RedTeam Agent

v1.0.0Securitystable

RedTeam-Agent: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 LLM 直接化身安全审计黑客。

active-directoryai-agentai-securitybloodhoundcybersecurity
Share:
41
Stars
0
Downloads
0
Weekly
0/5

What is RedTeam Agent?

RedTeam Agent is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to redteam-agent: ai-powered autonomous red team framework via model context protocol. ai红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 llm 直接化身安全审计黑客。

RedTeam-Agent: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 LLM 直接化身安全审计黑客。

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • RedTeam-Agent: AI-Powered Autonomous Red Team Framework via

Use Cases

Automate red team penetration testing with AI agents.
Run 15+ security tools (fscan, Nuclei, Impacket, Playwright).
Perform autonomous security audits and vulnerability assessments.
ktol1

Maintainer

LicenseMIT
Languagec
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx redteam-agent

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use RedTeam Agent

RedTeam-Agent is an AI-powered autonomous red team framework that connects 15+ professional penetration testing tools to a large language model via the Model Context Protocol, enabling end-to-end security audits orchestrated through natural language. It integrates network scanners (gogo, fscan), web assessment tools (httpx, nuclei, ffuf), Active Directory attack tools (SharpHound, impacket, kerbrute), and lateral movement utilities (NetExec, wmiexec) into a unified skill-based workflow. Security professionals and ethical hackers use it to automate complex multi-stage assessments — from initial reconnaissance through credential dumping and lateral movement — without manually sequencing each tool.

Prerequisites

  • Python 3.8 or newer (the framework and many tools require it)
  • 8 GB RAM or more recommended for running multiple security tools concurrently
  • The penetration testing tools you want to use must be installed and in your PATH (gogo, fscan, nuclei, impacket, etc.)
  • Claude Desktop or another MCP-compatible AI client
  • Explicit written authorization to test the target systems — unauthorized use is illegal
1

Clone the repository

Clone the RedTeam-Agent repository to your local machine.

git clone https://github.com/ktol1/RedTeam-Agent.git
cd RedTeam-Agent
2

Create and activate a Python virtual environment

Set up an isolated Python environment to avoid dependency conflicts with your system Python.

python -m venv venv
# Linux/macOS:
source venv/bin/activate
# Windows PowerShell:
.\venv\Scripts\Activate.ps1
3

Install Python dependencies

Install the required Python packages into the virtual environment.

pip install -r requirements.txt
4

Install required external security tools

The framework orchestrates external binaries. Install the tools relevant to your assessment scope — at minimum fscan, httpx, and nuclei for general use.

# Example: install nuclei
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
# Example: install httpx
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
# Install impacket
pip install impacket
5

Configure your MCP client

Add the RedTeam-Agent server to your Claude Desktop configuration file, pointing to the Python script in the cloned directory.

{
  "mcpServers": {
    "redteam-agent": {
      "command": "/Users/yourname/RedTeam-Agent/venv/bin/python",
      "args": ["/Users/yourname/RedTeam-Agent/server.py"]
    }
  }
}
6

Restart your MCP client and verify

Restart Claude Desktop or your MCP client to load the server. The AI will now have access to the red team skill set and can orchestrate tool execution through natural language commands.

RedTeam Agent Examples

Client configuration

Claude Desktop config for RedTeam-Agent pointing to the virtual environment Python interpreter.

{
  "mcpServers": {
    "redteam-agent": {
      "command": "/Users/yourname/RedTeam-Agent/venv/bin/python",
      "args": ["/Users/yourname/RedTeam-Agent/server.py"]
    }
  }
}

Prompts to try

Example prompts for authorized penetration testing workflows — only use on systems you have explicit permission to test.

- "Scan 192.168.1.0/24 with fscan, write results to scan.txt, and summarize findings"
- "Use httpx to probe live hosts on port 80 and 443 in the 10.10.10.0/24 range"
- "Run nuclei against https://target.example.com and report critical and high severity findings"
- "Use SharpHound to collect Active Directory data for corp.local and identify attack paths"
- "Set up a chisel reverse proxy through the compromised host and show me the commands"

Troubleshooting RedTeam Agent

A tool command fails with 'command not found' or similar errors

The AI executes tools by name — each tool binary must be in your system PATH or the virtual environment's bin directory. Verify with 'which fscan' or 'which nuclei' in your terminal before running assessments.

Active Directory tools (kerbrute, SharpHound) fail to connect

Ensure your machine has network connectivity to the target domain controller and that DNS resolves correctly. Many AD tools require you to specify the domain controller IP with a --dc flag when DNS is not configured.

The MCP server starts but the AI does not execute tools as expected

Check that the skill files in .github/skills/redteam/SKILL.md are present and readable. The framework uses these skill definitions to understand how to invoke each tool.

Frequently Asked Questions about RedTeam Agent

What is RedTeam Agent?

RedTeam Agent is a Model Context Protocol (MCP) server that redteam-agent: ai-powered autonomous red team framework via model context protocol. ai红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 llm 直接化身安全审计黑客。 It connects AI assistants to external tools and data sources through a standardized interface.

How do I install RedTeam Agent?

Follow the installation instructions on the RedTeam Agent GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with RedTeam Agent?

RedTeam Agent works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is RedTeam Agent free to use?

Yes, RedTeam Agent is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

RedTeam Agent Alternatives — Similar Security Servers

Looking for alternatives to RedTeam Agent? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "redteam-agent": { "command": "npx", "args": ["-y", "redteam-agent"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use RedTeam Agent?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides