Pentest-mcp
Verified Safeby d01ki
Overview
Unified penetration testing toolkit for authorized systems, integrated with Claude Desktop.
Installation
docker run --rm -i pentest-mcpEnvironment Variables
- OPENAI_API_KEY
- LOG_LEVEL
Security Notes
The server implements robust command sanitization (using `shlex.quote` and dangerous character checks), human-in-the-loop approval for destructive operations, and masking of sensitive data in logs. It explicitly warns users against unauthorized use and emphasizes Docker isolation for security. The core functionality involves inherently risky penetration testing actions (e.g., SSH brute force, SQL injection tests), so proper authorization and strict ethical considerations are paramount for the user to avoid misuse. The Playwright integration also introduces potential browser-based risks if not used carefully.
Similar Servers
claude-code-mcp
Acts as an MCP server to enable LLMs to run Claude Code CLI in one-shot mode, bypassing permissions for complex coding, file system, Git, and terminal operations.
miyabi-mcp-bundle
An all-in-one MCP server providing a vast array of development, monitoring, and automation tools, enabling Claude Desktop and AI agents to perform complex software development, operations, and analysis tasks efficiently and securely.
advanced-bugbounty-mcp
An AI-powered bug bounty hunting platform integrated with Claude via the Model Context Protocol (MCP) for advanced reconnaissance, vulnerability scanning, and asset discovery.
claude-agent-mcp-skills
Assists with analyzing and applying code migrations between different frameworks and their versions.