pentest

This MCP server provides a professional penetration-testing automation surface with a rich set of tools and reporting capabilities. It introduces a collection of automated discovery, exploitation, and reporting tools such as subdomain enumeration (subfinderEnum), HTTP probing (httpxProbe), content fuzzing (ffufScan), vulnerability discovery (nucleiScan), credential and password testing (hydraBruteforce, runHashcat, runJohnTheRipper), and sensitive data extraction (extractionSweep). The server is designed to run over modern transport channels via streamable HTTP with optional OIDC-based bearer authentication. You can launch the bundled MCP Inspector for debugging and inspection, or run the server directly in stdio for local development. Tools are invoked by sending structured tool commands, typically JSON payloads, specifying the tool name and arguments, for example to enumerate subdomains or scan with nuclei. The server also supports report generation workflows with SoW (Scope of Work) capture, where you can initiate a client report, provide the scope either interactively, by pasting the SoW, or by using a template, and then attach or reference the engagement records as needed.

Prerequisites:

• Node.js v22.7.5+ (recommended runtime baseline)
• npm (bundled with Node.js)
• Optional: Docker if you prefer Docker-based deployment

Installation steps:

1. Install the MCP package globally: npm install -g pentest-mcp

2. Verify installation by listing available commands (optional): pentest-mcp --help

3. Run locally (stdio): pentest-mcp

4. Run the bundled Inspector (optional): pentest-mcp inspector You can pass inspector flags directly, e.g.: pentest-mcp inspector --help

5. Run over the network using the streamable HTTP transport (example): MCP_TRANSPORT=http MCP_SERVER_HOST=0.0.0.0 MCP_SERVER_PORT=8000 pentest-mcp

6. If you prefer Docker, you can use Docker Compose with profiles (http/stdio/sse): docker-compose --profile http up docker-compose --profile stdio up docker-compose --profile sse up

Prerequisites summary:

• Node.js 22.7.5+ and npm
• Environment configuration for transport and auth if using http transport (see environment vars below)
• Optional Docker environment if deploying via Docker Compose

Environment and transport tips:

• Transport options: stdio (default for local clients), http (recommended for network usage), and sse (deprecated legacy mode).
• For http transport with bearer/OIDC, set environment variables including MCP_AUTH_ENABLED, MCP_AUTH_MODE, MCP_AUTH_SCOPES, MCP_OIDC_ISSUER, MCP_OIDC_JWKS_URL, and optional MCP_OIDC_INTROSPECTION_URL, MCP_OAUTH_CLIENT_ID, MCP_OAUTH_CLIENT_SECRET.
• Bearer + OIDC support adds token-based authentication and optional introspection; ensure your issuer and JWKS URLs are reachable from the MCP host.
• Inspector integration: the bundled MCP Inspector can auto-target this MCP server via stdio by launching the inspector CLI as described in the docs. You do not need to install Inspector separately.
• Tools are exposed via structured tool invocations; examples for commonly used tools (subfinderEnum, httpxProbe, nucleiScan) are included in the README to guide usage.
• Traditional debugging and admin tasks can be performed by using listEngagementRecords and getEngagementRecord to pull artifacts and drive reporting workflows.
• If you plan to deploy via Docker Compose, ensure the image includes the nmap/john/hashcat/gobuster/nikto/ffuf/hydra/sqlmap/tcpdump and supporting tools as listed in the docs.