MCP Pentest

# MCP Pentest - Windows Tool Installation Script # This script installs required pentesting tools on Windows param( [string]$InstallType = "essential" ) # Colors for output $GREEN = "Green" $RED = "Red" $YELLOW = "Yellow" function Write-Status { param([string]$Message) Write-Host "[INFO] $Message" -ForegroundColor $GREEN } function Write-Warning { param([string]$Message) Write-Host "[WARNING] $Message" -ForegroundColor $YELLOW } function Write-Error { param([string]$Message) Write-Host "[ERROR] $Message" -ForegroundColor $RED } function Test-Administrator { $currentUser = [Security.Principal.WindowsIdentity]::GetCurrent() $principal = New-Object Security.Principal.WindowsPrincipal($currentUser) return $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) } function Install-Chocolatey { Write-Status "Installing Chocolatey package manager..." if (Get-Command choco -ErrorAction SilentlyContinue) { Write-Status "Chocolatey is already installed" return } Set-ExecutionPolicy Bypass -Scope Process -Force [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) Write-Status "Chocolatey installed successfully" } function Install-Python { Write-Status "Installing Python..." if (Get-Command python -ErrorAction SilentlyContinue) { Write-Status "Python is already installed" return } choco install python -y refreshenv Write-Status "Python installed successfully" } function Install-Git { Write-Status "Installing Git..." if (Get-Command git -ErrorAction SilentlyContinue) { Write-Status "Git is already installed" return } choco install git -y refreshenv Write-Status "Git installed successfully" } function Install-Go { Write-Status "Installing Go..." if (Get-Command go -ErrorAction SilentlyContinue) { Write-Status "Go is already installed" return } choco install golang -y refreshenv # Add Go to PATH $goPath = "${env:USERPROFILE}\go\bin" if ($env:PATH -notlike "*$goPath*") { [Environment]::SetEnvironmentVariable("PATH", $env:PATH + ";$goPath", "User") } Write-Status "Go installed successfully" } function Install-EssentialTools { Write-Status "Installing essential penetration testing tools..." # Install Nmap if (-not (Get-Command nmap -ErrorAction SilentlyContinue)) { choco install nmap -y Write-Status "Installed: nmap" } # Install Python packages $pythonPackages = @( "sqlmap", "requests", "beautifulsoup4", "lxml" ) foreach ($package in $pythonPackages) { try { python -m pip install $package Write-Status "Installed Python package: $package" } catch { Write-Warning "Failed to install Python package: $package" } } # Install Nuclei if (-not (Get-Command nuclei -ErrorAction SilentlyContinue)) { go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest nuclei -update-templates -silent Write-Status "Installed: nuclei" } } function Install-ServiceSpecificTools { Write-Status "Installing service-specific testing tools..." # Install CrackMapExec try { python -m pip install crackmapexec Write-Status "Installed: crackmapexec" } catch { Write-Warning "Failed to install crackmapexec" } # Install Impacket try { python -m pip install impacket Write-Status "Installed: impacket" } catch { Write-Warning "Failed to install impacket" } # Install BloodHound try { python -m pip install bloodhound Write-Status "Installed: bloodhound" } catch { Write-Warning "Failed to install bloodhound" } # Install SSH-Audit try { python -m pip install ssh-audit Write-Status "Installed: ssh-audit" } catch { Write-Warning "Failed to install ssh-audit" } # Note: Windows has built-in SMB tools (net, nbtstat) Write-Status "Windows built-in SMB tools available: net view, nbtstat" } function Install-WebTestingTools { Write-Status "Installing web application testing tools..." # Install Go-based tools $goTools = @( @{Name = "subfinder"; Package = "github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest"}, @{Name = "httpx"; Package = "github.com/projectdiscovery/httpx/cmd/httpx@latest"}, @{Name = "ffuf"; Package = "github.com/ffuf/ffuf@latest"}, @{Name = "katana"; Package = "github.com/projectdiscovery/katana/cmd/katana@latest"}, @{Name = "gobuster"; Package = "github.com/OJ/gobuster/v3@latest"} ) foreach ($tool in $goTools) { if (-not (Get-Command $tool.Name -ErrorAction SilentlyContinue)) { go install -v $tool.Package Write-Status "Installed: $($tool.Name)" } } # Install Python web tools $pythonWebTools = @( "dirsearch", "wfuzz" ) foreach ($tool in $pythonWebTools) { try { python -m pip install $tool Write-Status "Installed: $tool" } catch { Write-Warning "Failed to install: $tool" } } } function Install-WindowsSpecificTools { Write-Status "Installing Windows-specific tools..." # PowerShell modules for security testing $psModules = @( "PowerSploit", "Nishang" ) foreach ($module in $psModules) { try { Install-Module -Name $module -Force -Scope CurrentUser Write-Status "Installed PowerShell module: $module" } catch { Write-Warning "Failed to install PowerShell module: $module" } } # Windows Sysinternals if (-not (Test-Path "C:\Tools\Sysinternals")) { New-Item -ItemType Directory -Path "C:\Tools\Sysinternals" -Force Invoke-WebRequest -Uri "https://download.sysinternals.com/files/SysinternalsSuite.zip" -OutFile "$env:TEMP\SysinternalsSuite.zip" Expand-Archive -Path "$env:TEMP\SysinternalsSuite.zip" -DestinationPath "C:\Tools\Sysinternals" Write-Status "Installed: Windows Sysinternals" } } function Setup-Directories { Write-Status "Setting up directories..." $directories = @( "$env:USERPROFILE\.config\mcp-pentest", "$env:USERPROFILE\.local\share\mcp-pentest\wordlists", "$env:USERPROFILE\.local\share\mcp-pentest\reports", "C:\Tools" ) foreach ($dir in $directories) { if (-not (Test-Path $dir)) { New-Item -ItemType Directory -Path $dir -Force Write-Status "Created directory: $dir" } } } function Download-Wordlists { Write-Status "Downloading common wordlists..." $wordlistDir = "$env:USERPROFILE\.local\share\mcp-pentest\wordlists" # Download SecLists if (-not (Test-Path "$wordlistDir\SecLists")) { git clone https://github.com/danielmiessler/SecLists.git "$wordlistDir\SecLists" Write-Status "Downloaded: SecLists" } # Download specific wordlists $wordlists = @( @{ Name = "common_directories.txt" Url = "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/common.txt" }, @{ Name = "subdomains.txt" Url = "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/subdomains-top1million-5000.txt" } ) foreach ($wordlist in $wordlists) { $outputPath = "$wordlistDir\$($wordlist.Name)" if (-not (Test-Path $outputPath)) { Invoke-WebRequest -Uri $wordlist.Url -OutFile $outputPath Write-Status "Downloaded: $($wordlist.Name)" } } } function Test-Installations { Write-Status "Verifying installations..." $tools = @( "nmap", "nuclei", "python", "go" ) foreach ($tool in $tools) { if (Get-Command $tool -ErrorAction SilentlyContinue) { Write-Status "✓ $tool is installed" } else { Write-Error "✗ $tool is NOT installed" } } # Test Python packages $pythonPackages = @("sqlmap", "crackmapexec", "impacket", "ssh-audit") Write-Status "Python Packages:" foreach ($package in $pythonPackages) { try { python -c "import $package" 2>$null if ($LASTEXITCODE -eq 0) { Write-Status "✓ $package is installed" } else { Write-Warning "○ $package is not installed" } } catch { Write-Warning "○ $package is not installed" } } # Test Go tools $goTools = @("subfinder", "httpx", "ffuf", "katana", "gobuster", "nuclei") Write-Status "Go Tools:" foreach ($tool in $goTools) { if (Get-Command $tool -ErrorAction SilentlyContinue) { Write-Status "✓ $tool is installed" } else { Write-Warning "○ $tool is not installed" } } } # Main installation process function Main { Write-Host "🔧 MCP Pentest Windows Tool Installation" -ForegroundColor Cyan Write-Host "=======================================" -ForegroundColor Cyan Write-Host "" if (-not (Test-Administrator)) { Write-Error "This script requires administrator privileges. Please run as Administrator." exit 1 } # Ask user what to install Write-Host "What would you like to install?" Write-Host "1) Essential tools only (nmap, nuclei, python packages)" Write-Host "2) Essential + web testing tools (subfinder, httpx, ffuf)" Write-Host "3) Essential + service-specific tools (crackmapexec, impacket)" Write-Host "4) Complete installation (all tools)" Write-Host "5) Windows-specific tools (PowerShell modules, Sysinternals)" Write-Host "" $choice = Read-Host "Enter your choice (1-5)" # Install prerequisites Install-Chocolatey Install-Python Install-Git Install-Go Setup-Directories switch ($choice) { "1" { Install-EssentialTools Download-Wordlists } "2" { Install-EssentialTools Install-WebTestingTools Download-Wordlists } "3" { Install-EssentialTools Install-ServiceSpecificTools Download-Wordlists } "4" { Install-EssentialTools Install-WebTestingTools Install-ServiceSpecificTools Install-WindowsSpecificTools Download-Wordlists } "5" { Install-WindowsSpecificTools } default { Write-Error "Invalid choice" exit 1 } } Test-Installations Write-Host "" Write-Status "Installation completed!" Write-Status "Please restart your PowerShell session to ensure all PATH changes take effect" Write-Host "" Write-Host "🎯 Next steps:" -ForegroundColor Cyan Write-Host "1. Run 'npm install' to install Node.js dependencies" Write-Host "2. Run 'npm run build' to build the project" Write-Host "3. Configure your MCP client to use this server" Write-Host "" Write-Warning "Remember: Only use these tools on systems you own or have explicit permission to test!" } # Run main function Main