Skip to main content
Glama
LT7T

PentestThinkingMCP

by LT7T
OverviewInspectSchemaRelated ServersScoreDiscussions

pentestthinkingMCP

Plan and execute penetration testing steps using advanced strategies like Beam Search and Monte Carlo Tree Search. Automates attack path planning, provides step-by-step guidance, and recommends tools for CTF/HTB challenges.

Instructions

Advanced reasoning tool with multiple strategies including Beam Search and Monte Carlo Tree Search

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
attackStepYesCurrent attack step or action in the penetration test
attackStepNumberYesCurrent step number in the attack chain
nextAttackStepNeededYesWhether another attack step is needed
strategyTypeNoAttack strategy to use (beam_search or mcts)
totalAttackStepsYesTotal expected steps in the attack chain

Implementation Reference

  • src/index.ts:86-149 (handler)
    Main execution handler for the pentestthinkingMCP tool via CallToolRequestSchema. Handles tool name check, input processing, reasoner invocation, stats collection, and response formatting.
    server.setRequestHandler(CallToolRequestSchema, async (request) => { if (request.params.name !== "pentestthinkingMCP") { return { content: [{ type: "text", text: JSON.stringify({ error: "Unknown tool", success: false }) }], isError: true }; } try { // Process and validate input const step = processInput(request.params.arguments); // Process attack step with selected strategy const response = await reasoner.processAttackStep({ attackStep: step.attackStep, attackStepNumber: step.attackStepNumber, totalAttackSteps: step.totalAttackSteps, nextAttackStepNeeded: step.nextAttackStepNeeded, strategyType: step.strategyType }); // Get attack chain stats const stats = await reasoner.getStats(); // Return enhanced response const result = { attackStepNumber: step.attackStepNumber, totalAttackSteps: step.totalAttackSteps, nextAttackStepNeeded: step.nextAttackStepNeeded, attackStep: step.attackStep, nodeId: response.nodeId, score: response.score, strategyUsed: response.strategyUsed, stats: { totalNodes: stats.totalNodes, averageScore: stats.averageScore, maxDepth: stats.maxDepth, branchingFactor: stats.branchingFactor, strategyMetrics: stats.strategyMetrics } }; return { content: [{ type: "text", text: JSON.stringify(result) }] }; } catch (error) { return { content: [{ type: "text", text: JSON.stringify({ error: error instanceof Error ? error.message : String(error), success: false }) }], isError: true }; } });
  • src/index.ts:49-83 (registration)
    Registers the pentestthinkingMCP tool in the ListToolsRequestSchema response, defining its name, description, and input schema.
    server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: [{ name: "pentestthinkingMCP", description: "Advanced reasoning tool with multiple strategies including Beam Search and Monte Carlo Tree Search", inputSchema: { type: "object", properties: { attackStep: { type: "string", description: "Current attack step or action in the penetration test" }, attackStepNumber: { type: "integer", description: "Current step number in the attack chain", minimum: 1 }, totalAttackSteps: { type: "integer", description: "Total expected steps in the attack chain", minimum: 1 }, nextAttackStepNeeded: { type: "boolean", description: "Whether another attack step is needed" }, strategyType: { type: "string", enum: Object.values(ReasoningStrategy), description: "Attack strategy to use (beam_search or mcts)" } }, required: ["attackStep", "attackStepNumber", "totalAttackSteps", "nextAttackStepNeeded"] } }] }));
  • src/reasoner.ts:31-45 (helper)
    Core processing method in Reasoner class that selects and delegates to the appropriate strategy (beam_search or MCTS) for attack step reasoning.
    public async processAttackStep(request: ReasoningRequest): Promise<ReasoningResponse> { // Switch strategy if requested if (request.strategyType && this.strategies.has(request.strategyType as ReasoningStrategy)) { this.currentStrategy = this.strategies.get(request.strategyType as ReasoningStrategy)!; } // Process attack step using current strategy const response = await this.currentStrategy.processAttackStep(request); // Add strategy information to response return { ...response, strategyUsed: this.getCurrentStrategyName() }; }
  • src/index.ts:25-46 (helper)
    Helper function to process and validate the input arguments for the pentestthinkingMCP tool.
    function processInput(input: any) { const result = { attackStep: String(input.attackStep || ""), attackStepNumber: Number(input.attackStepNumber || 0), totalAttackSteps: Number(input.totalAttackSteps || 0), nextAttackStepNeeded: Boolean(input.nextAttackStepNeeded), strategyType: input.strategyType as ReasoningStrategy | undefined }; // Validate if (!result.attackStep) { throw new Error("attackStep must be provided"); } if (result.attackStepNumber < 1) { throw new Error("attackStepNumber must be >= 1"); } if (result.totalAttackSteps < 1) { throw new Error("totalAttackSteps must be >= 1"); } return result; }

This server cannot be installed

Other Tools

Related Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/LT7T/SecMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server