PentestMCP
by RamKansal
pentestMCP: AI-Powered Penetration Testing via MCP, an MCP designed for penetration testers.
No known CVEs
No license
Actively maintained
Last commit 24d ago
Works with most clients
Transport: stdio, sse, http
0 tools
Grade F
Step 1
Install in your client
Config is the same across clients — only the file and path differ.
CD
Supported in Claude Desktopstdio, sse, http · Node 18+
Paste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"pentestmcp": {
"command": "<see-readme>",
"args": []
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Embed in your READMEAbout badges →
[](https://mcppedia.org/s/pentestmcp)
Read me
What PentestMCP does
pentestMCP provides a powerful bridge between Large Language Models (LLMs) and practical penetration testing tools through the Model Context Protocol (MCP). This project functions as an MCP Server, exposing a curated suite of over 20 standard security assessment utilities (Nmap, Nuclei, ZAP, SQLMap, etc.) as callable 'tools'. This allows AI agents within MCP-compatible clients (like Claude Desktop or specific VS Code setups) to leverage these utilities for automated and interactive security anal
Test This Server
No automated test available for this server. Check the GitHub README for setup instructions.
Loading README…
Scored, not listed
Why this score
Five weighted categories — click any category to see the underlying evidence.
Score breakdown
35/100across 5 weighted dimensions
0255075100
11
11
10
−65
Security
Maintenance
Efficiency
Documentation
Compatibility
Categoriesclick a row to see evidence
Security
OSV.devNo known CVEs.
No package registry to scan.
Community
Reviews
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
How easy was setup?Did it work reliably?How was the documentation?
Sign in to write a review.
Frequently Asked Questions
- Is PentestMCP safe to use?
- PentestMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
- How do I install PentestMCP?
- PentestMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.
- What AI clients work with PentestMCP?
- PentestMCP is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
- Is PentestMCP actively maintained?
- PentestMCP is actively maintained — last commit was 24 days ago. It has 70 GitHub stars.
Related
Similar servers
Others in security
Evil Mcp Server93An evil MCP server used for redteam testing
30 1
Ida Pro Mcp92AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
9.0k 3
I
io.github.jasonxkensei/xproof92Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
1 1
Mcpki Server92mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).
10
MCP Security Weekly
Get CVE alerts and security updates for PentestMCP and similar servers.
Community
Discussion
Start a conversation
Ask a question, share a tip, or report an issue.
Has anyone used this with Cursor?How do you handle auth?Any alternatives?
Sign in to join the discussion.
