Cracken
AI-powered penetration testing framework that can operate as an MCP server, enabling automated security assessments through natural language commands.
README
<div align="center">
Cracken π¦
AI-Powered Penetration Testing Framework
Cracken β automated penetration testing powered by AI.
Built on LiteLLM, supporting any provider. Run locally, inside Docker, or as an MCP server for Claude Desktop, Cursor, n8n, and more.
</div>
Features
| Feature | Details |
|---|---|
| π€ Multi-Agent Modes | 4 modes: Assist (single-shot), Agent (autonomous loop), Crew (orchestrator + workers), Interact (guided chat) |
| π MCP Server | Expose as MCP server (STDIO / SSE) β integrate with Claude Desktop, Cursor, n8n, custom clients |
| π§ Report Generator | Auto-generate penetration test reports in Markdown or HTML from findings and session logs |
| π³ Docker Ready | Pre-built Ubuntu and Kali Linux images β docker compose run and you're in |
| π Security First | Scope validation, command injection guards, API key leak prevention built-in |
| π§© Extensible Tools | Self-registering tool system β drop a new tool in tools/<name>/ and it's available |
| π Playbooks | THP3 methodology playbooks for recon, network, and web application testing |
| π RAG Engine | Optional FAISS + sentence-transformers for semantic knowledge retrieval from local docs |
| β‘ Async Architecture | Full async/await β concurrent tool execution, non-blocking agent loops |
Quick Start
# Clone
git clone https://github.com/keyreyla/cracken.git
cd cracken
# Auto setup
./scripts/setup.sh # Linux/macOS
.\scripts\setup.ps1 # Windows
# Or manual
python -m venv venv
source venv/bin/activate
pip install -e ".[all]"
playwright install chromium
Configuration
Create a .env file (or use cracken login for interactive setup):
ANTHROPIC_API_KEY=sk-ant-...
CRACKEN_MODEL=claude-sonnet-4-20250514
# Optional
OPENAI_API_KEY=sk-... # OpenAI provider
GEMINI_API_KEY=... # Google Gemini
TAVILY_API_KEY=... # Web search tool
Config is loaded from ~/.cracken/env (global) > CWD/.env (project) > package root .env.
# Interactive setup β configures provider, model, API keys
cracken login
Usage
cracken # Launch TUI
cracken -t 192.168.1.1 # TUI with target pre-set
cracken tui --docker # Run inside Docker sandbox
cracken run -t target.com --playbook thp3_web # Headless mode
TUI Commands
| Command | Description |
|---|---|
/assist <task> |
Single instruction + tool execution, returns immediately |
/agent <task> |
Autonomous agent loop: think β tool β observe β repeat |
/crew <task> |
Multi-agent orchestration with specialist workers |
/interact <task> |
Guided interactive chat β you stay in control |
/report |
Generate narrative LLM report |
/report md |
Fast Markdown report |
/report html |
Fast HTML report with dark theme |
/notes |
View saved findings |
/target <host> |
Set assessment target |
/tools |
List available tools |
/spawn <target> |
Spawn a child MCP agent |
/workspace <name> |
Manage workspaces |
/mcp <cmd> |
Add, list, or manage MCP servers |
Report Generator
Reports are generated from:
- Notes β findings saved during assessment (
loot/notes.json) - Session logs β all tool calls, outputs, and agent reasoning
- Structured metadata β targets, ports, CVEs, credentials, services
# In TUI
/report md β Markdown
/report html β HTML with dark theme
# Headless
cracken run -t target.com --task "full scan" --report auto
# β loot/reports/<target>_<timestamp>.md
# Via MCP (from any client)
generate_report fmt="html"
Docker
# Ubuntu base image
docker compose run --rm cracken
# Kali Linux (Metasploit, SQLMap, Hydra, etc.)
docker compose --profile kali run --rm cracken-kali
Images: ghcr.io/keyreyla/cracken:latest / :kali
MCP Server
Cracken can operate as an MCP server β integrate into any MCP-compatible client.
