Penetration Testing MCP MCP Servers
MCP servers wrapping specialized security testing and reconnaissance tools (port scanning, web fuzzing, vulnerability scanning, OSINT, network exploitation). Does NOT include general security monitoring, threat intelligence platforms, or vulnerability management systems without active exploitation capabilities.
There are 50 penetration testing mcp servers tracked. The highest-rated is schwarztim/sec-netexec-mcp at 36/100 with 2 stars.
Get all 50 projects as JSON
curl "https://pt-edge.onrender.com/api/v1/datasets/quality?domain=mcp&subcategory=penetration-testing-mcp&limit=20"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
| # | Server | Score | Tier |
|---|---|---|---|
| 1 |
schwarztim/sec-netexec-mcp
MCP server for NetExec - Network execution tool for penetration testing |
|
Emerging |
| 2 |
schwarztim/sec-amass-mcp
MCP server for OWASP Amass - Subdomain enumeration and attack surface mapping |
|
Experimental |
| 3 |
schwarztim/sec-nmap-mcp
MCP server for nmap - Network scanner and security auditing |
|
Experimental |
| 4 |
schwarztim/sec-wireshark-mcp
MCP server for Wireshark/tshark - Network protocol analyzer |
|
Experimental |
| 5 |
schwarztim/sec-ldapdomaindump-mcp
MCP server for ldapdomaindump - Active Directory LDAP enumeration for... |
|
Experimental |
| 6 |
schwarztim/sec-gobuster-mcp
MCP server for gobuster - Directory brute-forcer |
|
Experimental |
| 7 |
schwarztim/sec-john-the-ripper-mcp
MCP server for John the Ripper - Password cracking and security auditing via... |
|
Experimental |
| 8 |
schwarztim/sec-beef-xss-mcp
MCP server for BeEF - Browser Exploitation Framework |
|
Experimental |
| 9 |
schwarztim/sec-rubeus-mcp
MCP server for Rubeus - Kerberos abuse toolkit for security testing |
|
Experimental |
| 10 |
sjinks/wpscan-mcp-server
MCP Server for the WPScan (wpscan.com) API |
|
Experimental |
| 11 |
schwarztim/sec-hydra-mcp
MCP server for THC-Hydra - Password brute-forcer for authorized penetration testing |
|
Experimental |
| 12 |
schwarztim/sec-masscan-mcp
MCP server for masscan - Fast port scanner |
|
Experimental |
| 13 |
schwarztim/sec-maltego-mcp
MCP server for Maltego - OSINT visualization and transform automation |
|
Experimental |
| 14 |
schwarztim/sec-httpx-mcp
MCP server for httpx - HTTP toolkit for web reconnaissance |
|
Experimental |
| 15 |
schwarztim/sec-burpsuite-mcp
MCP server for Burp Suite - Web application security testing |
|
Experimental |
| 16 |
schwarztim/sec-seclists-mcp
MCP server for SecLists - Security wordlists |
|
Experimental |
| 17 |
schwarztim/sec-theharvester-mcp
MCP server for theHarvester - Email/subdomain harvester for OSINT reconnaissance |
|
Experimental |
| 18 |
schwarztim/sec-smbmap-mcp
MCP server for smbmap - SMB share enumeration |
|
Experimental |
| 19 |
schwarztim/sec-shodan-mcp
MCP server for Shodan - IoT search engine |
|
Experimental |
| 20 |
schwarztim/sec-feroxbuster-mcp
MCP server for feroxbuster - Fast content discovery |
|
Experimental |
| 21 |
schwarztim/sec-ligolo-ng-mcp
MCP server for Ligolo-ng - Tunneling and pivoting |
|
Experimental |
| 22 |
schwarztim/sec-chisel-mcp
MCP server for Chisel - TCP/UDP tunneling over HTTP/WebSocket |
