- Home
- MCP servers
- Pentest Tools
Pentest Tools
- python
6
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"ch1nhpd-pentest-tools-mcp-server": {
"command": "docker-compose",
"args": [
"run",
"--rm",
"pentest-tools",
"python3",
"pentest-tools-mcp-server.py"
],
"env": {
"YOUR_PATH": "C:\\\\path\\\\to\\\\pentest-tools or /path/to/pentest-tools",
"DOCKER_HOST": "tcp://192.168.1.100:2375"
}
}
}
}You run a Pentest Tools MCP Server to orchestrate a suite of penetration testing utilities through MCP clients. It exposes reconnaissance, directory and vulnerability scanning, API testing, and automated reporting, making it easy to trigger complex security assessments from familiar MCP interfaces.
How to use
You connect an MCP client, such as Claude Desktop or another compatible MCP client, to the Pentest Tools MCP Server. Use the client’s commands to perform targeted tests against your targets and to generate reports. The server supports practical workflows like starting a reconnaissance pass, running directory scans, executing vulnerability checks, testing APIs, and producing structured reports from templates.
How to install
Prerequisites you need before installation are Docker and Docker Compose for containerized setup, Python 3.10+ for local setup, and an MCP-compatible client (such as Claude Desktop). You may also install Python virtual environments and the uv or similar tooling if you prefer a local setup.
# Create a project directory
mkdir -p pentest-tools
cd pentest-tools
# Optional: initialize a Python virtual environment for local setup
uv venv
source .venv/bin/activate # On Windows: .venv\Scripts\activate
# Install Python dependencies (local setup)
uv pip install -r requirements.txt
# Install and prepare Docker-based setup (recommended)
# Ensure Docker and Docker Compose are installed on your system
Additional setup notes
Directory structure you will use locally should include reports, templates, and wordlists for storing scan outputs and templates. The main MCP server file is pentest-tools-mcp-server.py and configuration is provided in config.json with Python dependencies listed in requirements.txt. If you choose to run the server in Docker, you will use docker-compose.yml to orchestrate the container.
If you prefer a Docker-based workflow, start the container in detached mode and verify it is running, then view logs for troubleshooting.
Security and best practices
Always have explicit permission to scan targets. Keep all tools and dependencies up to date, review scan results carefully, and follow responsible disclosure practices. Use pre-configured wordlists from SecLists and manage templates to generate consistent reports.
Available tools
Reconnaissance
Perform reconnaissance tasks to identify assets, collect metadata, and map the target surface area.
Directory scanning
Run directory discovery using tools like FFuf and Dirsearch to enumerate available resources.
Vulnerability scanning
Execute vulnerability checks with tools such as Nuclei and XSStrike to identify weaknesses.
API testing
Test APIs for security and reliability, including endpoint validation and input handling.
Automated report generation
Produce structured scan reports using predefined templates for quick review.
Claude Desktop integration
Integrate MCP server actions with Claude Desktop for command-based orchestration.