pentest-mcp

Professional pentest MCP server with stdio + Streamable HTTP transports, bundled MCP Inspector launcher, bearer auth, SoW-aware reporting, and modern tooling across sniffing/finding/bruteforce/cracking/priv-esc/extraction workflows.

Evaluated Mar 21, 2026 (30d ago)

Repo ↗ Database cybersecurity dirbuster gobuster hashcat http-streaming john-the-ripper jtr mcp mcp-server model-context-protocol nikto nmap pentesting pentesting-tools redteam sse-server sse-streaming stdio

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

Yes

SDK

Yes

Webhooks

Authentication

Methods: oauth2

OAuth: Yes Scopes: No

Pricing

Free tier: No

Requires CC: No

Agent Metadata

Idempotent

Unknown

Retry Guidance

Not documented

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for pentest-mcp.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-21.