Offensive MCP Servers List
@scboln
About Offensive MCP Servers List
List of Public Offensive MCP Server Repositories
Basic information
Config
No standard config provided
This server doesn't expose a parseable MCP config block in its README. See the repository for install instructions.
RepositoryTools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Offensive MCP Servers List?
Offensive MCP Servers List is a curated directory of Model Context Protocol (MCP) servers for offensive security, forensic analysis, and reverse engineering. It collects links to community-built MCP servers that wrap tools such as Metasploit, Nmap, Burp Suite, Ghidra, Volatility, and others. The list is intended for penetration testers, red teamers, and security researchers who want to integrate these tools with AI assistants via MCP.
How to use Offensive MCP Servers List?
Browse the list by category (Offensive Tools, Forensic Tools, Reverse Engineering, Combo Collections) and click on any linked MCP server to visit its repository or documentation page. Each linked server has its own installation and configuration steps. The list itself does not provide a single installable server; it is a reference for finding existing MCP implementations.
Key features of Offensive MCP Servers List
- Comprehensive collection of offensive MCP servers.
- Covers tools: Metasploit, Nmap, Nuclei, Burp Suite, Nessus, Hydra.
- Includes command-and-control frameworks like Mythic.
- Lists reverse engineering servers for Ghidra and Radare2.
- Forensic tool servers for Volatility and Wireshark.
- Provides links to combo/collection MCP servers for Kali Linux.
Use cases of Offensive MCP Servers List
- Find an MCP server to automate vulnerability scanning with Nmap.
- Integrate Metasploit exploitation workflows with an AI assistant.
- Use BloodHound MCP for Active Directory attack path analysis.
- Leverage ExploitDB MCP to search for public exploits.
- Perform memory forensics via Volatility MCP from an AI chat.
FAQ from Offensive MCP Servers List
What is the Offensive MCP Servers List?
It is a curated list of third-party MCP servers for offensive security, forensics, and reverse engineering. It aggregates links to individual repositories and documentation pages, not a single server.
Do I need to install anything to use this list?
No. The list is a directory of links. You must visit each linked MCP server and follow its own installation instructions (e.g., configuring the MCP client to run the server).
Where do the actual MCP servers run?
Each linked server runs locally or on infrastructure as specified by its developer. Data (scan results, exploit payloads, etc.) stays on the user’s machine unless the server explicitly sends it elsewhere. The list itself does not host or process any data.
Are there any known limitations?
The list is community-maintained and may not include every offensive MCP server. Some listed servers may be outdated or unmaintained. Always verify the source before using any tool in a production environment.
What authentication or transport do these servers use?
This varies per server. Many use standard MCP transports (stdio or SSE). Authentication, if any, is defined by the individual MCP server’s documentation. The list does not enforce a common authentication mechanism.
More Other MCP servers
Awesome Mlops
visengerA curated list of references for MLOps
Core Philosophy: Connect, Unify, Respond
mindsdbDelegate anything. It comes back done.
MCP Toolbox for Databases
googleapisMCP Toolbox for Databases is an open source MCP server for databases.
🪟 Windows-MCP
CursorTouchMCP Server for Computer Use in Windows
ghidraMCP
LaurieWiredMCP Server for Ghidra
Comments