I built an AI-powered MCP agent that gives Claude/Cursor access to 74+ offensive security tools (Nmap, BloodHound, Impacket, EAPHammer etc.) — open source
Offensive Security MCP Agent
FastAPI Dashboard + MCP Tool Router for Authorized Security Workflows
A local offensive-security MCP platform with a web dashboard, real-time execution streams, scope guardrails, payload generation, and an extensible tool registry for authorized assessments.
How It Works
- An MCP-compatible client connects to mcp_server/mcp_server.py over stdio.
- The server exposes registry-defined tools and helper actions like set_scope, search_tools, and generate_payload.
- The FastAPI app provides a browser dashboard, REST endpoints, WebSocket terminal streaming, and optional Anthropic-backed AI chat.
- Commands are executed locally, outputs are written to reports/, payloads land in payloads/, and audit activity is logged in logs/.
- Scope checks help block out-of-scope targets before execution.
1. Clone the repository
git clone https://github.com/ans-inayat/offensive-sec-mcp
cd mcp
2. Create and activate a virtual environment
python3 -m venv mcp
source mcp/bin/activate
3. Install Python dependencies
pip install -r requirements.txt
4. (Kali recommended) install common security tool dependencies
sudo ./install_tools.sh
5. Optional: enable AI chat features
export ANTHROPIC_API_KEY="sk-ant-..."
Start the Platform
Start the FastAPI dashboard and API
chmod +x start.sh
./start.sh
get more info visit the github repo : https://github.com/ans-inayat/offensive-sec-mcp
Top comments (0)