pentest-mcp — MCP Server by DMontgomery40

by DMontgomery40 · MCP Server · ★ 127

Last updated: · Indexed by AgentSkillsHub · Auto-synced every 8h

About pentest-mcp

Pentest MCP Professional penetration-testing MCP server with modern transport/auth support and expanded recon tooling. What Changed in 0.9.0 Upgraded MCP SDK to Kept MCP Inspector at the latest release () with bundled launcher Streamable HTTP is now the primary network transport () SSE is still available only as a deprecated compatibility mode Added bearer-token auth with OIDC JWKS and introspection support Added first-class tools: , , , , , , , Added report-admin tools: , Added SoW capture flow for reports using MCP elicitation () with safe template fallback Hardened command resolution so web probing uses (preferred) or validated ProjectDiscovery , avoiding Python CLI collisions Integrated bundled MCP Inspector launcher () Runtime baseline is now Node.js 22.7.5+ Added invocation metadata in new tool outputs when auth/session context is available Included Tools runJohnT

cybersecuritydirbustergobusterhashcathttp-streamingjohn-the-ripperjtrmcpmcp-servermodel-context-protocol

Quick Facts

Stars127
Forks27
LanguageJavaScript
CategoryMCP Server
LicenseMIT
Quality Score74.0792867332492/100
Open Issues1
Last Updated2026-03-23
Created2025-04-04
Platformsmcp, node
Est. Tokens~564k

Compatible Skills

These tools work well together with pentest-mcp for enhanced workflows:

pentest-mcp alternative? Top 6 similar tools

Looking for a pentest-mcp alternative? If you're comparing pentest-mcp with other mcp server tools, these 6 projects are the closest alternatives on Agent Skills Hub — ranked by topic overlap, star count, and community traction.

  • mcp-security-hub by FuzzingLabs · ⭐ 511

    A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei,

  • mcp-for-security by cyproxio · ⭐ 598

    MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF,

  • vurb.ts by vinkius-labs · ⭐ 251

    TypeScript framework for building production MCP servers. Fluent tool API, FSM gating, presenters, semantic ro

  • mcp-virustotal by BurtTheCoder · ⭐ 127

    MCP server for VirusTotal API — analyze URLs, files, IPs, and domains with comprehensive security reports, rel

  • mcp-shodan by BurtTheCoder · ⭐ 118

    MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and CVE/CPE vulnera

  • mcp-gemini-search by arjunprabhulal · ⭐ 56

    Model Context Protocol (MCP) with Gemini 2.5 Pro. Convert conversational queries into flight searches using Ge

More MCP Server Tools

Explore other popular mcp server tools:

View all MCP Server tools →

Popular JavaScript Agent Tools

Frequently Asked Questions

What is pentest-mcp?

pentest-mcp is NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.. It is categorized as a MCP Server with 127 GitHub stars.

What programming language is pentest-mcp written in?

pentest-mcp is primarily written in JavaScript. It covers topics such as cybersecurity, dirbuster, gobuster.

How do I install or use pentest-mcp?

You can find installation instructions and usage details in the pentest-mcp GitHub repository at github.com/DMontgomery40/pentest-mcp. The project has 127 stars and 27 forks, indicating an active community.

What license does pentest-mcp use?

pentest-mcp is released under the MIT license, making it free to use and modify according to the license terms.

What are the best alternatives to pentest-mcp?

The top alternatives to pentest-mcp on Agent Skills Hub include mcp-security-hub, mcp-for-security, vurb.ts. Each offers a different approach to the same problem space — compare them side-by-side by stars, quality score, and community activity.

View on GitHub → Browse MCP Server tools