DMontgomery40 / pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including nmap, go/dirbuster, nikto, JtR, wordlist building, and more.
☆26Updated 3 weeks ago
Alternatives and similar repositories for pentest-mcp:
Users that are interested in pentest-mcp are comparing it to the libraries listed below
- A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.☆34Updated 2 weeks ago
- Shellcode Tester Pro is a graphical interface tool for analysis, simulated execution, and reverse engineering of malicious shellcodes.☆25Updated 2 weeks ago
- External recon toolkit☆48Updated 3 months ago
- ☆44Updated last month
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆39Updated last month
- My POCs for CVEs & stuff☆50Updated 3 weeks ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆49Updated 11 months ago
- ☆38Updated this week
- CVE-2025-24016: RCE in Wazuh server! Remote Code Execution☆32Updated 2 months ago
- PfSense Stored XSS lead to Arbitrary Code Execution exploit☆47Updated 3 months ago
- List of some AD tools I frequently use☆45Updated 2 months ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆49Updated last year
- Proof of Concept Exploit for CVE-2024-9464☆45Updated 6 months ago
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated 5 months ago
- Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.☆55Updated 3 weeks ago
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services …☆47Updated 2 weeks ago
- This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …☆20Updated 9 months ago
- CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)☆36Updated 2 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆28Updated 5 months ago
- A script to automatically dump all URLs present in /server-status to a file locally.☆23Updated 2 months ago
- CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow☆23Updated 9 months ago
- ☆55Updated 5 months ago
- SAPLAR - LFI & Path Traversal Scanner☆14Updated last month
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆16Updated 10 months ago
- POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.☆33Updated 9 months ago
- Stage 1: Sensitive Email/Chat Classification for Adversary Agent Emulation (espionage). This project is meant to extend Red Reaper v1 whi…☆41Updated 8 months ago
- CVE-2023-7028☆58Updated last year
- Exploits Unauth Docker API☆25Updated last week
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆73Updated 3 weeks ago
- Repo for all my exploits/PoCs☆50Updated 2 months ago