zeroforge
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@zeroforgeIngest the binary at ./test and assess for vulnerabilities."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
ZeroForge
An adaptive binary-0day research brain that sits on top of HexStrike AI.
HexStrike is an excellent executor: 150+ security tools wrapped behind an HTTP API and MCP. But it is stateless — every tool returns raw text to the LLM and the target model is forgotten the moment the call returns, and its "decision engine" is a hard-coded effectiveness table that never adapts.
ZeroForge adds the part that was missing: memory and reasoning.
┌── LLM (Claude via MCP) ──┐
│ reasons & decides │
└────────────┬──────────────┘
│ small stateful verbs (zf_ingest / zf_plan / zf_assess …)
┌───────▼─────────┐
│ ZeroForge │ persistent knowledge graph (SQLite)
│ • model │ adaptive planner (state → ranked actions)
│ • planner │ action log (never repeat work)
└───────┬─────────┘
│ executes via …
┌──────────▼───────────┐ ┌───────────────┐
│ HexStrike /api/tools │ or → │ local tools │ (fallback if HS down)
└──────────────────────┘ └───────────────┘Why it's more powerful than raw HexStrike
HexStrike | ZeroForge | |
Target model | none — raw tool text per call | persistent knowledge graph that accumulates across runs |
Tool selection | static effectiveness table | adaptive planner reacting to discovered facts |
Repeated work | re-runs freely | action log dedup — never repeats a completed step |
Reasoning | in the LLM only, each turn cold | LLM + a growing state it can query |
Backend | its own wrappers | reuses HexStrike, with local fallback |
Related MCP server: ImHex MCP Integration
Install
python3 -m pip install requests # only hard dep for the core
# MCP mode additionally needs fastmcp (already in the HexStrike venv)Use — CLI
python3 -m zeroforge.cli ingest ./target # characterize + enumerate + gadgets
python3 -m zeroforge.cli assess # narrative state
python3 -m zeroforge.cli plan # ranked next actions + rationale
python3 -m zeroforge.cli exploit ./target # autonomous ret2win -> real shell
python3 -m zeroforge.cli show sink # dump graph nodes
python3 -m zeroforge.cli log # what has already runAutonomous exploitation (proven end-to-end)
Against a no-canary stack overflow with a win()/system("/bin/sh") function,
zeroforge exploit runs the whole chain by itself — no offsets hard-coded:
[*] Attempting autonomous ret2win on ./vuln_test
detail: ret2win -> win@0x401166 offset=72 align_ret=0x401016
[+] EXPLOIT SUCCESSFUL — code execution proven:
| ZEROFORGE_PWNED_1000
| uid=1000(benny) gid=1000(benny) groups=1000(benny),...
[+] Reproducible exploit written to: ./vuln_test.zeroforge_exploit.pyIt (1) detects the input vector from the discovered sinks, (2) computes the
saved-RIP offset by crashing the target under GDB with a cyclic pattern,
(3) locates a win/system function, (4) builds a stack-aligned payload and
(5) runs the binary to obtain a shell — then records GOAL ACHIEVED: shell
into the knowledge graph and emits a standalone pwntools script.
tests/test_exploit.py compiles a fresh target and asserts the shell.
Example against a scanf/strcpy/system("/bin/sh") binary with no canary:
[ 98] Trace reachability to system()/popen() (exploit)
↳ system()/popen() present and a /bin/sh string exists — likely a one-shot command-injection path.
[ 93] Dynamically confirm stack overflow (offset) (exploit)
↳ Unbounded copy sink present. No stack canary → saved-return overwrite is viable.
[ 82] Probe format-string primitive (exploit)
↳ Non-constant format sink present → test for arbitrary read/write & leaks.Use — MCP (drive it from Claude)
Point your MCP client at zeroforge.mcp_server. Verbs: zf_ingest,
zf_plan, zf_assess, zf_show, zf_note, zf_run_hexstrike.
{
"mcpServers": {
"zeroforge": {
"command": "/home/you/hexstrike-ai/hexstrike-env/bin/python",
"args": ["-m", "zeroforge.mcp_server"],
"env": { "ZEROFORGE_DB": "engagement.db", "HEXSTRIKE_URL": "http://localhost:8888" }
}
}
}Status
v0.2 — working core: knowledge graph, triage capabilities (file/checksec/sinks/
strings/ROP gadgets), adaptive planner, CLI, MCP server (7 verbs incl.
zf_exploit), and autonomous ret2win exploitation proven end-to-end.
Roadmap: ret2libc / full ROP chaining, format-string primitive, taint-based
reachability (angr), fuzzing orchestration + crash triage, agentic run-loop.
Legal
For authorized security research, CTFs and pentesting engagements only. You are responsible for having permission to test any target.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mika8313/zeroforge'
If you have feedback or need assistance with the MCP directory API, please join our Discord server