Used to package and run HydraMCP in an isolated environment with necessary security tools bundled together
Referenced for source code repository hosting and cloning the HydraMCP toolkit
Listed as a planned integration for technology stack detection and enumeration of websites
Provides WPScan integration for scanning WordPress sites to identify security vulnerabilities, outdated components, and potential weaknesses
HydraΜCP — The Model Context Protocol (MCP) Pentesting Toolkit
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Demo - Sqlmap
Nmap
Sqlmap
Holehe
Ocr2Text
Sherlock
Installation
Build te Docker image
Usage
Edit your claude_desktop_config.json
Or Copilot in vscode
You can use the following prompts to test the tools:
Changelog
Implemented Tools
- Sublist3r - Domain enumeration tool
- DNSRecon - DNS Reconnaissance tool
- Holehe - Email registration checker
- Nmap - Network scanner
- OCR - Optical Character Recognition
- Sqlmap - SQL injection scanner
- WPScan - WordPress security scanner
- Zmap - Internet scanner
Planned Tools
- gobuster
- TheHarvester
- GitRecon
- Phone carrier lookup
- Netcraft
- Cloudunflare (claudflare bypass)
- Censys
- Programmable search engine
- Wayback Machine
- Shodan
- Wappalyzer
- Hunter.io
- Nuclei
- Amass
- GitSecrets - @awslabs/git-secrets or @trufflesecurity/trufflehog
- Depixelization - https://github.com/spipm/Depixelization_poc
- ExifTool
- Sudomy https://github.com/screetsec/Sudomy
Contributing
If you want to contribute to this project, please follow these steps:
- Fork the repository.
- Create a new branch (
git checkout -b feature-branch
). - Make your changes and commit them (
git commit -m 'Add some feature'
). - Push to the branch (
git push origin feature-branch
).
Disclaimer
This project is for educational purposes only. Use it at your own risk. The author is not responsible for any damages or legal issues that may arise from the use of this software.
- Version: 0.1.0
- License: MIT
- Author: Built with ❤️ by @atiilla
- Community: @happyhackingspace | https://happyhacking.space
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Related MCP Servers
- -securityAlicense-qualityA secure, container-based implementation of the Model Context Protocol (MCP) that provides sandboxed environments for AI systems to safely execute code, run commands, access files, and perform web operations.Last updated -10PythonApache 2.0
- -securityAlicense-qualityAn open-source implementation of the Model Context Protocol (MCP) that bridges AI agents with enterprise systems, enabling secure access to real-world data and capabilities.Last updated -1PythonApache 2.0
- -securityFlicense-qualityA lightweight orchestration hub for managing local Model Context Protocol (MCP) tools in a unified way, allowing users to build, manage, and call their AI tools from IDEs, terminal, and custom assistants.Last updated -Python
- -securityAlicense-qualityModel Context Protocol (MCP) server that provides AI assistants with advanced web research capabilities, including Google search integration, intelligent content extraction, and multi-source synthesis.Last updated -272TypeScriptMIT License