HexStrike AI
Lets AI agents autonomously run 150+ penetration testing and security tools for reconnaissance, vulnerability scanning, exploitation, and forensics. Works as an MCP server integrating security toolchains into AI workflows.
Advanced MCP server enabling AI agents to autonomously run 150+ security and penetration testing tools. Covers reconnaissance, vulnerability scanning, exploitation, network analysis, and forensics. 7,200+ GitHub stars.
What it does
- Run reconnaissance tools like nmap and subdomain scanners
- Execute vulnerability scanners against targets
- Perform network analysis and packet inspection
- Conduct penetration testing with exploitation tools
- Analyze forensics data and security artifacts
- Generate automated security reports
Best for
About HexStrike AI
HexStrike AI is a community-built MCP server published by 0x4m4 that provides AI assistants with tools and capabilities via the Model Context Protocol. Advanced MCP server enabling AI agents to autonomously run 150+ security and penetration testing tools. Covers reconnais It is categorized under auth security, developer tools.
How to install
You can install HexStrike AI in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.
License
HexStrike AI is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.
HexStrike AI MCP Agents v6.0
AI-Powered MCP Cybersecurity Automation Platform
Advanced AI-powered penetration testing MCP framework with 150+ security tools and 12+ autonomous AI agents
📋 What's New • 🏗️ Architecture • 🚀 Installation • 🛠️ Features • 🤖 AI Agents • 📡 API Reference
Follow Our Social Accounts
Architecture Overview
HexStrike AI MCP v6.0 features a multi-agent architecture with autonomous AI agents, intelligent decision-making, and vulnerability intelligence.
%%{init: {"themeVariables": {
"primaryColor": "#b71c1c",
"secondaryColor": "#ff5252",
"tertiaryColor": "#ff8a80",
"background": "#2d0000",
"edgeLabelBackground":"#b71c1c",
"fontFamily": "monospace",
"fontSize": "16px",
"fontColor": "#fffde7",
"nodeTextColor": "#fffde7"
}}}%%
graph TD
A[AI Agent - Claude/GPT/Copilot] -->|MCP Protocol| B[HexStrike MCP Server v6.0]
B --> C[Intelligent Decision Engine]
B --> D[12+ Autonomous AI Agents]
B --> E[Modern Visual Engine]
C --> F[Tool Selection AI]
C --> G[Parameter Optimization]
C --> H[Attack Chain Discovery]
D --> I[BugBounty Agent]
D --> J[CTF Solver Agent]
D --> K[CVE Intelligence Agent]
D --> L[Exploit Generator Agent]
E --> M[Real-time Dashboards]
E --> N[Progress Visualization]
E --> O[Vulnerability Cards]
B --> P[150+ Security Tools]
P --> Q[Network Tools - 25+]
P --> R[Web App Tools - 40+]
P --> S[Cloud Tools - 20+]
P --> T[Binary Tools - 25+]
P --> U[CTF Tools - 20+]
P --> V[OSINT Tools - 20+]
B --> W[Advanced Process Management]
W --> X[Smart Caching]
W --> Y[Resource Optimization]
W --> Z[Error Recovery]
style A fill:#b71c1c,stroke:#ff5252,stroke-width:3px,color:#fffde7
style B fill:#ff5252,stroke:#b71c1c,stroke-width:4px,color:#fffde7
style C fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
style D fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
style E fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
How It Works
- AI Agent Connection - Claude, GPT, or other MCP-compatible agents connect via FastMCP protocol
- Intelligent Analysis - Decision engine analyzes targets and selects optimal testing strategies
- Autonomous Execution - AI agents execute comprehensive security assessments
- Real-time Adaptation - System adapts based on results and discovered vulnerabilities
- Advanced Reporting - Visual output with vulnerability cards and risk analysis
Installation
Quick Setup to Run the hexstrike MCPs Server
# 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai
# 2. Create virtual environment
python3 -m venv hexstrike-env
source hexstrike-env/bin/activate # Linux/Mac
# hexstrike-env\Scripts\activate # Windows
# 3. Install Python dependencies
pip3 install -r requirements.txt
Installation and Setting Up Guide for various AI Clients:
Installation & Demo Video
Watch the full installation and setup walkthrough here: YouTube - HexStrike AI Installation & Demo
Supported AI Clients for Running & Integration
You can install and run HexStrike AI MCPs with various AI clients, including:
- 5ire (Latest version v0.14.0 not supported for now)
- VS Code Copilot
- Roo Code
- Cursor
- Claude Desktop
- Any MCP-compatible agent
Refer to the video above for step-by-step instructions and integration examples for these platforms.
