// MCP TOOL REFERENCE

PENTESTMCP TOOLS

36 tools from the pentestMCP MCP Server, categorised by risk level.

View the pentestMCP policy →
// ALL 36 PENTESTMCP TOOLS
READ 15 tools
Read ad_dcsync ad_dcsync Read ad_ldap_dump Comprehensive LDAP dump Read ad_secrets_dump ad_secrets_dump Read ad_shares_enum Enumerate SMB shares and permissions Read ad_smb_signing_check Check SMB signing status to identify relay targets Read ad_user_enum Enumerate domain users using NetExec Read check_gobuster_status Check the status of a Gobuster scan. Read check_harvester_output One-shot check: has theHarvester produced its JSON results yet? Read check_sqlmap_status Non-blocking status check for SQLMap scan: Read fetch_arjun_results Fetch results from a previously launched Arjun scan. Read fetch_file Fetch the contents of any file. Useful for reading full logs, output files, or resources. Read fetch_gofang_results fetch_gofang_results Read fetch_nmap_results Non-blocking fetch for Nmap scan results: Read fetch_nuclei_results Non-blocking fetch for Nuclei scan results: Read fetch_whois_data Fetch WHOIS data for the given domain.
EXECUTE 21 tools
Execute launch_arjun_scan Launch Arjun (HTTP parameter discovery tool) to find hidden HTTP parameters. Execute launch_gofang_scan launch_gofang_scan Execute launch_nmap_scan Launch a Nmap scan against the given target with optional arguments. Execute launch_nuclei_scan Launch a Nuclei scan against the given target with optional arguments. Execute run_curl_tool Run a curl command against the given target with the provided options. Execute run_dig_tool Run a dig command against the given domain with the provided options. Execute run_gobuster_scan run_gobuster_scan Execute run_harvester run_harvester Execute run_searchsploit Run Searchsploit against the given query with optional arguments. Execute run_sqlmap_tool Run a SQLMap scan against the given target with the provided options. Execute run_subfinder Run Subfinder against the given URL with the provided arguments. Execute ad_asreproast AS-REP Roasting attack to harvest Kerberos hashes Execute ad_bloodhound_collect ad_bloodhound_collect Execute ad_certipy_enum ad_certipy_enum Execute ad_check_credentials Quick credential validation Execute ad_coerce_petitpotam ad_coerce_petitpotam Execute ad_coerce_printerbug ad_coerce_printerbug Execute ad_kerberoast ad_kerberoast Execute ad_password_spray ad_password_spray Execute ad_responder_poison ad_responder_poison Execute ad_relay_setup ad_relay_setup

Route pentestMCP through PolicyLayer and every one of its 36 tools is checked against your policy before it runs.

GOVERN PENTESTMCP →

Enforced before the call runs. Nothing to install.

// FAQ
How many tools does the pentestMCP MCP server have? +

The pentestMCP MCP server exposes 36 tools across 2 categories: Read, Execute.

How do I enforce policies on pentestMCP tools? +

Route the pentestMCP server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do pentestMCP tools fall into? +

pentestMCP tools are categorised as Read (15), Execute (21). Each category has a recommended default policy.

Enforce policy on every pentestMCP tool call.

Deterministic rules across all 36 pentestMCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN PENTESTMCP →

Free to start. No card required.

42,500+ MCP servers and 110,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.