MCP.so
ログイン
T

Turbopentest

@integsec

Turbopentest について

MCP server for TurboPentest — AI-powered penetration testing from your coding assistant

基本情報

カテゴリ

その他

トランスポート

stdio

公開者

integsec

投稿者

Mike Chamberland

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "turbopentest": {
      "command": "npx",
      "args": [
        "@turbopentest/mcp-server"
      ],
      "env": {
        "TURBOPENTEST_API_KEY": "tp_live_..."
      }
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Turbopentest?

Turbopentest is an MCP server that integrates TurboPentest’s AI-powered penetration testing capabilities into coding assistants. It lets developers launch penetration tests, review findings, and download reports directly from their IDE.

How to use Turbopentest?

Obtain an API key from <turbopentest.com/settings/api-keys>, then configure your MCP client (Claude Desktop, Claude Code, or Cursor) with the command npx @turbopentest/mcp-server and set the TURBOPENTEST_API_KEY environment variable. The server exposes tools to start pentests, retrieve results, list findings, download reports, and verify attestations.

Key features of Turbopentest

  • Start pentests with recon, standard, deep, or blitz tiers (1–20 agents, 30 min–4 hours).
  • Get full scan details: status, progress, findings, attack surface map, and STRIDE threat model.
  • List and filter all pentests by status with finding counts.
  • Retrieve structured findings with severity, CVSS, CWE, PoC, and remediation.
  • Download reports in markdown, JSON, or PDF formats.
  • Check credit balance and available scan tiers with pricing.
  • Verify blockchain-anchored pentest attestations by hash (public, no API key required).

Use cases of Turbopentest

  • Launch a penetration test on a staging domain and monitor its progress from your coding assistant.
  • Review high-severity vulnerabilities with proof-of-concept and remediation steps without leaving your editor.
  • Download a pentest report in markdown for AI-driven analysis or JSON for programmatic processing.
  • Verify the authenticity of a pentest attestation using its blockchain hash.

FAQ from Turbopentest

What API key is required?

An API key from <turbopentest.com/settings/api-keys> is required and must be set as the TURBOPENTEST_API_KEY environment variable.

What scan tiers are available and how much do they cost?

Recon (1 agent, 30 min, $49), Standard (4 agents, 1 hour, $99), Deep (10 agents, 2 hours, $299), and Blitz (20 agents, 4 hours, $699).

What tools does the server provide?

The server provides start_pentest, get_pentest, list_pentests, get_findings, download_report, get_credits, verify_attestation, and list_domains.

Is the verify_attestation tool public?

Yes, it is a public tool that does not require an API key.

What are the system requirements?

Node.js 18+ and a TurboPentest account with API access.

コメント

「その他」の他のコンテンツ