MCP ConfigsMay 12, 2026·2 min read

pentest-ai — Offensive Security MCP for Claude Code

pentest-ai is a Python CLI and MCP server that lets Claude Code run verified probes, chain attack paths, and export reports for authorized testing.

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 17/100Policy: stage
Agent surface
Any MCP/CLI agent
Kind
Mcp Config
Install
Stage only
Trust
Trust: Established
Entrypoint
Asset
Safe staging command
npx -y tokrepo@latest install f76cd84e-181d-5048-9a71-48fd466a37ca --target codex

Stages files first; activation requires review of the staged README and plan.

Intro

pentest-ai is a Python CLI and MCP server that lets Claude Code run verified probes, chain attack paths, and export reports for authorized testing.

  • Best for: Authorized pentests where you want a probe-by-probe MCP loop (not a black-box scanner)
  • Works with: Claude Code or any MCP client; ptai CLI for standalone/CI; common security tools auto-installed on first run (per README)
  • Setup time: 5–15 minutes

Practical Notes

  • GitHub: 215 stars · 44 forks; pushed 2026-05-12 (verified via GitHub API).
  • README introduces iterative MCP tools list_probes / run_probe / http_request for scoped, step-by-step driving.
  • README claims 47 MCP tools and 200+ tool wrappers (nmap, nuclei, ffuf, sqlmap, gobuster, …) with auto-install on first run.

Main

A practical “agent-safe pentest” setup looks like this:

  1. Declare scope explicitly (domains, auth method, rate limits) in the prompt you give Claude Code.
  2. Use iterative driving: start with list_probes, run one probe at a time, and only escalate when evidence supports it.
  3. Prefer proof over guesses: keep PoCs small, reproducible, and logged; treat every finding as “untrusted” until verified.
  4. Keep a clean separation between:
    • tool execution (ptai running probes)
    • reasoning + coordination (your MCP client / assistant)
  5. When you need CI-style runs, switch to the CLI path (ptai start …) and pin provider/model settings so results are comparable run-to-run.

The big win is control: you get a repeatable probe library, plus an MCP interface that lets an LLM coordinate without inventing results.

FAQ

Q: Is it for authorized testing only? A: Yes. The README includes responsible-use warnings; only scan targets you own or have permission to test.

Q: Do I need an API key? A: Not always. The README notes that when wired into Claude Code via MCP, your Claude subscription can run the engagement; otherwise you can run ptai with API keys (or via LiteLLM).

Q: What should I run first? A: Start with low-risk recon-style probes, then iterate: run one probe, inspect evidence, and only then escalate to exploit attempts.

🙏

Source & Thanks

Source: https://github.com/0xSteph/pentest-ai > License: MIT > GitHub stars: 215 · forks: 44

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets