Provides specialized workflows for WordPress vulnerability assessment, allowing for automated security scanning of WordPress installations using tools like wpscan.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Exegol MCP Serverrun the web_recon workflow on example.com"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Exegol MCP Server
A Model Context Protocol (MCP) server that enables AI agents to interact with Exegol pentesting containers with predefined workflows for common pentesting tasks.
Features
Core Features
✅ Execute commands in Exegol containers (
exegol exec -v)✅ List available Exegol containers (
exegol info)✅ Health check and status monitoring
✅ 10-minute timeout for all command executions
✅ Concurrent execution support (5+ simultaneous commands)
✅ Structured JSON logging
🎯 Workflow Features (NEW!)
✅ 7 predefined pentesting workflows ready to use
✅ List workflows with filtering by category, difficulty, or tags
✅ Execute workflows with automatic step sequencing
✅ Workflows for: Web recon, subdomain enumeration, port scanning, vulnerability scanning, and more
✅ Automatic error handling with continue-on-failure support
Prerequisites
Python 3.10+
Exegol CLI installed and accessible (Exegol Installation)
Docker running (required by Exegol)
At least one Exegol container created
Verify prerequisites:
Installation
Clone or download this repository
Install dependencies:
Configure the server:
Configuration
Edit config.yaml:
Configuration Options Explained
Compact Mode (compact_mode: true)
Purpose: Reduce token usage in AI responses
Effect: Shorter field names, omits verbose metadata
Recommended:
truefor Claude interactionsImpact: ~30% reduction in response size
Auto-Parsing (auto_parse: true)
Purpose: Intelligently parse pentesting tool outputs
Supported tools: nmap, subfinder, gobuster, nuclei, and more
Output: Adds structured
parsed_outputfield to responsesBenefit: Makes results easier to analyze and process
Example:
{ "stdout": "...", "parsed_output": { "tool_detected": "nmap", "open_ports": ["22", "80", "443"], "services": { "22": "ssh", "80": "http", "443": "https" } } }
Persistent Sessions (sessions.enabled: true)
Purpose: Reuse bash sessions across multiple commands
Benefit: Faster execution, maintains environment state
Use case: Multiple sequential commands on same container
Idle timeout: Auto-close after 5 minutes of inactivity
Usage
Run as MCP Server
The server will start on stdio transport, ready for MCP client connections.
Integrate with Claude Desktop
Add to ~/.config/claude/mcp.json (Linux/Mac) or %APPDATA%\Claude\mcp.json (Windows):
Restart Claude Desktop, then try:
"List available Exegol containers"
"Execute 'whoami' in the pentest-box container"
Integrate with CLaude Code
Then use in claude code:
To check mcp status
🎯 Available MCP Tools
The server exposes 5 MCP tools:
Core Tools
exegol_exec- Execute a command in an Exegol containerexegol_list- List all available Exegol containersexegol_status- Check MCP server health status
Workflow Tools
list_workflows- List available predefined pentesting workflowsrun_workflow- Execute a complete pentesting workflow
📋 Predefined Workflows
Available Workflows
Workflow | Category | Difficulty | Time | Description |
| Recon | Easy | 10 min | Comprehensive subdomain enumeration with alive check |
| Enumeration | Medium | 15 min | Full TCP port scan with service detection |
| Web | Medium | 20 min | Web application reconnaissance (whatweb, gobuster, katana, finalrecon) |
| Vulnerability Scan | Medium | 30 min | Web vulnerability scanning (nuclei, xsrfprobe) |
| Web | Easy | 15 min | WordPress vulnerability assessment (wpscan) |
| Network | Easy | 10 min | Network discovery and enumeration |
| Vulnerability Scan | Hard | 20 min | SQL injection vulnerability testing (sqlmap) |
Workflow Usage Examples
1. List All Available Workflows
Ask Claude:
Claude will use the list_workflows MCP tool to show all 7 workflows with their details.
2. Execute a Web Reconnaissance Workflow
Ask Claude:
Claude will:
Use the
run_workflowMCP toolSpecify workflow:
web_reconSet target:
http://192.168.1.100Execute all steps automatically:
Technology detection (whatweb)
Directory bruteforce (gobuster)
Web crawling (katana)
Comprehensive recon (finalrecon)
Display aggregated results
3. Filter Workflows by Category
Ask Claude:
Claude will use list_workflows with category filter to show only web-related workflows.
4. Execute Subdomain Enumeration
Ask Claude:
Claude will:
Run subdomain discovery (subfinder)
Check which subdomains are alive (httpx)
Display summary of findings
Workflow Parameters
Each workflow requires specific parameters:
Workflow | Required Parameters | Optional Parameters |
|
|
|
|
|
|
|
|
|
|
| - |
|
| - |
|
| - |
|
|
|
Real-World Example
Scenario: You want to perform reconnaissance on a web application.
Ask Claude:
Claude will:
Detect technologies using whatweb
Bruteforce directories with gobuster
Crawl the website with katana
Run comprehensive reconnaissance with finalrecon
Show you all discovered endpoints, technologies, and potential attack vectors
Results you'll get:
Detected web technologies (frameworks, libraries, versions)
HTTP security headers analysis
Discovered directories and files
Crawled URLs
JavaScript files and their contents
Potential sensitive files exposed
Workflow Features
✅ Automatic step sequencing: Workflows execute multiple commands in order
✅ Error handling: Steps can continue on failure if configured
✅ Parameter validation: Validates required parameters before execution
✅ Detailed results: Each step returns stdout, stderr, exit code, and execution time
✅ Success tracking: Know exactly which steps succeeded or failed
Educational Use
This project is intended for educational purposes only. Always ensure you have permission to test any systems or networks.
License
This project is licensed under the MIT License.