DMontgomery40/pentest-mcp

NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.

58
/ 100
Established

Implements bearer-token OIDC authentication with JWKS validation and token introspection, plus a structured engagement-record system that auto-captures invocation metadata to streamline report generation from tool outputs. Supports three network transports (stdio/HTTP/SSE) with HTTP as the modern default, and includes a bundled MCP Inspector launcher for immediate debugging without separate installation.

126 stars. Available on npm.

Maintenance 10 / 25
Adoption 10 / 25
Maturity 18 / 25
Community 20 / 25

How are scores calculated?

Stars

126

Forks

27

Language

JavaScript

License

MIT

Category

security-testing-mcp

Last pushed

Feb 19, 2026

Commits (30d)

0

Dependencies

7

GitHub npm
Security Testing MCP · 268 servers

Get this data via API

curl "https://pt-edge.onrender.com/api/v1/quality/mcp/DMontgomery40/pentest-mcp"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

Compare

pentest-mcp and mcp-for-security

Related servers

0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...

66

panther-labs/mcp-panther

Write detections, investigate alerts, and query logs from your favorite AI agents

60

duriantaco/skylos

High-precision Python SAST & Dead Code Remover. Finds unused functions, secrets, and security...

60

msaad00/agent-bom

Security scanner for AI infrastructure — CVEs, blast radius, credential exposure, runtime...

60

Wh0am123/MCP-Kali-Server

MCP configuration to connect AI agent to a Linux machine.

60

Explore MCP Servers

All categories Trending MCP Server directory Insights