drio
Open app

Model Context Provider (MCP) for Penetration Testing

Source

An MCP server for pentesting. Contributors wanted!

Catalog onlyCatalog onlySTDIO

Overview

MCP is an AI-driven middleware designed to assist penetration testers by integrating various pentesting tools and guiding users through the testing process.

To use MCP, clone the repository, build the Docker containers, and start the services. You can create engagements and run tasks via API calls.

  • Methodology enforcement for structured testing phases. - Real-time context aggregation from multiple tools. - LLM-powered insights for interpreting findings. - Seamless integration with major pentesting tools. - Secure data handling and reporting capabilities.
  1. Streamlining penetration testing engagements.
  2. Enhancing collaboration among security teams.
  3. Providing AI-driven insights during testing phases.

Add to your AI client

Use these steps to connect Model Context Provider (MCP) for Penetration Testing in Cursor, Claude, VS Code, and other MCP-compatible apps. The same JSON appears in the Use with menu above for one-click copy.

Cursor

Add this to your .cursor/mcp.json file in your project root, then restart Cursor.

.cursor/mcp.json

{
  "mcpServers": {
    "mcp-pentest-allsmog": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

Claude Desktop

Add this server entry to the mcpServers object in your Claude Desktop config, then restart the app.

~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows)

{
  "mcpServers": {
    "mcp-pentest-allsmog": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

Claude Code

Add this to your project's .mcp.json file. Claude Code will detect it automatically.

.mcp.json (project root)

{
  "mcpServers": {
    "mcp-pentest-allsmog": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

VS Code (Copilot)

Add this to your .vscode/mcp.json file. Requires the GitHub Copilot extension with MCP support enabled.

.vscode/mcp.json

{
  "servers": {
    "mcp-pentest-allsmog": {
      "type": "stdio",
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

Windsurf

Add this to your Windsurf MCP config file, then restart Windsurf.

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-pentest-allsmog": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

Cline

Open Cline settings, navigate to MCP Servers, and add this server configuration.

Cline MCP Settings (via UI)

{
  "mcpServers": {
    "mcp-pentest-allsmog": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-pentest-allsmog"
      ]
    }
  }
}

FAQ

Is MCP suitable for all types of penetration testing?

Yes, MCP is designed for various penetration testing scenarios, provided they are conducted legally and ethically.

How can I contribute to MCP?

Contributions are welcome! Check the CONTRIBUTING.md file for details on how to get involved.

Research and data