pentest-mcp

by DMontgomery40 · JavaScript · ★ 136

NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.

#cybersecurity#dirbuster#gobuster#hashcat#http-streaming#john-the-ripper#jtr#mcp#mcp-server#model-context-protocol#nikto#nmap#pentesting#pentesting-tools#redteam#sse-server#sse-streaming#stdio

Install

npx -y github:DMontgomery40/pentest-mcp

Claude Desktop config

Add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "pentest-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "github:DMontgomery40/pentest-mcp"
      ]
    }
  }
}

From the README

[](https://smithery.ai/server/@DMontgomery40/pentest-mcp) [](https://mseep.ai/app/fa558a10-f45c-4668-9bb6-15630dd51f27) Professional penetration-testing MCP server with modern transport/auth support and expanded recon tooling. - Upgraded MCP SDK to - Kept MCP Inspector at the latest release () with bundled launcher - Streamable HTTP is now the primary network transport () - SSE is still available only as a deprecated compatibility mode - Added bearer-token auth with OIDC JWKS and introspection support - Added first-class tools: , , , , , , , - Added report-admin tools: , - Added SoW captu…

Read full README on GitHub →