Popular MCP Servers

operant-mcpofficial
Penetration Testing Security Testing & QA Tools
operantlabs
A
security
A
license
-
quality
A comprehensive security testing MCP server providing 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment. It enables automated security audits and technical investigations across web applications, cloud environments, and network captures.
Last updated 2026-04-01
51
149
3
MIT
MCP Server Pentest
Penetration Testing Browser Automation Security
9olidity
A
security
A
license
-
quality
A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.
Last updated 2025-03-24
1
12
561
22
MIT
Beagle Security MCP Serverofficial
Penetration Testing Security Testing & QA Tools
beaglesecurity
A
security
A
license
-
quality
Enables integration with Beagle Security API for managing security testing projects, applications, domain verification, and automated penetration tests. Provides 18 tools for creating, monitoring, and retrieving results from security assessments.
Last updated 2025-07-09
17
MIT
Shodan MCP Server
Security Penetration Testing Remote
Cyreslab-AI
A
security
A
license
-
quality
Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.
Last updated 2025-06-29
23
40
MIT
ThreatByte-MCP
Security Penetration Testing Education & Learning Tools
anotherik
A
security
A
license
-
quality
An intentionally vulnerable case management system designed for security training that provides MCP tools for SOC analyst workflows like case handling and indicator search. It enables users to explore and demonstrate common security weaknesses such as prompt injection, SQL injection, and broken authorization in an MCP-integrated environment.
Last updated 2026-02-13
22
MIT
Shodan MCP Server
Security Search Penetration Testing
GangGreenTemperTatum
A
security
A
license
-
quality
Enables comprehensive security reconnaissance, vulnerability assessment, and threat intelligence gathering by integrating Shodan's API. It provides tools for searching internet-connected devices, performing DNS operations, and querying the Shodan exploit database.
Last updated 2026-01-17
11
Apache 2.0
PentestThinkingMCP
Penetration Testing Autonomous Agents Security
LT7T
A
security
A
license
-
quality
An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.
Last updated 2025-05-27
1
MIT
kali-mcp
Penetration Testing Security Command Line
Hannes221
A
security
A
license
-
quality
Provides an MCP interface to a full Kali Linux environment running in Docker, enabling AI assistants to execute security tools like nmap, sqlmap, and metasploit. It allows users to start/stop the container, run shell commands, and transfer files for security testing and educational purposes.
Last updated 2026-03-23
7
10
3
MIT
DefectDojo MCP Server
Penetration Testing Project Management Remote
jamiesonio
A
security
A
license
-
quality
Provides a Model Context Protocol server implementation that allows AI agents and other MCP clients to programmatically interact with DefectDojo, a vulnerability management tool, for managing findings, products, and engagements.
Last updated 2025-04-01
11
13
MIT
Kali Metasploit MCP Server
Penetration Testing Security Testing & QA Tools
andreransom58-coder
A
security
A
license
-
quality
Enables interaction with Metasploit Framework for authorized security testing, including exploit searches, payload management, network scanning with nmap, and database operations for penetration testing workflows.
Last updated 2025-11-17
9
MIT
OnSecurity MCP Server
Penetration Testing Project Management Security
onsecurity
A
security
A
license
-
quality
OnSecurity MCP Server
Last updated 2025-08-13
5
MIT
VibeDefender MCP Server
Penetration Testing Security Documentation Access
yunusj
A
security
A
license
-
quality
Provides security assessment methodology, tool documentation, and step-by-step workflows to guide AI agents through vulnerability scanning, static analysis, and penetration testing of applications and URLs.
Last updated 2025-12-20
1
MIT
MCP Interactsh Bridge
Penetration Testing Security Testing & QA Tools
tachote
A
security
A
license
-
quality
Enables out-of-band interaction testing by integrating ProjectDiscovery's interactsh service as an MCP server. Allows AI agents to create callback domains, send probes, and capture DNS/HTTP interactions for security testing and verification workflows.
Last updated 2025-10-15
4
27
2
MIT
Adversary MCP Server
Penetration Testing Code Analysis Developer Tools
brettbergin
A
security
A
license
-
quality
A security-focused server that integrates with Cursor IDE to provide real-time vulnerability detection, exploit generation, and security insights during software development.
Last updated 2025-08-26
7
1
MIT
VulneraMCP
Penetration Testing Security Testing & QA Tools
telmon95
A
security
A
license
-
quality
AI-powered bug bounty hunting platform that integrates security tools (OWASP ZAP, Caido, Burp Suite) for automated reconnaissance, vulnerability testing, JavaScript analysis, and finding management with PostgreSQL storage.
Last updated 2025-11-28
47
26
MIT
CyberMCP
API Testing Penetration Testing Security
ricauts
A
security
A
license
-
quality
A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
Last updated 2025-05-28
14
15
MIT
Pentest MCP
Penetration Testing Security Local
DMontgomery40
A
security
A
license
-
quality
