Tools and frameworks for security testing, vulnerability scanning, and penetration testing. Enables security professionals to identify and exploit security weaknesses in applications and networks.
A security-focused server that integrates with Cursor IDE to provide real-time vulnerability detection, exploit generation, and security insights during software development.
An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.
Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.
A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.
A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
Provides a Model Context Protocol server implementation that allows AI agents and other MCP clients to programmatically interact with DefectDojo, a vulnerability management tool, for managing findings, products, and engagements.
A comprehensive HTTP client MCP server for security testing, API testing, and web automation that provides full-featured HTTP tools with detailed logging capabilities.
A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.
An MCP server that allows AI assistants and LLMs to interact with the Horizon3.ai API for scheduling pentests, querying results, and automating security workflows through natural language commands.
Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.
An MCP server that provides secure access to Kali Linux cybersecurity tools through Claude's interface, enabling users to run Kali Linux commands directly from Claude Desktop.
A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.
A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.
BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.
Enables AI assistants to interact with Metasploit Framework through 28 comprehensive tools for penetration testing and security analysis. Provides secure, structured access to MSF modules, database operations, session management, and payload generation capabilities.
An intelligent layered port scanning service based on MCP protocol, designed for AI assistants and development tools to perform network security analysis with real-time feedback.
Provides access to 13+ penetration testing and security audit tools through a unified MCP interface. Enables security professionals to perform vulnerability scanning, web fuzzing, network reconnaissance, and other security assessments through containerized tools like Nuclei, Nmap, SQLMap, and FFUF.
Enables users to run and manage BBOT security scans through the MCP interface. Provides comprehensive tools for executing reconnaissance scans, monitoring progress, and retrieving results with support for concurrent scanning operations.
A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.
Provides a bridge between large language models and the Metasploit Framework, enabling AI assistants to access and control penetration testing functionality through natural language.
Integrates OWASP ZAP security testing with AI assistants through MCP, enabling automated vulnerability scanning and AI-powered security analysis during development. Supports multiple scan types including active, passive, and AJAX spider scans with real-time status updates.
A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.
Enables Active Directory enumeration and abuse operations through the bloodyAD tool. Supports LDAP queries, user/group management, DNS operations, and security testing directly from AI assistants.
Enables secure integration with Metasploit Framework for AI assistants, providing comprehensive access to penetration testing tools, module management, payload generation, and database operations. Designed for authorized security testing and defensive analysis with 28 specialized tools covering complete MSF functionality.
Enables AI assistants to perform network scanning operations using NMAP, offering a standardized interface for network analysis and security assessments through AI conversations.
A proof-of-concept tool that integrates AI into security operations, allowing users to perform offensive security tasks like network scanning and reconnaissance through natural language commands to GitHub Copilot.
Enables users to perform security testing and penetration testing tasks through a Docker-based API that provides access to popular security tools like nmap, nikto, sqlmap, wpscan, dirb, and searchsploit. Designed for educational purposes with input sanitization and non-root execution for safer pentesting workflows.
Provides a one-stop automated solution for Android APK security analysis by integrating tools like JEB, JADX, APKTOOL, FlowDroid, and MobSF into unified MCP standard API interfaces.
Provides secure access to Kali Linux security tools through a dockerized environment for authorized penetration testing and defensive security. Enables network scanning, web application testing, system enumeration, and credential testing with built-in input sanitization and network restrictions.
An MCP server that integrates various penetration testing tools, enabling security professionals to perform reconnaissance, vulnerability scanning, and API testing through natural language commands in compatible LLM clients like Claude Desktop.
A Model Context Protocol server that provides intelligent hashcat integration for Claude Desktop, allowing users to crack hashes, analyze passwords, and perform security assessments directly from Claude conversations.
An agent-based network scanning system that uses Nmap for network discovery and leverages DeepSeek API to analyze scan results for security vulnerabilities and recommendations.
Enables comprehensive security testing and penetration testing through natural language conversations with 92+ tools for reconnaissance, vulnerability assessment, web application testing, OSINT, and reporting. Designed for authorized bug bounty hunting and security assessments.
An MCP Server that enables users to interact with Google's On-Demand Scanning API (v1beta1) through natural language, likely providing capabilities for vulnerability scanning and security analysis of containers and artifacts.
Enables LLMs to execute common security testing tools like nmap, sqlmap, hydra, and metasploit through a secure Docker container. Provides controlled access to penetration testing utilities with configurable timeouts and tool discovery capabilities.
A demonstration server that allows large language models to perform penetration testing tasks autonomously by interfacing with the Mythic C2 framework.
Enables comprehensive cybersecurity vulnerability assessment by searching GitHub repositories for exploits, querying NIST NVD for CVE details, and accessing CISA's Known Exploited Vulnerabilities catalog. Supports complete vulnerability research workflows from threat intelligence gathering to proof-of-concept discovery.
An automated penetration testing framework that enables intelligent security assessments through reconnaissance, vulnerability scanning, and controlled exploitation. Features AI-driven workflow management with comprehensive reporting for authorized security testing.
Enables vulnerability scanning of web applications using the xray security scanner. Provides URL scanning capabilities with configurable crawlers, plugins, and POCs to detect security vulnerabilities through natural language interactions.
Enables secure execution of penetration testing commands on Kali Linux through Server-Sent Events with intelligent command validation, real-time monitoring, and comprehensive audit logging. Designed for authorized security research and penetration testing workflows.
AI-powered cybersecurity automation platform with 150+ security tools and 12+ autonomous AI agents for penetration testing, vulnerability assessment, and bug bounty hunting. Enables comprehensive security testing through intelligent tool selection and automated workflows.
Enables website security scanning and vulnerability assessment by integrating dirsearch path scanning with firecrawl web scraping. Provides structured vulnerability reports categorized by risk level and detailed content analysis of high-risk URLs.
Enables AI agents to generate and manage specialized bug bounty hunting workflows including reconnaissance, vulnerability testing, OSINT gathering, and file upload testing. Provides REST API endpoints for comprehensive security assessments with intelligence-driven vulnerability prioritization.
Enables comprehensive network security scanning and vulnerability assessment using Linux tools like nmap. Provides network discovery, port scanning, service identification, OS detection, and device discovery capabilities for authorized security testing.
Enables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.
Enables LLMs to execute Kali Linux security tools like nmap, sqlmap, and hydra in a secure, sandboxed environment. Provides both MCP and HTTP API interfaces for penetration testing and security assessment tasks.