MCP Pentest
An automated penetration testing framework that enables intelligent security assessments through reconnaissance, vulnerability scanning, and controlled exploitation. Features AI-driven workflow management with comprehensive reporting for authorized security testing.
README
MCP Pentest - Automated Penetration Testing Framework
MCP (Model Context Protocol) server untuk automated penetration testing yang cerdas. Framework ini dapat secara otomatis melakukan reconnaissance, vulnerability scanning, dan controlled exploitation berdasarkan teknologi target yang terdeteksi.
🚀 Features
🔍 Reconnaissance Tools
- Port Scanning - Comprehensive Nmap integration dengan berbagai scan modes
- Subdomain Enumeration - Certificate transparency logs + DNS bruteforcing
- Technology Detection - Automatic web technology fingerprinting
- Directory Bruteforcing - Intelligent directory and file discovery
🛡️ Vulnerability Assessment
- Nuclei Integration - Automated vulnerability scanning dengan template database
- Nikto Scanning - Web server vulnerability detection
- SQLMap Integration - SQL injection testing
- Custom Web Vulnerability Checks - XSS, Directory Traversal, Command Injection, dll
⚡ Exploitation Modules
- Metasploit Integration - Automatic exploit search dan execution
- Custom Exploit Attempts - Framework-specific exploitation
- Technology-Specific Exploits - Targeted attacks berdasarkan tech stack
- Proof-of-Concept Generation - Automated PoC creation
🤖 Intelligent Workflow Engine
- Adaptive Decision Making - AI-driven next step recommendations
- Risk-Based Prioritization - Smart vulnerability prioritization
- Technology-Aware Testing - Customized testing berdasarkan detected technologies
- Automated Workflow Management - Sequential phase execution dengan dependency handling
📊 Comprehensive Reporting
- Multi-Format Reports - HTML, PDF, JSON, Markdown output
- Executive Summaries - Business-friendly risk assessments
- Technical Details - Detailed vulnerability descriptions dan remediation
- Evidence Collection - Automatic proof collection dan documentation
📋 Prerequisites
Required Tools
Pastikan tools berikut sudah terinstall di sistem:
# Network scanning
sudo apt install nmap
# Web vulnerability scanning
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
# Web server scanning
sudo apt install nikto
# SQL injection testing
sudo apt install sqlmap
# Optional: Metasploit (untuk advanced exploitation)
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
sudo ./msfinstall
Node.js Dependencies
npm install
🛠️ Installation
- Clone repository
git clone <repository-url>
cd mcp-pentest
- Install dependencies
npm install
- Build project
npm run build
- Configure MCP client Tambahkan ke file konfigurasi MCP client Anda:
{
"mcpServers": {
"pentest": {
"command": "node",
"args": ["path/to/mcp-pentest/dist/index.js"],
"env": {}
}
}
}
🎯 Usage Examples
Basic Automated Pentest
// Full scope automated pentest
await mcp.call("auto_pentest", {
target: "example.com",
scope: "full",
intensity: "active"
});
Reconnaissance Only
// Port scanning
await mcp.call("nmap_scan", {
target: "192.168.1.1",
scan_type: "aggressive"
});
// Technology detection
await mcp.call("tech_detection", {
url: "https://example.com"
});
// Subdomain enumeration
await mcp.call("subdomain_enum", {
domain: "example.com"
});
Vulnerability Scanning
// Nuclei scan with specific templates
await mcp.call("nuclei_scan", {
target: "https://example.com",
templates: ["cves", "vulnerabilities"],
severity: "high"
});
// SQL injection testing
await mcp.call("sqlmap_scan", {
url: "https://example.com/login.php",
data: "username=admin&password=test"
});
Exploitation Attempts
// Search for Metasploit modules
await mcp.call("metasploit_search", {
service: "Apache 2.4.41",
platform: "linux"
});
// Attempt exploitation
await mcp.call("exploit_attempt", {
