"Penetration Testing" matching MCP servers:

• Professional Penetration

  AnGrY-Althaf

  F

  license

  -

  quality

  D

  maintenance

  Provides access to over 40 industry-standard penetration testing tools, including Nmap, SQLMap, and Metasploit, within an isolated Kali Linux Docker container. It enables security professionals to perform comprehensive network reconnaissance, web application testing, and vulnerability research through natural language commands.

  Last updated 2026-03-02

• APVISO MCP Server

  Apviso

  A

  license

  A

  quality

  A

  maintenance

  Enables interaction with the APVISO AI-powered penetration testing platform to manage targets, initiate scans, and retrieve vulnerability findings. It allows developers to integrate security testing workflows directly into MCP-compatible tools like Claude Code and Cursor.

  Last updated 2026-04-01

  18

  8

  MIT

• act-testing-mcp

  GarthDB

  A

  license

  A

  quality

  C

  maintenance

  MCP server for testing GitHub Actions workflows locally using nektos/act.

  Last updated 2025-09-01

  4

  24

  Apache 2.0
• 

  operant-mcpofficial

  operantlabs

  A

  license

  A

  quality

  B

  maintenance

  A comprehensive security testing MCP server providing 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment. It enables automated security audits and technical investigations across web applications, cloud environments, and network captures.

  Last updated 2026-04-01

  51

  21

  8

  MIT

• API Testing MCP

  cocaxcode

  A

  license

  A

  quality

  C

  maintenance

  A lightweight, local-first MCP server for executing HTTP requests and managing API collections and environments without cloud dependencies. It enables testing APIs, handling authentication, and importing OpenAPI specifications directly within MCP-compatible workflows.

  Last updated 2026-05-02

  42

  84

  2

  MIT

• Kali Linux MCP Server

  sfz009900

  F

  license

  A

  quality

  D

  maintenance

  A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.

  Last updated 2025-09-14

  5

  55

• Reports MCP Server

  izzy0101010101

  F

  license

  A

  quality

  -

  maintenance

  Enables management of penetration testing reports and vulnerabilities through a REST API, supporting CVSS 3.1 scoring, HTML formatting, and secure JWT authentication for comprehensive security assessment documentation.

  Last updated 2025-08-31

  9

  3

• Kali Metasploit MCP Server

  andreransom58-coder

  A

  license

  B

  quality

  D

  maintenance

  Enables interaction with Metasploit Framework for authorized security testing, including exploit searches, payload management, network scanning with nmap, and database operations for penetration testing workflows.

  Last updated 2025-11-17

  9

  MIT

• MCP Server Pentest

  9olidity

  A

  license

  B

  quality

  F

  maintenance

  A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

  Last updated 2025-03-24

  12

  302

  22

  MIT

• MCP Pentest

  adriyansyah-mf

  A

  license

  C

  quality

  D

  maintenance

  An automated penetration testing framework that enables intelligent security assessments through reconnaissance, vulnerability scanning, and controlled exploitation. Features AI-driven workflow management with comprehensive reporting for authorized security testing.

  Last updated 2025-09-28

  27

  14

  6

  BSD 3-Clause

• Kali MCP Server

  Vasanthadithya-mundrathi

  F

  license

  C

  quality

  D

  maintenance

  Provides access to 20+ Kali Linux penetration testing tools through isolated Docker containers, enabling network scanning, vulnerability assessment, password cracking, web security testing, and forensics through natural language commands.

  Last updated 2025-12-04

  2

  26

  3

• MCP Frontend Testing Server

  StudentOfJS

  A

  license

  D

  quality

  D

  maintenance

  Provides tools for frontend testing including code analysis, test generation, test execution, and React component testing for Jest and Cypress frameworks.

  Last updated 2025-04-24

  4

  26

  MIT
• 

  Testing Farm MCP Serverofficial

  testing-farm

  A

  license

  -

  quality

  D

  maintenance

  Enables submitting FMF-based test requests to Testing Farm and listing available OS composes for testing.

  Last updated 2025-11-10

  1

  Apache 2.0

• VibeDefender MCP Server

  yunusj

  A

  license

  -

  quality

  D

  maintenance

  Provides security assessment methodology, tool documentation, and step-by-step workflows to guide AI agents through vulnerability scanning, static analysis, and penetration testing of applications and URLs.

  Last updated 2025-12-20

  1

  MIT

• Tengu

  rfunix

  A

  license

  -

  quality

  D

  maintenance

  Turns Claude into a penetration testing copilot with 80 security tools, safety controls, and automatic reporting.

  Last updated 2026-04-13

  46

  MIT

• Vibe Testing

  AishwaryShrivastav

  A

  license

  -

  quality

  D

  maintenance

  Code-aware browser testing agent — reads your codebase, understands functionality, tests every element, reports with screenshots. Works as MCP server for Cursor/Claude Code or standalone CLI.

  Last updated 2026-05-27

  187

  3

  MIT

• mcpstrike

  ente0

  A

  license

  -

  quality

  B

  maintenance

  MCP server that connects an LLM via Ollama to security tools for autonomous or guided penetration testing from a terminal interface.

  Last updated 2026-05-11

  8

  GPL 3.0

• Kali Linux MCP Server

  pellax

  A

  license

  -

  quality

  D

  maintenance

  Provides secure access to Kali Linux security tools through a dockerized environment for authorized penetration testing and defensive security. Enables network scanning, web application testing, system enumeration, and credential testing with built-in input sanitization and network restrictions.

  Last updated 2025-09-23

  MIT

• MCPPentestBOT

  kannanprabu

  A

  license

  -

  quality

  D

  maintenance

  Enables AI assistants to perform authorized security testing and penetration testing operations including SSL/TLS analysis, port scanning, vulnerability scanning, and HTTP security header audits through natural language interactions.

  Last updated 2025-11-12

  1

  MIT

• BugBounty MCP Server

  gokulapap

  A

  license

  -

  quality

  D

  maintenance

  Enables comprehensive security testing and penetration testing through natural language conversations with 92+ tools for reconnaissance, vulnerability assessment, web application testing, OSINT, and reporting. Designed for authorized bug bounty hunting and security assessments.

  Last updated 2025-09-13

  33

  MIT