|
Experimental |
| 23 |
schwarztim/sec-certipy-mcp
MCP server for Certipy - AD CS attack tool |
|
Experimental |
| 24 |
schwarztim/sec-hashcat-mcp
MCP server for hashcat - GPU password recovery |
|
Experimental |
| 25 |
schwarztim/sec-ffuf-mcp
MCP server for ffuf - Fast web fuzzer |
|
Experimental |
| 26 |
schwarztim/sec-wfuzz-mcp
MCP server for wfuzz - Web fuzzer for security testing |
|
Experimental |
| 27 |
schwarztim/sec-recon-ng-mcp
MCP server for recon-ng - OSINT framework |
|
Experimental |
| 28 |
schwarztim/sec-wpscan-mcp
MCP server for WPScan - WordPress security scanner |
|
Experimental |
| 29 |
schwarztim/sec-social-engineer-toolkit-mcp
MCP server for SET - Social Engineering Toolkit |
|
Experimental |
| 30 |
schwarztim/sec-mimikatz-mcp
MCP server for Mimikatz - Credential extraction and security assessment tool |
|
Experimental |
| 31 |
schwarztim/sec-aircrack-ng-mcp
MCP server for aircrack-ng - WiFi security auditing |
|
Experimental |
| 32 |
schwarztim/sec-crackmapexec-mcp
MCP server for CrackMapExec - Network pentesting |
|
Experimental |
| 33 |
schwarztim/sec-sliver-c2-mcp
MCP server for Sliver C2 - Adversary emulation framework integration for AI... |
|
Experimental |
| 34 |
schwarztim/sec-bloodhound-mcp
MCP server for BloodHound - AD attack path mapping |
|
Experimental |
| 35 |
schwarztim/sec-sqlmap-mcp
MCP server for sqlmap - SQL injection tool |
|
Experimental |
| 36 |
schwarztim/sec-veil-evasion-mcp
MCP server for Veil - Payload generator and AV evasion |
|
Experimental |
| 37 |
schwarztim/sec-nikto-mcp
MCP server for Nikto - Web server vulnerability scanner |
|
Experimental |
| 38 |
schwarztim/sec-impacket-mcp
MCP server for Impacket - Network protocol toolkit for penetration testing... |
|
Experimental |
| 39 |
schwarztim/sec-subfinder-mcp
MCP server for subfinder - Subdomain discovery |
|
Experimental |
| 40 |
schwarztim/sec-powershell-empire-mcp
MCP server for PowerShell Empire - Post-exploitation framework |
|
Experimental |
| 41 |
schwarztim/sec-proxychains-mcp
MCP server for Proxychains - Route commands through proxy chains via SSH |
|
Experimental |
| 42 |
schwarztim/sec-nuclei-mcp
MCP server for Nuclei - Vulnerability scanner integration for AI assistants... |
|
Experimental |
| 43 |
schwarztim/sec-censys-mcp
MCP server for Censys - Internet scan search |
|
Experimental |
| 44 |
schwarztim/sec-spiderfoot-mcp
MCP server for SpiderFoot - OSINT automation |
|
Experimental |
| 45 |
schwarztim/sec-enum4linux-mcp
MCP server for enum4linux - SMB enumeration tool for Windows/Samba systems... |
|
Experimental |
| 46 |
schwarztim/sec-dirb-mcp
MCP server for dirb - Web content scanner |
|
Experimental |
| 47 |
schwarztim/sec-evil-winrm-mcp
MCP server for Evil-WinRM - WinRM shell for Windows penetration testing |
|
Experimental |
| 48 |
schwarztim/sec-testssl-mcp
MCP server for testssl.sh - SSL/TLS testing |
|
Experimental |
| 49 |
schwarztim/sec-havoc-c2-mcp
MCP server for Havoc - Modern C2 framework for red team operations |
|
Experimental |
| 50 |
schwarztim/sec-responder-mcp
MCP server for Responder - LLMNR/NBT-NS poisoner for authorized penetration testing |
|
Experimental |