Back to Home

mcp-pentest

Verified Safe

by baguskto

View Source

Overview

A comprehensive Model Context Protocol (MCP) server for penetration testing with educational guidance, making security testing accessible while providing powerful capabilities.

Installation

Run Command
No command provided

Security Notes

The MCP server explicitly addresses security concerns by implementing an authorization system (token-based), rate limiting, comprehensive input validation to prevent command injection (via `input-validator.ts`), and detailed audit logging. It leverages `command-executor.ts` for safe command execution. However, as a penetration testing tool, it is designed to interact with target systems and execute powerful external binaries (Nmap, Nikto, SQLMap, etc.). Users must adhere strictly to the legal disclaimers and 'AUTHORIZED USE ONLY' warnings, obtaining written permission before testing any target, as misuse can have severe legal consequences.

Similar Servers

mcp-watch

111

A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.

Other
9
$High

pentesting-mcp-servers-checklist

25

Provides a comprehensive checklist for security practitioners to pentest Model Context Protocol (MCP) servers and AI agents.

Other
10
$Low

mcp-security-scanner

18

A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.

8
$Medium

Mcpwn

7

Automated security testing framework for Model Context Protocol (MCP) servers, detecting RCE, path traversal, prompt injection, and protocol vulnerabilities.

Other
9
$Low

Stats

Interest Score0
Security Score9
Cost ClassLow
Avg Tokens150
Stars0
Forks0
Last Update2025-11-16

Tags

penetration testingsecurityweb scanningnetwork scanningmobile analysis