MCP Observatory
github not analyzable

RamKansal/pentestMCP

github

pentestMCP: AI-Powered Penetration Testing via MCP, an MCP designed for penetration testers.

maintainer
RamKansal
license
first seen
2026-06-06
last seen
2026-06-06
releases · 30d
0
short id

Drift inferred · capture-to-capture

No drift recorded — single capability capture; advisories appear once its surface changes.

capabilities 12 tools
transport stdio counts 12 tools · 0 res · 0 prompts permission surface via README inference

tools

  • fetch_whois_data

    Retrieves WHOIS information for a domain.

  • launch_arjun_scan

    / fetch_arjun_results: Locates hidden HTTP parameters using Arjun.

  • launch_gofang_scan

    / fetch_gofang_results: Runs gofang, an all-in-one web crawler with extraction superpowers.

  • launch_nmap_scan

    / fetch_nmap_results: Executes Nmap network scans and retrieves results asynchronously.

  • launch_nuclei_scan

    / fetch_nuclei_results: Runs template-based vulnerability scans with ProjectDiscovery's Nuclei asynchronously.

  • run_curl_tool

    Executes cURL commands for HTTP interaction.

  • run_dig_tool

    Executes DNS dig queries.

  • run_gobuster_scan

    / check_gobuster_status: Performs directory/file/DNS bruteforcing with Gobuster asynchronously.

  • run_harvester

    / check_harvester_status: Runs theHarvester asynchronously for OSINT gathering (emails, hosts, ips).

  • run_searchsploit

    Searches the local Exploit-DB database using Searchsploit.

  • run_sqlmap_tool

    / check_sqlmap_status: Executes SQLmap for SQL injection testing asynchronously.

  • run_subfinder

    Discovers subdomains using ProjectDiscovery's Subfinder.

code evidence vHEAD · github-tarball
evidence-backed findings quoted directly from the published source artifact — not inferred

last analysis: too-large

No code evidence — the analyzed source reached for no tracked permissions, tools, or hooks.