A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.
Last updated 2026-03-23
9
82
130
MIT
osint-mcp-server
Security Search Penetration Testing
badchars
A
security
A
license
-
quality
Provides AI agents with 37 OSINT tools and 12 data sources to perform unified reconnaissance, domain analysis, and attack surface mapping. It enables agents to query, correlate, and reason across platforms like Shodan, VirusTotal, and Censys in parallel.
Last updated 2026-03-17
37
44
10
MIT
frida-mcp
Penetration Testing Security Local
cbxss
A
security
A
license
-
quality
An MCP server that enables AI-assisted mobile security testing by exposing Frida functionality for Android application research. It provides tools for hooking Java methods, manipulating memory, managing device processes, and executing custom Frida scripts.
Last updated 2026-01-24
37
8
MIT
BLT-MCP
Security Testing & QA Tools Penetration Testing
OWASP-BLT
A
security
A
license
-
quality
Provides AI agents with structured access to the OWASP Bug Logging Tool (BLT) ecosystem for logging bugs, triaging issues, and managing security workflows. It enables actions like submitting vulnerabilities, tracking contributor leaderboards, and awarding gamified bacon points through a unified interface.
Last updated 2026-03-28
4
9
AGPL 3.0
Burpsuite MCP Server
Security Penetration Testing Developer Tools
Cyreslab-AI
A
security
A
license
-
quality
Burpsuite MCP Server
Last updated 2025-05-15
5
6
MIT
BloodHound MCP Server
Security Penetration Testing Databases
mwnickerson
A
security
A
license
-
quality
Enables security professionals to query and analyze Active Directory attack paths from BloodHound Community Edition data using natural language through Claude Desktop's Model Context Protocol interface.
Last updated 2026-03-25
79
74
GPL 3.0
TurboPentest
Penetration Testing Security Testing & QA Tools
integsec
A
security
A
license
-
quality
MCP server for TurboPentest — run AI-powered penetration tests and review findings from your coding assistant.
Last updated 2026-03-28
8
19
MIT
PentestMCP
Penetration Testing Security Command Line
YoussefSahnoun
A
security
A
license
-
quality
Enables LLMs to perform Active Directory penetration testing using tools like NetExec, Bloodhound, Nmap, Certipy, and John the Ripper. Automates vulnerability discovery, attack path analysis, and documentation generation for security assessments.
Last updated 2025-11-11
26
5
MIT
OSINT MCP Server
Security Penetration Testing Remote
Krisparenthetic284
-
security
A
license
-
quality
A comprehensive reconnaissance toolset that provides AI agents with 37 tools across 12 data sources like Shodan and VirusTotal for automated intelligence gathering. It enables agents to perform domain reconnaissance, attack surface mapping, and cross-platform data correlation within a single conversational interface.
Last updated 2026-04-12
44
1
MIT
Burp Suite MCP Server
Penetration Testing Security API Testing
jayluxferro
A
security
F
license
-
quality
Exposes Burp Suite's REST API to AI assistants, enabling users to trigger vulnerability scans, monitor progress, and manage security tasks through natural language. It also provides programmatic access to Burp's security knowledge base for querying vulnerability definitions and remediation advice.
Last updated 2026-03-30
8
1
Nmap MCP Server
Security Penetration Testing Hybrid
flagify-com
-
security
A
license
-
quality
Enables network security scanning using Nmap through MCP protocol. Supports quick port scans, full port scans with service detection, and custom Nmap commands with async task management.
Last updated 2025-12-11
2
MIT
Bug Bounty MCP Server
Penetration Testing Security App Automation
SlanyCukr
A
security
F
license
-
quality
Enables AI agents to generate and manage specialized bug bounty hunting workflows including reconnaissance, vulnerability testing, OSINT gathering, and file upload testing. Provides REST API endpoints for comprehensive security assessments with intelligence-driven vulnerability prioritization.
Last updated 2025-09-22
40
2
ProjectDiscovery MCP Server
Penetration Testing Security Testing & QA Tools
intelligent-ears
A
security
F
license
-
quality
Integrates ProjectDiscovery security tools to perform automated reconnaissance, subdomain discovery, and vulnerability scanning. It enables comprehensive bug hunting workflows by chaining tools like subfinder, naabu, and nuclei into a unified pipeline.
Last updated 2025-12-06
7
2
HydraΜCP
Security Penetration Testing Hybrid
HappyHackingSpace
-
security
A
license
-
quality
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Last updated 2025-06-13
11
MIT
MCP Kali Server
Penetration Testing Command Line Security
foxibu
-
security
A
license
-
quality
Connects MCP clients to a Kali Linux terminal API, enabling AI-assisted penetration testing, CTF challenge solving, and automated security reconnaissance through command execution.
Last updated 2025-11-17
1
MIT
Shodan MCP Server
Penetration Testing Observability Security
bonetrees
-
security
A
license
-
quality
Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.
Last updated 2025-07-15
1
MIT
MCPPentestBOT
Penetration Testing Security Testing & QA Tools
kannanprabu
-
security
A
license
-
quality
Enables AI assistants to perform authorized security testing and penetration testing operations including SSL/TLS analysis, port scanning, vulnerability scanning, and HTTP security header audits through natural language interactions.
Last updated 2025-11-12
1
MIT
Kali MCP Server
Penetration Testing Security Command Line
azza39925
A
security
F
license
-
quality
Enables AI assistants to perform authorized penetration testing and security assessments by exposing 20+ Kali Linux security tools (nmap, sqlmap, gobuster, hydra, etc.) through a safe, validated interface with command allowlists, rate limiting, and input sanitization.
Last updated 2025-11-29
19
Kali Security MCP
Penetration Testing Autonomous Agents Security
SeaC-25
-
security
A
license
-
quality
Integrates 193 Kali Linux security tools with AI for intelligent penetration testing, CTF solving, and vulnerability assessment through automated workflows and expert knowledge base.
Last updated 2026-03-27
33
MIT
MCP Shamash
Security Penetration Testing Testing & QA Tools
NeoTecDigital
A
security
F
license
-
quality
Enables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.
Last updated 2026-02-28
7
fluidattacks-mcpofficial
Security Penetration Testing Testing & QA Tools
fluidattacks
-
security
F
license
-
quality
fluidattacks-mcp
Last updated 2025-05-02
middleBrick
API Testing Penetration Testing Security
middleBrick
-
security
A
license
-
quality
Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.
Last updated 2026-04-03
4
Apache 2.0
HackerMCP
Security Penetration Testing Local
R3verseIN
-
security
A
license
-
quality
A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.
Last updated 2025-09-25
4
GPL 3.0
Vibehacker Metasploit MCP
Penetration Testing Autonomous Agents Security
foolsec
-
security
A
license
-
quality
A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.
Last updated 2025-03-30
14
Apache 2.0
MCP Port Scanner
Security Penetration Testing Hybrid
relaxcloud-cn
-
security
A
license
-
quality
An intelligent layered port scanning service based on MCP protocol, designed for AI assistants and development tools to perform network security analysis with real-time feedback.
Last updated 2025-07-25
3
MIT
BloodyAD MCP
Security Penetration Testing OS Automation
dcollaoa
-
security
A
license
-
quality
Enables Active Directory enumeration and abuse operations through the bloodyAD tool. Supports LDAP queries, user/group management, DNS operations, and security testing directly from AI assistants.
Last updated 2025-09-27
16
MIT
Kali MCP Server
Penetration Testing Security Command Line
letchupkt
-
security
A
license
-
quality
Enables AI assistants to execute penetration testing commands and security tools on Kali Linux remotely. Supports automated reconnaissance, vulnerability scanning, and CTF solving through integration with 25+ offensive security tools like nmap, gobuster, and nuclei.
Last updated 2025-11-09
16
MIT
mcp-dnstwist
Security Penetration Testing Web Scraping
BurtTheCoder
-
security
A
license
-
quality
A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.
Last updated 2025-03-03
83
47
MIT
CTF MCP Server
Penetration Testing Security Command Line
zemi-gh
-
security
A
license
-
quality
Exposes common CTF and cybersecurity tools (crypto, forensics, malware analysis, steganography, reverse engineering, pwn, OSINT) so LLMs can help solve capture-the-flag challenges in a controlled lab environment.
Last updated 2025-11-29
MIT
Kali Linux MCP Server
Penetration Testing Command Line Shell Access
sfz009900
A
security
F
license
-
quality
A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
Last updated 2025-09-14
5
53
Reports MCP Server
Penetration Testing Security API Testing
izzy0101010101
A
security
F
license
-
quality
Enables management of penetration testing reports and vulnerabilities through a REST API, supporting CVSS 3.1 scoring, HTML formatting, and secure JWT authentication for comprehensive security assessment documentation.
Last updated 2025-08-31
9
3
Endevor-MCP
Developer Tools Penetration Testing Version Control
gglessner
-
security
A
license
-
quality
A Model Context Protocol server providing 43 tools for Broadcom Endevor SCM interaction, enabling inventory browsing, element lifecycle management, and package workflows. It is designed for AI-driven mainframe operations and surgical, source-informed penetration testing of CICS applications.
Last updated 2026-02-18
GPL 3.0
ZAP MCP Server
Penetration Testing Testing & QA Tools Security
LisBerndt
-
security
A
license
-
quality
Integrates OWASP ZAP security testing with AI assistants through MCP, enabling automated vulnerability scanning and AI-powered security analysis during development. Supports multiple scan types including active, passive, and AJAX spider scans with real-time status updates.
Last updated 2025-12-22
5
MIT
MCP-PST-Server
Penetration Testing Command Line Security
arch3rPro
-
security
A
license
-
quality
Enables AI-assisted penetration testing by connecting MCP clients to a Windows API server for executing penetration testing tools like nmap, ffuf, nuclei, and other security tools. Allows AI agents to perform automated security assessments, solve CTF challenges, and assist with ethical hacking tasks through natural language commands.
Last updated 2026-01-11
10
MIT

Popular MCP Servers

operant-mcpofficial

Beagle Security MCP Serverofficial

fluidattacks-mcpofficial