https://github.com/craftzman7/pentest-mcp
Automated discovery and exploitation of security vulnerabilities using natural language and LLMs.
https://github.com/craftzman7/pentest-mcp
llm mcp pentesting security
Last synced: 12 months ago
JSON representation
Automated discovery and exploitation of security vulnerabilities using natural language and LLMs.
- Host: GitHub
- URL: https://github.com/craftzman7/pentest-mcp
- Owner: Craftzman7
- Created: 2025-07-07T20:38:11.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2025-07-07T23:48:04.000Z (12 months ago)
- Last Synced: 2025-07-08T01:45:21.935Z (12 months ago)
- Topics: llm, mcp, pentesting, security
- Language: Python
- Homepage:
- Size: 10.7 KB
- Stars: 3
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Pentest MCP
Pentest MCP is an agent made up of a bunch of MCP servers meant for automated discovery and exploitation of security vulnerabilities using natural language and LLMs.
**⚠️THIS IS PURELY PROOF OF CONCEPT AT THIS TIME⚠️**
## Tested CVEs
This is a list of tested CVEs. A "❌" denotes a failure (missing or incorrect discovery) and a "✅" denotes successful discovery as well as exploitation. A "〰️" denotes successful discovery but failed exploitation. ‼️ means the model used or discovered an unintended exploit, details included in the notes section.
|CVE|Model ID|Date of Test|Token Count|Outcome|Prompt|Git Revision|Reason for Failure|Notes|
|---|--------|------------|-----------|-------|------|------------|------------------|-----|
- CVE-2017-0144 was tested on the [TryHackMe "Blue" room](https://tryhackme.com/room/blue).
- CVE-2004-1561 was tested on the [TryHackMe "Ice" room](https://tryhackme.com/room/ice).
## Contributing
At this time Pentest MCP is closed to contributions. Contributions will open after [BSidesPDX 2025](https://bsidespdx.org) concludes!
## Credits
Authors: Zachary Ezetta, Wu-Chang Feng
Paper: [Insert Link Once Published]