pentester-mcp

MCP Tool

halilkirazkaya/pentester-mcp

Elevate your AI assistants (like Claude & Cursor) into autonomous cybersecurity experts. Pentester-MCP integrates 200+ pentesting tools via the Model Context Protocol (MCP) using a secure Docker sandbox.

Install

$ npx loaditout add halilkirazkaya/pentester-mcp

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "pentester-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "pentester-mcp"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

<h1 align="center">Pentester-MCP</h1>

<p align="center"> <strong>Empower your AI assistants with the ultimate open-source penetration testing arsenal.</strong> </p>

---

Overview

Pentester-MCP provides Model Context Protocol (MCP) integration for over 200+ of the most popular open-source cybersecurity and penetration testing tools.

By adding Pentester-MCP to an AI assistant (like Claude Desktop, Cursor, or specialized agents), the AI gains the autonomous ability to act as a penetration tester:

It can run nmap scans, analyze open ports, and automatically decide to run ffuf on discovered web servers.
It can execute sqlmap against parameters it identifies as vulnerable.
It understands tool arguments, required flags, and syntaxes thanks to AI-optimized documentation strings injected into every MCP tool.

All 235 Python *_mcp.py tools were generated intelligently from cheat sheets to ensure safe execution (e.g., preventing shell injection, enforcing timeouts, and handling huge terminal outputs).

The Arsenal

The tools/ directory includes MCP servers for almost every category:

Reconnaissance: nmap, masscan, recon-ng, amass, subfinder, nuclei
Web Exploitation: sqlmap, commix, ffuf, gobuster, dirsearch, nikto
Active Directory & Network: impacket (full suite), bloodhound, responder, evil-winrm
Brute-Forcing & Password: hydra, medusa, john, hashcat, nxc
And 200+ more covering WiFi, Cloud, Kubernetes, Android, and reversing.

---

Installation & Usage

Because of the massive amount of tools, installing everything on your host mac

Reviews

Loading reviews...

Quality Signals

Stars

Installs

Last updated18 days ago

Security: AREADME

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit3/31/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/halilkirazkaya/pentester-mcp)](https://loaditout.ai/skills/halilkirazkaya/pentester-mcp)

pentester-mcp

MCP Tool

halilkirazkaya/pentester-mcp

Install

$ npx loaditout add halilkirazkaya/pentester-mcp

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "pentester-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "pentester-mcp"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

<h1 align="center">Pentester-MCP</h1>

<p align="center"> <strong>Empower your AI assistants with the ultimate open-source penetration testing arsenal.</strong> </p>

---

Overview

Pentester-MCP provides Model Context Protocol (MCP) integration for over 200+ of the most popular open-source cybersecurity and penetration testing tools.

By adding Pentester-MCP to an AI assistant (like Claude Desktop, Cursor, or specialized agents), the AI gains the autonomous ability to act as a penetration tester:

It can run nmap scans, analyze open ports, and automatically decide to run ffuf on discovered web servers.
It can execute sqlmap against parameters it identifies as vulnerable.
It understands tool arguments, required flags, and syntaxes thanks to AI-optimized documentation strings injected into every MCP tool.

All 235 Python *_mcp.py tools were generated intelligently from cheat sheets to ensure safe execution (e.g., preventing shell injection, enforcing timeouts, and handling huge terminal outputs).

The Arsenal

The tools/ directory includes MCP servers for almost every category:

Reconnaissance: nmap, masscan, recon-ng, amass, subfinder, nuclei
Web Exploitation: sqlmap, commix, ffuf, gobuster, dirsearch, nikto
Active Directory & Network: impacket (full suite), bloodhound, responder, evil-winrm
Brute-Forcing & Password: hydra, medusa, john, hashcat, nxc
And 200+ more covering WiFi, Cloud, Kubernetes, Android, and reversing.

---

Installation & Usage

Because of the massive amount of tools, installing everything on your host mac

Reviews

Loading reviews...

Quality Signals

Stars

Installs

Last updated18 days ago

Security: AREADME

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit3/31/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/halilkirazkaya/pentester-mcp)](https://loaditout.ai/skills/halilkirazkaya/pentester-mcp)

pentester-mcp

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge

pentester-mcp

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge