Skip to main content
Glama
enesjakozh

Pentest Tools MCP Server

by ch1nhpd
GitHub
Python
4
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

渗透测试工具 MCP 服务器

用于渗透测试工具的 MCP(模型上下文协议)服务器,旨在与各种 LLM 客户端(如 Claude Desktop、Roo Code 和其他兼容的 MCP 客户端)协同工作。

特征

  • 全面的渗透测试工具:

    • 目录扫描(FFuf、Dirsearch)

    • 漏洞扫描(Nuclei、XSStrike)

    • API 测试

    • 侦察

    • 还有更多...

  • 来自 SecLists 的预配置单词列表

  • 自动生成报告

  • Claude 桌面集成

先决条件

  • Docker 和 Docker Compose(用于容器化设置)

  • Claude Desktop 应用程序或其他 MCP 兼容客户端

  • Python 3.10+ 和 uv(用于本地设置)

目录设置

  1. 创建所需的目录:

# Create directories mkdir -p reports templates wordlists

  1. 目录结构应如下所示:

pentest-tools/ ├── reports/ # For storing scan reports ├── templates/ # For report templates ├── wordlists/ # For custom wordlists ├── pentest-tools-mcp-server.py ├── config.json ├── requirements.txt ├── docker-compose.yml └── Dockerfile

设置

Docker 设置(推荐)

  1. 构建并启动容器:

docker-compose up -d --build

  1. 验证容器正在运行:

docker-compose ps

  1. 如果需要的话检查日志:

docker-compose logs -f

本地设置

  1. 安装依赖项:

uv venv source .venv/bin/activate # On Windows: .venv\Scripts\activate uv pip install -r requirements.txt

  1. 安装所需的系统工具(以 Ubuntu/Debian 为例):

sudo apt-get install nmap whatweb dnsrecon theharvester ffuf dirsearch sqlmap

Claude 桌面集成

  1. 配置Claude桌面:

视窗:

%APPDATA%\Claude\claude_desktop_config.json

MacOS/Linux:

~/Library/Application Support/Claude/claude_desktop_config.json

  1. 添加服务器配置:

对于 Docker 设置:

{ "mcpServers": { "pentest-tools": { "command": "docker-compose", "args": [ "run", "--rm", "pentest-tools", "python3", "pentest-tools-mcp-server.py" ], "cwd": "\\Path\\to\\pentest-tools" } } }

如果上述配置在 Windows 上不起作用,请尝试以下替代方法:

{ "mcpServers": { "pentest-tools": { "command": "cmd", "args": [ "/c", "cd /d \\path\\to\\pentest-tools && docker-compose run --rm pentest-tools python3 pentest-tools-mcp-server.py" ] } } }

关于cwd (当前工作目录) 的说明:

  • cwd告诉 Claude Desktop 从哪个目录运行命令

  • 它必须是包含docker-compose.yml的目录的绝对路径

  • 在 Windows 上,在路径中使用双反斜杠 ( \\ )

  • 在 Linux/MacOS 上,使用正斜杠 ( / )

  1. 重启Claude桌面

用法

Claude Desktop 中可用的命令:

  1. 侦察:

/recon example.com

  1. 目录扫描:

/scan example.com --type directory

  1. 漏洞扫描:

/scan example.com --type full /scan example.com --type xss /scan example.com --type sqli /scan example.com --type ssrf

  1. API 测试:

/scan api.example.com --type api

自然语言命令:

  • “对 example.com 运行全面的安全扫描”

  • “检查 example.com 上的 XSS 漏洞”

  • “对 example.com 进行侦察”

目录结构详细信息

pentest-tools/ ├── reports/ # Scan reports directory │ ├── recon/ # Reconnaissance reports │ ├── vulns/ # Vulnerability scan reports │ └── api/ # API testing reports ├── templates/ # Report templates │ ├── recon.html # Template for recon reports │ ├── vuln.html # Template for vulnerability reports │ └── api.html # Template for API test reports ├── wordlists/ # Custom wordlists │ ├── SecLists/ # Cloned from SecLists repo │ ├── custom/ # Your custom wordlists │ └── generated/ # Tool-generated wordlists ├── pentest-tools-mcp-server.py # Main MCP server ├── config.json # Tool configuration ├── requirements.txt # Python dependencies ├── docker-compose.yml # Docker configuration └── Dockerfile # Container definition

安全说明

  • 始终确保您有扫描目标的权限

  • 保持工具和依赖项更新

  • 仔细检查扫描结果

  • 遵循负责任的披露实践

This server cannot be installed

-
security - not tested
F
license - not found
-
quality - not tested

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

集成各种渗透测试工具的 MCP 服务器,使安全专业人员能够在兼容的 LLM 客户端(如 Claude Desktop)中通过自然语言命令执行侦察、漏洞扫描和 API 测试。

  1. 特征
    1. 先决条件
      1. 目录设置
        1. 设置
          1. Docker 设置(推荐)
          2. 本地设置
        2. Claude 桌面集成
          1. 用法
            1. 目录结构详细信息
              1. 安全说明

                Related MCP Servers

                • mcp-browser-use

                  vinayak-mehta
                  -
                  security
                  A
                  license
                  -
                  quality
                  An MCP server that connects any MCP client (like Claude or Cursor) with the browser using browser-use, allowing clients to utilize existing LLMs without requiring additional API keys.
                  Last updated -
                  74
                  Apache 2.0

                • Claude-LMStudio Bridge

                  infinitimeless
                  -
                  security
                  F
                  license
                  -
                  quality
                  An MCP server that allows Claude to interact with local LLMs running in LM Studio, providing access to list models, generate text, and use chat completions through local models.
                  Last updated -
                  10

                • MalwareAnalyzerMCP

                  abdessamad-elamrani
                  A
                  security
                  F
                  license
                  A
                  quality
                  A specialized MCP server for Claude Desktop that allows executing terminal commands for malware analysis with support for common analysis tools like file, strings, hexdump, objdump, and xxd.
                  Last updated -
                  7
                  3

                • MCP HTTP Requests

                  godzeo
                  A
                  security
                  A
                  license
                  A
                  quality
                  A comprehensive HTTP client MCP server for security testing, API testing, and web automation that provides full-featured HTTP tools with detailed logging capabilities.
                  Last updated -
                  8
                  3
                  MIT License

                View all related MCP servers

                Appeared in Searches

                New MCP Servers

                MCP directory API

                We provide all the information about MCP servers via our MCP API.

                curl -X GET 'https://glama.ai/api/mcp/v1/servers/ch1nhpd/Pentest-Tools-MCP-Server'

                If you have feedback or need assistance with the MCP directory API, please join our Discord server