Install Security Tools
Core Tools (Essential):
# Network & Reconnaissance
nmap masscan rustscan amass subfinder nuclei fierce dnsenum
autorecon theharvester responder netexec enum4linux-ng
# Web Application Security
gobuster feroxbuster dirsearch ffuf dirb httpx katana
nikto sqlmap wpscan arjun paramspider dalfox wafw00f
# Password & Authentication
hydra john hashcat medusa patator crackmapexec
evil-winrm hash-identifier ophcrack
# Binary Analysis & Reverse Engineering
gdb radare2 binwalk ghidra checksec strings objdump
volatility3 foremost steghide exiftool
Cloud Security Tools:
prowler scout-suite trivy
kube-hunter kube-bench docker-bench-security
Browser Agent Requirements:
# Chrome/Chromium for Browser Agent
sudo apt install chromium-browser chromium-chromedriver
# OR install Google Chrome
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" | sudo tee /etc/apt/sources.list.d/google-chrome.list
sudo apt update && sudo apt install google-chrome-stable
Start the Server
# Start the MCP server
python3 hexstrike_server.py
# Optional: Start with debug mode
python3 hexstrike_server.py --debug
# Optional: Custom port configuration
python3 hexstrike_server.py --port 8888
Verify Installation
# Test server health
curl http://localhost:8888/health
# Test AI agent capabilities
curl -X POST http://localhost:8888/api/intelligence/analyze-target \
-H "Content-Type: application/json" \
-d '{"target": "example.com", "analysis_type": "comprehensive"}'
AI Client Integration Setup
Claude Desktop Integration or Cursor
Edit ~/.config/Claude/claude_desktop_config.json:
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": [
"/path/to/hexstrike-ai/hexstrike_mcp.py",
"--server",
"http://localhost:8888"
],
"description": "HexStrike AI v6.0 - Advanced Cybersecurity Automation Platform",
"timeout": 300,
"disabled": false
}
}
}
VS Code Copilot Integration
Configure VS Code settings in .vscode/settings.json:
{
"servers": {
"hexstrike": {
"type": "stdio",
"command": "python3",
"args": [
"/path/to/hexstrike-ai/hexstrike_mcp.py",
"--server",
"http://localhost:8888"
]
}
},
"inputs": []
}
Features
Security Tools Arsenal
150+ Professional Security Tools:
🔍 Network Reconnaissance & Scanning (25+ Tools)
- Nmap - Advanced port scanning with custom NSE scripts and service detection
- Rustscan - Ultra-fast port scanner with intelligent rate limiting
- Masscan - High-speed Internet-scale port scanning with banner grabbing
- AutoRecon - Comprehensive automated reconnaissance with 35+ parameters
- Amass - Advanced subdomain enumeration and OSINT gathering
- Subfinder - Fast passive subdomain discovery with multiple sources
- Fierce - DNS reconnaissance and zone transfer testing
- DNSEnum - DNS information gathering and subdomain brute forcing
- TheHarvester - Email and subdomain harvesting from multiple sources
- ARP-Scan - Network discovery using ARP requests
- NBTScan - NetBIOS name scanning and enumeration
- RPCClient - RPC enumeration and null session testing
- Enum4linux - SMB enumeration with user, group, and share discovery
- Enum4linux-ng - Advanced SMB enumeration with enhanced logging
- SMBMap - SMB share enumeration and exploitation
- Responder - LLMNR, NBT-NS and MDNS poisoner for credential harvesting
- NetExec - Network service exploitation framework (formerly CrackMapExec)
🌐 Web Application Security Testing (40+ Tools)
- Gobuster - Directory, file, and DNS enumeration with intelligent wordlists
- Dirsearch - Advanced directory and file discovery with enhanced logging
- Feroxbuster - Recursive content discovery with intelligent filtering
- FFuf - Fast web fuzzer with advanced filtering and parameter discovery
- Dirb - Comprehensive web content scanner with recursive scanning
- HTTPx - Fast HTTP probing and technology detection
- Katana - Next-generation crawling and spidering with JavaScript support
- Hakrawler - Fast web endpoint discovery and crawling
- Gau - Get All URLs from multiple sources (Wayback, Common Crawl, etc.)
- Waybackurls - Historical URL discovery from Wayback Machine
- Nuclei - Fast vulnerability scanner with 4000+ templates
- Nikto - Web server vulnerability scanner with comprehensive chec
README truncated. View full README on GitHub.
Alternatives
Related Skills
Browse all skillsUse when working with the OpenAI API (Responses API) or OpenAI platform features (tools, streaming, Realtime API, auth, models, rate limits, MCP) and you need authoritative, up-to-date documentation (schemas, examples, limits, edge cases). Prefer the OpenAI Developer Documentation MCP server tools when available; otherwise guide the user to enable `openaiDeveloperDocs`.
Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill packages against Agent Skills standards, or ensure your skills follow best practices.
Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication. Triggers: "azure-identity", "DeveloperToolsCredential", "authentication rust", "managed identity rust", "credential rust".
CCXT cryptocurrency exchange library for TypeScript and JavaScript developers (Node.js and browser). Covers both REST API (standard) and WebSocket API (real-time). Helps install CCXT, connect to exchanges, fetch market data, place orders, stream live tickers/orderbooks, handle authentication, and manage errors. Use when working with crypto exchanges in TypeScript/JavaScript projects, trading bots, arbitrage systems, or portfolio management tools. Includes both REST and WebSocket examples.
.NET/C# backend developer for ASP.NET Core APIs with Entity Framework Core. Builds REST APIs, minimal APIs, gRPC services, authentication with Identity/JWT, authorization, database operations, background services, SignalR real-time features. Activates for: .NET, C#, ASP.NET Core, Entity Framework Core, EF Core, .NET Core, minimal API, Web API, gRPC, authentication .NET, Identity, JWT .NET, authorization, LINQ, async/await C#, background service, IHostedService, SignalR, SQL Server, PostgreSQL .NET, dependency injection, middleware .NET.
Build full-stack applications with Supabase (PostgreSQL, Auth, Storage, Real-time, Edge Functions). Use when implementing authentication, database design with RLS, file storage, real-time features, or serverless functions.