An MCP (Model Context Protocol) server offering comprehensive penetration testing capabilities including directory and vulnerability scanning, API testing, reconnaissance, automated report generation, and seamless integration with LLM clients like Claude Desktop.
Unlock the full potential of Pentest Tools MCP Server through LangDB's AI Gateway. Get enterprise-grade security, analytics, and seamless integration with zero configuration.
Free tier available • No credit card required
An MCP (Model Context Protocol) server for penetration testing tools, designed to work with various LLM clients like Claude Desktop, Roo Code, and other compatible MCP clients.
# Create directories mkdir -p reports templates wordlists
pentest-tools/
├── reports/ # For storing scan reports
├── templates/ # For report templates
├── wordlists/ # For custom wordlists
├── pentest-tools-mcp-server.py
├── config.json
├── requirements.txt
├── docker-compose.yml
└── Dockerfile
docker-compose up -d --build
docker-compose ps
docker-compose logs -f
uv venv source .venv/bin/activate # On Windows: .venv\Scripts\activate uv pip install -r requirements.txt
sudo apt-get install nmap whatweb dnsrecon theharvester ffuf dirsearch sqlmap
Windows:
%APPDATA%\Claude\claude_desktop_config.json
MacOS/Linux:
~/Library/Application Support/Claude/claude_desktop_config.json
For Docker setup:
{ "mcpServers": { "pentest-tools": { "command": "docker-compose", "args": [ "run", "--rm", "pentest-tools", "python3", "pentest-tools-mcp-server.py" ], "cwd": "\\Path\\to\\pentest-tools" } } }
If the above configuration doesn't work on Windows, try this alternative approach:
{ "mcpServers": { "pentest-tools": { "command": "cmd", "args": [ "/c", "cd /d \\path\\to\\pentest-tools && docker-compose run --rm pentest-tools python3 pentest-tools-mcp-server.py" ] } } }
Note about cwd
(Current Working Directory):
cwd
tells Claude Desktop which directory to run the command fromdocker-compose.yml
\\
) in paths/
)Available commands in Claude Desktop:
/recon example.com
/scan example.com --type directory
/scan example.com --type full
/scan example.com --type xss
/scan example.com --type sqli
/scan example.com --type ssrf
/scan api.example.com --type api
Natural language commands:
pentest-tools/
├── reports/ # Scan reports directory
│ ├── recon/ # Reconnaissance reports
│ ├── vulns/ # Vulnerability scan reports
│ └── api/ # API testing reports
├── templates/ # Report templates
│ ├── recon.html # Template for recon reports
│ ├── vuln.html # Template for vulnerability reports
│ └── api.html # Template for API test reports
├── wordlists/ # Custom wordlists
│ ├── SecLists/ # Cloned from SecLists repo
│ ├── custom/ # Your custom wordlists
│ └── generated/ # Tool-generated wordlists
├── pentest-tools-mcp-server.py # Main MCP server
├── config.json # Tool configuration
├── requirements.txt # Python dependencies
├── docker-compose.yml # Docker configuration
└── Dockerfile # Container definition
Discover shared experiences
Shared threads will appear here, showcasing real-world applications and insights from the community. Check back soon for updates!