-
securityF
license-
qualityEnables comprehensive GitHub operations through natural language including file management, repository administration, issue tracking, and advanced code searching.
Last updated -
22,573
1
TypeScript
Integrates with GitHub for project management and repository operations related to security testing workflows.
Enables GitHub Copilot to execute security operations including network scanning, reconnaissance, and exploitation support through an agent-based interface in VSCode.
Hacking Buddy MCP
Hacking Buddy MCP is a proof-of-concept project that explores how AI can be integrated into security operations, particularly within Red Team and Pentesting workflows.
I created this tool to demonstrate practical ways in which AI can assist during offensive security engagements from reconnaissance and exploitation support to analyzing collected data. Since Red Teaming and Pentesting is where I spend most of my time, this project reflects both some of my hands-on experience and my interest in innovating with AI in the security space.
Note: This project currently includes only a few integrated tools, but I plan to add more over time as I experiment with different scenarios. My goal is to keep it fun and iterative—sharing progress as I go instead of waiting to launch a fully built-out version later.
VSCode + GitHub Copilot
This is setup including the .vscode directory which contains the mcp.json file.
- You will need to adjust the path (the last argument) in the mcp json to match your configuration.
Running the MCP server within VSCode
Running the MCP server is actually pretty easy:
- In VSCode go to the mcp.json
- Click Start above the JSON object, right above where it says "hacking-buddy-mcp"
- Open GitHub Copilot and change it's mode to Agent
- Ask it to perform one of the actions available from Hacking Buddy MCP Tools, like "Do an nmap discovery scan on this ip range 192.168.1.0/24" and "Run port scans on those hosts"
⚠ Note: If GitHub Copilot starts acting up you may need to start a new chat!
Setup
Pre-requisites
You need to have uv and dependencies (FastMCP) installed.
Install uv:
⚠️ It is highly recommended that you setup a virtual environment first!
- Run
uv venvto create a virtual environment- Run
source .venv/bin/activateto active the virtual enviroment
Install dependencies from pyproject.toml
This allows you to automatically install the dependencies from a file. Run:
Install dependencies manually
Install FastMCP
See the FastMCP GitHub.
🚧 This is an experimental project, feedback and ideas are always welcome!
This server cannot be installed
A proof-of-concept tool that integrates AI into security operations, allowing users to perform offensive security tasks like network scanning and reconnaissance through natural language commands to GitHub Copilot.
Related MCP Servers
- -securityFlicense-qualityThis server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security AlertsLast updated -125TypeScript
- -security-license-qualityA module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.Last updated -PythonGPL 3.0
- -securityFlicense-qualityA set of tools allowing AI assistants to interact directly with GitHub, enabling automation of tasks like fetching user profiles, creating repositories, and managing pull requests.Last updated -Python