MCP-PST

MCP-PST acts as a bridge that lets MCP clients, such as Claude Desktop or Cherry Studio, send commands to a Windows-based API server. The PST API server executes a variety of penetration testing tools and Windows terminal commands on demand, returning structured outputs suitable for AI-driven workflows. You can connect via multiple transport modes (stdio, SSE, or HTTP) and issue commands that range from port scans with nmap to web-content interaction with curl or gobuster. This setup enables AI agents to perform offensive security tasks, retrieve results, and chain actions in automated scenarios.

To use it, configure an MCP client to point to the MCP server (either through stdio or HTTP mode). In the examples, two MCP client configurations are shown: one for Claude Desktop and one for Cherry Studio. Once configured, you can send tool invocations (e.g., /api/tools/nmap with a JSON body) or high-level commands through the MCP bridge, and the server will execute them on the Windows host and return the outputs for AI processing.

Prerequisites:

• A Windows machine (target) with network access to the MCP host running PST server components
• Python 3.x installed on the Windows machine
• Git installed (for cloning the repository)
• Basic familiarity with running Python scripts and editing JSON config files

Installation steps:

1. Clone the repository on the Windows machine acting as the PST server: git clone https://github.com/arch3rPro/MCP-PST-Server.git cd MCP-PST-Server
2. Install Python dependencies: pip install -r requirements.txt
3. Start the PST API server (Windows host): python3 pst_server.py
4. On each MCP client, create a configuration to point at the PST API server. Example configurations are provided in the README for Claude Desktop and Cherry Studio. For Claude Desktop, the mcpServers entry might look like: { "mcpServers": { "pst_mcp": { "command": "python3", "args": [ "/absolute/path/to/mcp_server.py", "--server", "http://WINDOWS_IP:5100/" ] } } }
5. If using Cherry Studio, configure the PST-MCP entry similarly, ensuring the server URL matches your PST API server.
6. Verify the PST API health endpoint is responsive: http GET http://localhost:5100/health

Optional: Install and configure penetration testing tools via Scoop and PST-Bucket as described in the README to populate the Windows environment with the required tooling.

Tips and common issues:

• Ensure the PST API server (pst_server.py) is reachable from the MCP clients. Use the correct host/port in the client configuration.
• If you encounter timeouts, adjust the timeout values in both pst_server.py and mcp_server.py to suit your network latency.
• The server supports multiple transports (stdio, SSE, HTTP). Choose the mode that best fits your MCP client capabilities.
• For Windows tool availability, follow the README’s guidance on installing nmap, gobuster, etc., via Scoop and PST-Bucket. Tools not installed locally will fail when invoked.
• When using HTTP transport, ensure proper authentication/authorization if exposing the MCP bridge on a network-accessible URL.
• Use the health endpoint to monitor the status of the PST API server.
• Logging and debugging can help diagnose command execution failures; enable --debug on the MCP server if troubleshooting.
• If integrating with AI models, structure the command payloads to match the API endpoints under /api/tools/<tool> and /api/command.