabilities for ptrace debugging. The MCP HTTP endpoint is exposed on port 5500.

docker run --rm -p 5500:5500 \
  --cap-add=SYS_PTRACE \
  --cap-add=SYS_ADMIN \
  --security-opt seccomp=unconfined \
  --security-opt apparmor=unconfined \
  -v "$PWD/workspace:/workspace" \
  ghcr.io/pwno-io/pwno-mcp:latest
3

Verify the MCP endpoint is available

The default MCP endpoint is http://127.0.0.1:5500/mcp. You can check server health before connecting your MCP client.

curl http://127.0.0.1:5500/mcp
4

Configure your MCP client to connect via HTTP

Add the pwno-mcp server to your MCP client configuration using the HTTP transport pointing to the running container.

5

Start a debugging session

Once connected, ask your AI client to load the binary and begin analysis. The server supports multi-session workflows so multiple binaries can be analyzed in parallel.

Pwno Examples

Client configuration

Connect to the pwno-mcp container running locally over HTTP transport. Adjust the URL if you changed the port.

{
  "mcpServers": {
    "pwno": {
      "type": "http",
      "url": "http://127.0.0.1:5500/mcp"
    }
  }
}

Prompts to try

Example prompts for binary analysis and exploit development workflows.

- "Load /workspace/chal in GDB and show me the main function disassembly"
- "Take a context snapshot showing registers, stack, and backtrace at the current breakpoint"
- "Set a breakpoint at the vulnerable function and run the binary to trigger it"
- "Show me the memory layout and identify potential buffer overflow candidates"
- "Generate a pwncli exploit script that sends a cyclic pattern to identify the offset"

Troubleshooting Pwno

Container exits immediately with ptrace permission error

Ensure you pass both --cap-add=SYS_PTRACE and --cap-add=SYS_ADMIN flags, and both --security-opt seccomp=unconfined and --security-opt apparmor=unconfined. Some Docker Desktop configurations on macOS may require additional settings.

MCP endpoint returns connection refused

Verify the container is running with 'docker ps' and that port 5500 is correctly mapped. The endpoint is http://127.0.0.1:5500/mcp — check you are not accidentally hitting a different port.

Binary not found inside the container

Confirm the workspace volume mount is correct: '-v $PWD/workspace:/workspace'. The binary must be inside the local workspace/ directory and marked executable with chmod +x.

Frequently Asked Questions about Pwno

What is Pwno?

Pwno is a Model Context Protocol (MCP) server that mcp for pwn It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Pwno?

Follow the installation instructions on the Pwno GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Pwno?

Pwno works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Pwno free to use?

Yes, Pwno is open source and available under the NOASSERTION license. You can use it freely in both personal and commercial projects.

Pwno Alternatives — Similar Security Servers

Looking for alternatives to Pwno? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "pwno": { "command": "npx", "args": ["-y", "pwno"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Pwno?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides