Is com.pentest-tools/mcp-server safe to use?

com.pentest-tools/mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install com.pentest-tools/mcp-server?

com.pentest-tools/mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.

com.pentest-tools/mcp-server

MCP server for Pentest-Tools.com: run scans, manage findings and reports via your preffered LLM.

0 tools GitHub

No known CVEs

No license

Maintenance unknown

No commit data

Untested

Transport:

0 tools

Grade F

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "com-pentest-tools-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/com-pentest-tools-mcp-server)](https://mcppedia.org/s/com-pentest-tools-mcp-server)

Read me

What com.pentest-tools/mcp-server does

MCP server for Pentest-Tools.com: run scans, manage findings and reports via your preffered LLM.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

5/100across 5 weighted dimensions

How we score →

0255075100

−95

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is com.pentest-tools/mcp-server safe to use?: com.pentest-tools/mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install com.pentest-tools/mcp-server?: com.pentest-tools/mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.

Similar servers

Others in security

View all →

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

Remnux Mcp Server88

MCP server for using the REMnux malware analysis toolkit via AI assistants

65 5

Ggmcp88

MCP server for scanning and remediating hardcoded secrets using GitGuardian’s API. Detect over 500 secret types and prevent credential leaks before code goes public.

34 5

MCPpedia88

Search, evaluate, and compare 17,000+ MCP servers — each scored on security, maintenance, and efficiency.

1 5

MCP Security Weekly

Get CVE alerts and security updates for com.pentest-tools/mcp-server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "com-pentest-tools-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/com-pentest-tools-mcp-server)](https://mcppedia.org/s/com-pentest-tools-mcp-server)

Read me

What com.pentest-tools/mcp-server does

MCP server for Pentest-Tools.com: run scans, manage findings and reports via your preffered LLM.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

Command-Line Interface and Python bindings for https://Pentest-Tools.com.

Installing

PentestTools Python module is delivered through PyPI, so it can be installed directly via pip:

pip install pentesttools

Usage

The pentesttools package provides a command line interface through the ptt utility. Right now it supports the Website Scanner service.

Example for the simplest scan:

ptt run website_scanner <url>

This runs a freemium Website Scanner scan on the <url>. Unlike in the platform itself, you can omit the schema part from the url.

Global arguments, like a suitable key for a deep scan, have to be passed straight to ptt. Tool arguments have to be passed to the tool.

ptt --key <key> run website_scanner --scan_type deep <url>

If you want the command to fail if the report contains vulnerabilities with a higher risk than some value, you can use the --fail argument.

ptt --fail high run website_scanner <url>

You can also run ptt using docker. The docker image has ptt as an entrypoint, so you don't have to type it anymore. Note that the old ptt-scan name is still used on docker.

docker run pentesttoolscom/ptt-scan:latest run website_scanner <url>

Development installation

If you want to easily modify the sources and your modifications:

pip install --edit .

Uninstalling

pip uninstall pentesttools

Testing and Coverage

You can run the tests and make coverage reports like this:

python3 -m pytest src/tests

coverage run -m pytest src/tests
coverage report -m

MCP

There is an optional MCP server provided in this package.

Installation:

pip install "pentesttools[mcp]"

Usage

There is a hosted endpoint at https://mcp.pentest-tools.com:9001/mcp.

Example config:

"ptt-mcp-http": {
  "type": "http",
  "url": "https://mcp.pentest-tools.com:9001/mcp/",
  "headers": {
    "PTT_API_KEY": "<ptt-api-key>"
  }
}

You can also self-host the MCP server. This command will open an MCP server locally on port 9000.

ptt --key <ptt-api-key> mcp --mcp_method stdio

Connect with your favorite LLM client.

"ptt-mcp-remote": {
  "type": "stdio",
  "command": "ptt",
  "args": ["mcp", "--mcp_method", "stdio"],
  "env": {
    "PTT_API_KEY": "<ptt-api-key>"
  }
}

The MCP server also supports the HTTP method, which is also the default.

ptt mcp

In this case, you have to pass the API key as a header, called PTT_API_KEY.

Example config:

"ptt-mcp-http": {
  "type": "http",
  "url": "http://localhost:9000/mcp",
  "headers": {
    "PTT_API_KEY": "<ptt-api-key>"
  }
}

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

5/100across 5 weighted dimensions

How we score →

0255075100

−95

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is com.pentest-tools/mcp-server safe to use?: com.pentest-tools/mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install com.pentest-tools/mcp-server?: com.pentest-tools/mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.

Similar servers

Others in security

View all →

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

Remnux Mcp Server88

MCP server for using the REMnux malware analysis toolkit via AI assistants

65 5

Ggmcp88

MCP server for scanning and remediating hardcoded secrets using GitGuardian’s API. Detect over 500 secret types and prevent credential leaks before code goes public.

34 5

MCPpedia88

Search, evaluate, and compare 17,000+ MCP servers — each scored on security, maintenance, and efficiency.

1 5

MCP Security Weekly

Get CVE alerts and security updates for com.pentest-tools/mcp-server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?