Website penetration testing and security vulnerability assessment tools

Glama

Search for:

Website penetration testing and security vulnerability assessment tools

View all MCP Servers

Why this server?
This server directly integrates the Metasploit Framework, the leading tool for penetration testing and exploitation, enabling the discovery and exploitation of security risks on target systems, including web application vulnerabilities.
Metasploit MCP Server
GH05TCREW
-
security
A
license
-
quality
Provides a bridge between large language models and the Metasploit Framework, enabling AI assistants to access and control penetration testing functionality through natural language.
Last updated -
302
Apache 2.0
Why this server?
This server provides access to common Kali Linux penetration testing commands (such as those used for SQL injection and command execution) specifically for finding security vulnerabilities in web applications.
Kali Linux MCP Server
sfz009900
A
security
F
license
A
quality
A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
Last updated -
5
48
Why this server?
BurpSuite is the industry-standard tool for web application security testing and is essential for finding most common website vulnerabilities and security risks.
BurpSuite MCP Server
X3r0K
-
security
A
license
-
quality
BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.
Last updated -
52
MIT License
Why this server?
This server integrates core penetration testing utilities like Nmap and Nikto, which are used to scan networks and websites for open ports and known vulnerabilities, fulfilling the request to discover security risks.
Pentest MCP
DMontgomery40
A
security
A
license
A
quality
A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.
Last updated -
9
25
89
MIT License
Why this server?
Provides secure execution of web-focused Kali Linux tools (like Nmap, SQLMap, and Nikto) in a controlled environment, making it highly relevant for web penetration testing tasks.
Kali Pentest MCP Server
SalmanFaris7
-
security
-
license
-
quality
Provides secure access to Kali Linux penetration testing tools including nmap, nikto, dirb, wpscan, and sqlmap for educational vulnerability assessment on whitelisted targets. Runs in a controlled Docker environment and includes reconnaissance capabilities for authorized security testing.
Last updated -
Why this server?
This tool helps discover security risks by autonomously interacting with web apps, capturing network traffic, and collecting console errors, providing diagnostics essential for identifying exploitable flaws.
WebEvalAgent MCP Serverofficial
Operative-Sh
A
security
A
license
A
quality
Unleashes LLM-powered agents to autonomously execute and debug web apps directly in your code editor, with features like webapp navigation, network traffic capture, and console error collection.
Last updated -
2
1,194
Apache 2.0
Why this server?
This service is designed for comprehensive security scanning, enabling the detection of code-level vulnerabilities, dependency issues, and secrets within the codebase supporting the website.
Security Scanner MCP Server
Rupeebw
-
security
A
license
-
quality
Enables comprehensive security scanning of code repositories to detect secrets, vulnerabilities, dependency issues, and configuration problems. Provides real-time security checks and best practice recommendations to help developers identify and prevent security issues.
Last updated -
6
2
MIT License
Why this server?
Integrates the Nuclei vulnerability scanner, which is highly effective for quickly running templated checks against websites to discover known security risks and misconfigurations.
Nuclei MCP
A
security
F
license
A
quality
Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.
Why this server?
This server is based on the Garak vulnerability scanner, specifically designed to identify potential security flaws and data leakage risks within large language model (LLM) applications and integrations, often deployed in web contexts.
Garak-MCP
EdenYavin
A
security
A
license
A
quality
MCP Server For Garak LLM Vulnerability Scanner https://github.com/EdenYavin/Garak-MCP/blob/main/README.md
Last updated -
5
3
MIT License
Why this server?
This server focuses on ethical security testing, offering tools for subdomain enumeration and network analysis, which are critical preparatory steps for penetration testing and discovering exposed assets.
ZAP MCP Server
LisBerndt
-
security
A
license
-
quality
Integrates OWASP ZAP security testing with AI assistants through MCP, enabling automated vulnerability scanning and AI-powered security analysis during development. Supports multiple scan types including active, passive, and AJAX spider scans with real-time status updates.
Last updated -
1
MIT License

WebEvalAgent MCP Serverofficial