target: "192.168.1.100",
vulnerability: "SQL Injection",
payload: "UNION SELECT"
});
Intelligent Next Steps
// Get AI-powered recommendations
await mcp.call("suggest_next_steps", {
scan_results: JSON.stringify(previousResults)
});
Report Generation
// Generate comprehensive report
await mcp.call("generate_report", {
target: "example.com",
format: "html"
});
🔧 Configuration
Scan Intensity Levels
Passive
- Certificate transparency logs
- DNS enumeration
- Header analysis
- Public information gathering
Active
- Port scanning
- Directory bruteforcing
- Vulnerability scanning
- Service enumeration
Aggressive
- Full port range scanning
- Intensive directory bruteforcing
- Active exploitation attempts
- Comprehensive vulnerability testing
Scope Options
Network
- Port scanning
- Service enumeration
- Network vulnerability assessment
Web
- Web application testing
- Technology fingerprinting
- Web vulnerability scanning
Full
- Comprehensive assessment
- Network + Web testing
- Complete attack surface analysis
🛡️ Security Considerations
Ethical Usage
⚠️ IMPORTANT: Framework ini hanya boleh digunakan untuk:
- Authorized penetration testing
- Security research dengan permission
- Testing terhadap sistem milik sendiri
- Educational purposes
Safety Features
- Rate limiting - Automatic request throttling
- Timeout controls - Prevent long-running scans
- Scope validation - Target validation dan restriction
- Safe exploitation - Controlled dan reversible tests
Legal Compliance
- Pastikan ada written authorization sebelum testing
- Comply dengan local laws dan regulations
- Respect responsible disclosure practices
- Document semua testing activities
📊 Sample Output
Automated Pentest Results
{
"workflow": {
"target": "example.com",
"scope": "full",
"phases": [
{
"name": "reconnaissance",
"status": "completed",
"tools": ["nmap_scan", "subdomain_enum", "tech_detection"]
}
],
"results": {
"reconnaissance": {
"open_ports": [
{"port": 80, "service": "http", "version": "Apache 2.4.41"},
{"port": 443, "service": "https", "version": "Apache 2.4.41"}
],
"technologies": [
{"technology": "WordPress", "version": "5.8", "confidence": 95}
]
},
"vulnerabilities": [
{
"name": "Outdated WordPress",
"severity": "medium",
"description": "WordPress version 5.8 has known vulnerabilities"
}
],
"risk_score": 65,
"threat_level": "medium"
}
}
}
🔄 Workflow Engine
Framework menggunakan intelligent workflow engine yang dapat:
- Analyze scan results - Automatically interpret findings
- Make decisions - Determine next testing steps
- Adapt strategy - Modify approach based on discoveries
- Prioritize actions - Focus on high-impact vulnerabilities
- Generate insights - Provide actionable recommendations
Decision Making Logic
Reconnaissance → Technology Detection → Vulnerability Assessment → Risk Analysis → Exploitation → Reporting
↓ ↓ ↓ ↓ ↓ ↓
Port Discovery → CMS/Framework → Targeted Scanning → Priority Queue → Controlled → Evidence
Subdomain Enum → Version Info → Custom Checks → Risk Scoring → Attempts → Collection
🏗️ Architecture
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ MCP Client │ │ MCP Protocol │ │ Pentest Server │
│ (Claude/etc) │◄──►│ Transport │◄──►│ (Node.js) │
└─────────────────┘ └──────────────────┘ └─────────────────┘
│
┌─────────────────┐
│ Tool Integration │
│ - Nmap │
│ - Nuclei │
│ - Nikto │
│ - SQLMap │
│ - Metasploit │
└─────────────────┘
🤝 Contributing
- Fork repository
- Create feature branch
- Implement changes dengan tests
- Submit pull request
- Follow security best practices
📜 License
MIT License - See LICENSE file for details
⚠️ Disclaimer
Tool ini dibuat untuk tujuan educational dan authorized security testing. User bertanggung jawab untuk memastikan penggunaan yang legal dan ethical. Developer tidak bertanggung jawab atas penyalahgunaan tool ini.
🆘 Support
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.