High-risk tools in PenTest MCP Server
16 of the 31 tools in PenTest MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
commixExecuteCommand injection vulnerability scanner
-
corscannerExecuteCORS misconfiguration scanner
-
dalfoxExecuteXSS vulnerability scanner
-
extensive_scanExecuteComprehensive scan (20-45 min): WAF detection, full recon, top-1000 port scan, tech fingerprinting, TLS audit, directory discovery, XSS, SQLi, CSRF, sensitive file discovery
-
ffufExecuteFast web fuzzer for directory/file discovery
-
gobusterExecuteDirectory/file brute forcing
-
graphql_copExecuteGraphQL security scanner
-
jwt_toolExecuteJWT security testing
-
masscanExecuteFast port scanner
-
niktoExecuteWeb server vulnerability scanner
-
nmapExecutePort scanning and service detection
-
nucleiExecuteFast vulnerability scanner with templates
-
quick_scanExecuteFast triage scan (10-15 min): WAF detection, subdomain enum, top-port scan, header analysis, TLS audit, tech fingerprinting, sensitive file discovery, SSRF probe, CSRF check
-
sqlmapExecuteSQL injection detection and exploitation
-
testsslExecuteTLS/SSL security testing
-
wfuzzExecuteWeb application fuzzer
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.