MCP Servers for Penetration Testing

Tools and frameworks for security testing, vulnerability scanning, and penetration testing. Enables security professionals to identify and exploit security weaknesses in applications and networks.

View all MCP Servers

  • A
    security
    A
    license
    A
    quality
    A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.
    Last updated -
    12
    327
    5
    JavaScript
    MIT License
  • A
    security
    A
    license
    A
    quality
    Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.
    Last updated -
    5
    1
    JavaScript
    MIT License
    • Linux
    • Apple
  • A
    security
    A
    license
    A
    quality
    Provides a Model Context Protocol server implementation that allows AI agents and other MCP clients to programmatically interact with DefectDojo, a vulnerability management tool, for managing findings, products, and engagements.
    Last updated -
    11
    1
    Python
    MIT License
    • Linux
    • Apple
  • A
    security
    F
    license
    A
    quality
    An MCP server that provides secure access to Kali Linux cybersecurity tools through Claude's interface, enabling users to run Kali Linux commands directly from Claude Desktop.
    Last updated -
    18
    2
    JavaScript
    • Linux
    • Apple
  • A
    security
    F
    license
    A
    quality
    A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.
    Last updated -
    8
    52
    31
    TypeScript
    • Linux
    • Apple
  • A
    security
    F
    license
    A
    quality
    A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
    Last updated -
    5
    5
    TypeScript
  • A
    security
    F
    license
    A
    quality
    Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.
    Last updated -
    2
    0
    TypeScript
    • Linux
    • Apple
  • A
    security
    F
    license
    A
    quality
    An MCP server that allows AI assistants and LLMs to interact with the Horizon3.ai API for scheduling pentests, querying results, and automating security workflows through natural language commands.
    Last updated -
    4
    Python
    • Apple
    • Linux
  • -
    security
    A
    license
    -
    quality
    A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
    Last updated -
    3
    Python
    MIT License
  • -
    security
    A
    license
    -
    quality
    A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.
    Last updated -
    4
    TypeScript
    MIT License
    • Linux
    • Apple
  • -
    security
    A
    license
    -
    quality
    Provides a bridge between large language models and the Metasploit Framework, enabling AI assistants to access and control penetration testing functionality through natural language.
    Last updated -
    12
    Python
    Apache 2.0
    • Linux
    • Apple
  • -
    security
    A
    license
    -
    quality
    A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
    Last updated -
    1
    TypeScript
    MIT License
  • -
    security
    A
    license
    -
    quality
    A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.
    Last updated -
    Python
    Apache 2.0
    • Linux
    • Apple
  • -
    security
    A
    license
    -
    quality
    BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.
    Last updated -
    22
    Python
    MIT License
  • -
    security
    A
    license
    -
    quality
    A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.
    Last updated -
    23
    9
    JavaScript
    MIT License
    • Apple
    • Linux
  • -
    security
    A
    license
    -
    quality
    Enables AI assistants to perform network scanning operations using NMAP, offering a standardized interface for network analysis and security assessments through AI conversations.
    Last updated -
    11
    3
    JavaScript
    MIT License
  • -
    security
    -
    license
    -
    quality
    An MCP server that integrates various penetration testing tools, enabling security professionals to perform reconnaissance, vulnerability scanning, and API testing through natural language commands in compatible LLM clients like Claude Desktop.
    Last updated -
    1
    Python
  • -
    security
    -
    license
    -
    quality
    A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.
    Last updated -
    Python
    GPL 3.0
  • -
    security
    F
    license
    -
    quality
    Damn Vulnerable MCP Server for Security Researchers.
    Last updated -
    Python
  • -
    security
    F
    license
    -
    quality
    A demonstration server that allows large language models to perform penetration testing tasks autonomously by interfacing with the Mythic C2 framework.
    Last updated -
    11
    Python
    • Apple