// SCAN REPORT

Pentester-MCP

337 tools. 333 can modify or destroy data without limits.

332 write tools that can modify data. Rate limits recommended.

Last updated: 11 Jun 2026

333 can modify or destroy data

4 read-only

337 tools total

Community server · catalogue entry verified 11/06/2026

How to control Pentester-MCP ↓

TOOL MAP

What Pentester-MCP exposes to your agents

Read (4) Write / Execute (332) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

High Risk

The most dangerous Pentester-MCP tools

Execute · High dnscat_client dnscat_client would establish DNS-based tunnels for command execution and data exfiltration—core Execute capabilities. Execute · Critical execute_weevely_module This tool executes code/commands via a web shell module. Execute · Medium identify_hash The description is empty, so confidence is reduced. Execute · High john_prepare This tool prepares data for John the Ripper, a widely-used password cracking tool.

333 of Pentester-MCP's 337 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Pentester-MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and Pentester-MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Cap read operations

{
  "run_impacket_registry_read": {
    "limits": [
      {
        "counter": "run_impacket_registry_read_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Pentester-MCP — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON PENTESTER-MCP →

Free to start. No card required.

FULL CATALOGUE

All 337 Pentester-MCP tools

EXECUTE 332 tools

READ 4 tools

Read run_impacket_registry_read run_impacket_registry_read Read analyze_pcap analyze_pcap Read list_nikto_plugins Lists all available plugins that Nikto can use to perform security checks. Read wapiti_get_cookie wapiti_get_cookie

OTHER 1 tools

Other convert_ticket convert_ticket

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about Pentester-MCP

Is the Pentester- MCP server safe to use without restrictions? +

The Pentester-MCP server is primarily read-only with 4 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.

How many tools does the Pentester- MCP server expose? +

337 tools across 3 categories: Execute, Read, Write. 4 are read-only. 333 can modify, create, or delete data.

How do I enforce a policy on Pentester-MCP? +

Register the Pentester- MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Pentester-MCP tool call.

Deterministic rules across all 337 Pentester-MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON PENTESTER-MCP →

Free to start. No card required.

337 Pentester-MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.