- Home
- MCP servers
- Pentest
Pentest
- javascript
125
GitHub Stars
javascript
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"dmontgomery40-pentest-mcp": {
"command": "pentest-mcp",
"args": [],
"env": {
"MCP_AUTH_MODE": "bearer",
"MCP_TRANSPORT": "http or sse as applicable",
"MCP_AUTH_SCOPES": "read,write",
"MCP_OIDC_ISSUER": "https://issuer.example.com",
"MCP_SERVER_HOST": "0.0.0.0 or your host",
"MCP_SERVER_PORT": "8000",
"MCP_AUTH_ENABLED": "true",
"MCP_OIDC_JWKS_URL": "https://issuer.example.com/.well-known/jwks.json",
"MCP_OAUTH_CLIENT_ID": "YOUR_CLIENT_ID",
"MCP_OAUTH_CLIENT_SECRET": "YOUR_CLIENT_SECRET",
"MCP_OIDC_INTROSPECTION_URL": "https://issuer.example.com/oauth/introspect"
}
}
}
}You can run and orchestrate a professional penetration-testing MCP server that supports modern transport options, bearer-based authentication, and a suite of integrated reconnaissance and exploitation tools. This MCP server streamlines running tests, collecting engagement data, and generating client reports while providing flexible deployment options for local or networked use.
How to use
You use a client that connects to an MCP server to run security tests, enumerate targets, probe services, capture traffic, and generate structured engagement records. Start with a local, stdio-based setup for quick testing, or run over the network by enabling the HTTP transport. You can also launch the bundled Inspector to assist with debugging and targeted probing, all from the same MCP instance.
How to install
Prerequisites: You need Node.js installed on your machine. Use a modern, supported version of Node as required by the MCP server. You may also want a containerized setup via Docker for isolation.
npm install -g pentest-mcp
# Run locally with stdio transport
pentest-mcp
# Launch bundled Inspector (no separate install)
pentest-mcp inspector
# Run over the network using HTTP transport
MCP_TRANSPORT=http MCP_SERVER_HOST=0.0.0.0 MCP_SERVER_PORT=8000 pentest-mcp
# Legacy SSE mode (deprecated)
MCP_TRANSPORT=sse MCP_SERVER_PORT=8001 pentest-mcp
Configuration and usage notes
Network transport options are provided through environment variables. The HTTP transport is the modern choice, while SSE remains for compatibility and is deprecated. If you enable HTTP, you can also configure OIDC-based bearer authentication for secured access.
Inspector integration is built in. To use it, run the inspector alongside the MCP server and the inspector will target your MCP server over stdio.
Security and access control
Enable bearer authentication with OIDC to control access. Configure issuer URLs, JWKS endpoints, introspection, and client credentials as shown in the environment variable examples.
Troubleshooting
If you encounter connectivity issues, verify that MCP_TRANSPORT is set correctly for the desired transport, and ensure the server port is not blocked by a firewall. Check logs for any authentication or network transport errors.
Available tools
nmapScan
Scan target networks for open ports and discover services using nmap.
runJohnTheRipper
Perform password cracking against captured hashes or targeted credentials.
runHashcat
Accelerated password cracking using Hashcat on captured data.
gobuster
Content discovery and directory brute-forcing against web targets.
nikto
Web server vulnerability scanner to identify common issues.
subfinderEnum
Passive subdomain enumeration to discover assets.
httpxProbe
Probe live hosts to determine status, title, and other metadata.
ffufScan
Fuzz web content and paths to discover hidden resources.
nucleiScan
Template-based vulnerability scanning against targets.
trafficCapture
Capture and analyze network traffic for inspection.
hydraBruteforce
Brute-force authentication against targeted services.
privEscAudit
Privilege escalation audit for target systems.
extractionSweep
SQL/parameter extraction sweep to identify data leakage.
generateWordlist
Create targeted wordlists for testing scopes.
listEngagementRecords
List stored engagement records for quick access.
getEngagementRecord
Retrieve a specific engagement record by ID.
createClientReport
Generate client reports with scope-of-work and templates.
cancelScan
Cancel an ongoing or scheduled test.