Used to package and run HydraMCP in an isolated environment with necessary security tools bundled together
Referenced for source code repository hosting and cloning the HydraMCP toolkit
Listed as a planned integration for technology stack detection and enumeration of websites
Provides WPScan integration for scanning WordPress sites to identify security vulnerabilities, outdated components, and potential weaknesses
HydraΜCP — The Model Context Protocol (MCP) Pentesting Toolkit
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Demo - Sqlmap
Nmap
Sqlmap
Holehe
Ocr2Text
Sherlock
Installation
Build te Docker image
Usage
Edit your claude_desktop_config.json
Or Copilot in vscode
You can use the following prompts to test the tools:
Changelog
Implemented Tools
Sublist3r - Domain enumeration tool
DNSRecon - DNS Reconnaissance tool
Holehe - Email registration checker
Nmap - Network scanner
OCR - Optical Character Recognition
Sqlmap - SQL injection scanner
WPScan - WordPress security scanner
Zmap - Internet scanner
Planned Tools
gobuster
TheHarvester
GitRecon
Phone carrier lookup
Netcraft
Cloudunflare (claudflare bypass)
Censys
Programmable search engine
Wayback Machine
Shodan
Wappalyzer
Hunter.io
Nuclei
Amass
GitSecrets - @awslabs/git-secrets or @trufflesecurity/trufflehog
Depixelization - https://github.com/spipm/Depixelization_poc
ExifTool
Contributing
If you want to contribute to this project, please follow these steps:
Fork the repository.
Create a new branch (
git checkout -b feature-branch
).Make your changes and commit them (
git commit -m 'Add some feature'
).Push to the branch (
git push origin feature-branch
).
Disclaimer
This project is for educational purposes only. Use it at your own risk. The author is not responsible for any damages or legal issues that may arise from the use of this software.
Version: 0.1.0
License: MIT
Author: Built with ❤️ by @atiilla
Community: @happyhackingspace | https://happyhacking.space
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Related MCP Servers
- -securityAlicense-qualityA secure, container-based implementation of the Model Context Protocol (MCP) that provides sandboxed environments for AI systems to safely execute code, run commands, access files, and perform web operations.Last updated -16Apache 2.0
- -securityAlicense-qualityAn open-source implementation of the Model Context Protocol (MCP) that bridges AI agents with enterprise systems, enabling secure access to real-world data and capabilities.Last updated -5Apache 2.0
- -securityFlicense-qualityA lightweight orchestration hub for managing local Model Context Protocol (MCP) tools in a unified way, allowing users to build, manage, and call their AI tools from IDEs, terminal, and custom assistants.
- -securityAlicense-qualityModel Context Protocol (MCP) server that provides AI assistants with advanced web research capabilities, including Google search integration, intelligent content extraction, and multi-source synthesis.Last updated -144MIT License