MCP Observatory
github analyzed 9b8c780

0x4m4/hexstrike-ai

github

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

maintainer
0x4m4
license
MIT
first seen
2026-05-22
last seen
2026-06-04
releases · 30d
0
short id

Drift inferred · capture-to-capture

  1. HIGH code analysis flagged dynamic code execution in 0x4m4/hexstrike-ai
capabilities0 tools
transport stdio counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

skills & danger signalsgithub-tarball
prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit 9b8c780 · analyzer v17 · 1h ago

danger signals2

code evidencevHEAD · github-tarball
evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 1

  • fs 0x4m4-hexstrike-ai-9b8c780/hexstrike_server.py :38 import shutil

shell / exec 1

  • shell 0x4m4-hexstrike-ai-9b8c780/hexstrike_server.py :25 import subprocess

network 2

  • net 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :25 import requests
  • net 0x4m4-hexstrike-ai-9b8c780/hexstrike_server.py :45 import requests

tool registrations 151

  • nmap_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :283
  • gobuster_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :326
  • nuclei_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :370
  • prowler_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :421
  • trivy_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :455
  • scout_suite_assessment 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :491
  • cloudmapper_analysis 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :525
  • pacu_exploitation 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :554
  • kube_hunter_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :586
  • kube_bench_cis 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :622
  • docker_bench_security_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :653
  • clair_vulnerability_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :683
  • falco_runtime_monitoring 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :712
  • checkov_iac_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :744
  • terrascan_iac_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :778
  • create_file 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :816
  • modify_file 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :842
  • delete_file 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :868
  • list_files 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :890
  • generate_payload 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :910
  • install_python_package 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :944
  • execute_python_script 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :968
  • dirb_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1000
  • nikto_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1026
  • sqlmap_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1050
  • metasploit_run 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1076
  • hydra_attack 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1100
  • john_crack 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1142
  • wpscan_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1175
  • enum4linux_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1199
  • ffuf_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1223
  • netexec_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1253
  • amass_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1287
  • hashcat_crack 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1313
  • subfinder_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1345
  • smbmap_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1373
  • rustscan_fast_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1407
  • masscan_high_speed 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1443
  • nmap_advanced_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1481
  • autorecon_comprehensive 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1524
  • enum4linux_ng_advanced 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1561
  • rpcclient_enumeration 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1602
  • nbtscan_netbios 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1636
  • arp_scan_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1665
  • responder_credential_harvest 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1698
  • volatility_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1735
  • msfvenom_generate 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1763
  • gdb_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1799
  • radare2_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1827
  • binwalk_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1853
  • ropgadget_search 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1879
  • checksec_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1905
  • xxd_hexdump 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1927
  • strings_extract 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1955
  • objdump_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :1981
  • ghidra_analysis 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2011
  • pwntools_exploit 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2045
  • one_gadget_search 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2079
  • libc_database_lookup 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2105
  • gdb_peda_debug 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2134
  • angr_symbolic_execution 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2165
  • ropper_gadget_search 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2199
  • pwninit_setup 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2233
  • feroxbuster_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2264
  • dotdotpwn_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2292
  • xsser_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2318
  • wfuzz_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2344
  • dirsearch_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2374
  • katana_crawl 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2408
  • gau_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2442
  • waybackurls_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2474
  • arjun_parameter_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2503
  • paramspider_mining 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2539
  • x8_parameter_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2571
  • jaeles_vulnerability_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2605
  • dalfox_xss_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2639
  • httpx_probe 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2675
  • anew_data_processing 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2716
  • qsreplace_parameter_replacement 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2743
  • uro_url_filtering 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2770
  • ai_generate_payload 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2803
  • ai_test_payload 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2844
  • ai_generate_attack_suite 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2879
  • api_fuzzer 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2940
  • graphql_scanner 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :2976
  • jwt_analyzer 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3018
  • api_schema_analyzer 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3057
  • comprehensive_api_audit 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3102
  • volatility3_analyze 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3200
  • foremost_carving 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3228
  • steghide_analysis 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3256
  • exiftool_extract 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3288
  • hashpump_attack 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3316
  • hakrawler_crawl 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3350
  • httpx_probe 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3391
  • paramspider_discovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3427
  • burpsuite_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3461
  • zap_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3497
  • arjun_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3535
  • wafw00f_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3569
  • fierce_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3593
  • dnsenum_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3619
  • autorecon_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3647
  • server_health 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3789
  • get_cache_stats 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3805
  • clear_cache 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3819
  • get_telemetry 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3835
  • list_active_processes 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3853
  • get_process_status 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3869
  • terminate_process 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3888
  • pause_process 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3907
  • resume_process 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3926
  • get_process_dashboard 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3945
  • execute_command 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :3968
  • monitor_cve_feeds 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4012
  • generate_exploit_from_cve 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4043
  • discover_attack_chains 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4082
  • research_zero_day_opportunities 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4116
  • correlate_threat_intelligence 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4153
  • advanced_payload_generation 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4199
  • vulnerability_intelligence_dashboard 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4247
  • threat_hunting_assistant 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4301
  • get_live_dashboard 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4411
  • create_vulnerability_report 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4427
  • format_tool_output_visual 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4481
  • create_scan_summary 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4510
  • display_system_metrics 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4546
  • analyze_target_intelligence 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4595
  • select_optimal_tools_ai 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4619
  • optimize_tool_parameters_ai 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4647
  • create_attack_chain_ai 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4684
  • intelligent_smart_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4716
  • detect_technologies_ai 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4769
  • ai_reconnaissance_workflow 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4801
  • ai_vulnerability_assessment 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4850
  • bugbounty_reconnaissance_workflow 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4910
  • bugbounty_vulnerability_hunting 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4943
  • bugbounty_business_logic_testing 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :4974
  • bugbounty_osint_gathering 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5003
  • bugbounty_file_upload_testing 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5028
  • bugbounty_comprehensive_assessment 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5053
  • bugbounty_authentication_bypass_testing 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5091
  • http_framework_test 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5156
  • browser_agent_inspect 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5197
  • http_set_rules 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5245
  • http_set_scope 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5252
  • http_repeater 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5258
  • http_intruder 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5264
  • burpsuite_alternative_scan 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5281
  • error_handling_statistics 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5342
  • test_error_recovery 0x4m4-hexstrike-ai-9b8c780/hexstrike_mcp.py :5373

declared dependencies 12

  • flask@>=2.3.0,<4.0.0
  • requests@>=2.31.0,<3.0.0
  • psutil@>=5.9.0,<6.0.0
  • fastmcp@>=0.2.0,<1.0.0
  • beautifulsoup4@>=4.12.0,<5.0.0
  • selenium@>=4.15.0,<5.0.0
  • webdriver-manager@>=4.0.0,<5.0.0
  • aiohttp@>=3.8.0,<4.0.0
  • mitmproxy@>=9.0.0,<11.0.0
  • pwntools@>=4.10.0,<5.0.0
  • angr@>=9.2.0,<10.0.0
  • bcrypt@==4.0.1