Pentest FAQs

Question 1

How do I install and use pentestMCP?

Accepted Answer

The recommended method is to use the pre-built Docker image from Docker Hub. Alternatively, you can build the image locally from the GitHub repository. Then, configure your MCP client (e.g., Claude Desktop, VS Code) to connect to the Docker container.

Question 2

What is pentestMCP?

Accepted Answer

pentestMCP is an MCP server that connects Large Language Models (LLMs) to penetration testing tools, enabling AI-driven security assessments. It provides a suite of over 20 standard security tools callable via MCP clients.

Question 3

What tools are included in pentestMCP?

Accepted Answer

pentestMCP integrates various penetration testing tools, including Nmap, Nuclei, OWASP ZAP, SQLMap, and Subfinder, among others. It exposes these tools as callable functions within an MCP environment.

Question 4

What is the Model Context Protocol (MCP)?

Accepted Answer

The Model Context Protocol (MCP) is a communication protocol that facilitates interaction between Large Language Models (LLMs) and external tools or systems. pentestMCP uses this protocol to expose its pentesting capabilities to AI agents.

Question 5

Does pentestMCP handle long-running scans?

Accepted Answer

Yes, pentestMCP efficiently handles long-running scans using an asynchronous pattern, preventing blocking of the MCP connection. It launches the scan and provides a way to fetch results later.

Pentest

About

Key Features

Use Cases