STDIO (local clients)
cracken mcp_server --type stdio
SSE (network clients)
cracken mcp_server --type sse --host 0.0.0.0 --port 8080
Claude Desktop Configuration
{
"mcpServers": {
"cracken": {
"command": "cracken",
"args": ["mcp_server", "--type", "stdio"]
}
}
}
Exposed MCP Tools
| Category | Tools |
|---|---|
| Status / Config | get_server_status, get_config, update_config |
| Task Execution | run_task (sync), run_task_async (returns task ID) |
| Task Inspection | list_tasks, get_task_status, get_task_result, await_tasks |
| Task Control | cancel_task |
| Tool Management | list_tools, enable_tool, disable_tool |
| Conversation | get_conversation_history, reset_conversation |
| Memory | store_memory, retrieve_memory, clear_memory |
| Observability | get_logs, get_metrics, generate_report |
Async Task Pattern
run_task_async task="Enumerate subdomains of example.com"
run_task_async task="Run nmap SYN scan on example.com"
await_tasks task_ids=["<id1>", "<id2>"] timeout_seconds=300
get_task_result task_id="<id1>"
CLI Reference
cracken [COMMAND] [OPTIONS]
Commands:
tui Launch TUI (interactive mode)
run Headless mode with task or playbook
login Interactive provider setup
mcp Manage MCP server connections
mcp_server Expose Cracken as an MCP server (stdio/sse)
tools List, call, or inspect tools
workspace Workspace lifecycle commands
target Add or list targets
Global Flags:
-t, --target Assessment target (IP/hostname/URL)
-m, --model LLM model override
-d, --docker Use Docker sandbox for tool execution
-v, --version Show version
Development
pip install -e ".[dev]"
pytest # 625+ tests
pytest --cov=cracken # coverage report
black cracken && ruff check cracken # format & lint
See CONTRIBUTING.md for detailed guidelines.
Project Structure
cracken/
agents/ β Agent implementations (single, crew, shadow graph)
crew/ β Multi-agent orchestrator, worker pool
pa_agent/ β Single autonomous agent
prompts/ β Jinja2 prompt templates
config/ β Settings, constants, 9Router client
interface/ β TUI (Textual), CLI (Typer), login, reporter
knowledge/ β FAISS RAG engine, indexer, shadow knowledge graph
llm/ β LiteLLM wrapper, conversation memory
mcp/ β MCP client manager, server transports
playbooks/ β THP3 methodology playbooks
runtime/ β Local and Docker tool execution
tools/ β Built-in tools registry
workspaces/ β Workspace isolation and lifecycle
loot/ β Persisted findings (git-ignored)
mcp_examples/ β Example MCP configurations
tests/ β Pytest suite (625+ tests)
Architecture Overview
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β User Interface β
β ββββββββββββ ββββββββββββ βββββββββββββββββββββ β
β β TUI β β CLI β β MCP Client (3rd) β β
β β (Textual)β β (Typer) β β Claude/Cursor/n8n β β
β ββββββ¬ββββββ ββββββ¬ββββββ ββββββββββ¬βββββββββββ β
β βββββββββββββββΌββββββββββββββββββ β
β βΌ β
β ββββββββββββββββ β
β β Agent Core β β
β β (Base/PaAgentβ β
β β /Crew) β β
β ββββββββ¬ββββββββ β
β βΌ β
β ββββββββββββ ββββββββββββ βββββββββββββββββββββ β
β β LLM β β Runtime β β Tool Registry β β
β β(LiteLLM) β β(Local/ β β (Self-registering)β β
β β β β Docker) β β β β
β ββββββββββββ ββββββββββββ βββββββββββββββββββββ β
β ββββββββββββ ββββββββββββ βββββββββββββββββββββ β
β β RAG β β MCP β β Workspace/Notes β β
β β (FAISS) β β Server β β Persistence β β
β ββββββββββββ ββββββββββββ βββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
FAQ
Q: Does Cracken require a GPU?
A: No. The RAG engine (optional) benefits from a GPU for embedding generation, but the core agent works on CPU.
Q: Can I use Cracken with Ollama/local models?
A: Yes β LiteLLM supports Ollama. Set OLLAMA_BASE_URL in .env and use model prefix ollama/.
Q: How is this different from other AI pentest tools?
A: Cracken combines multi-agent orchestration, MCP server capability, and full autonomy in a single package β it works both as a standalone TUI and as a drop-in agent for any MCP client.
Q: Can I use Cracken headless/CI?
A: Yes β cracken run accepts a task and produces reports. Use --report auto to save results without a TTY.
Legal
Only use against systems you have explicit written authorization to test.
Unauthorized access is illegal. See SECURITY.md for our disclosure policy.
License
MIT β Copyright (c) 2025 Masic, 2026 keyreyla.
See LICENSE.txt for full text.
This project is a fork of PentestAgent β the original AI penetration testing framework by Masic. Rebranded and enhanced by keyreyla.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.