PentQuiver Server
FreeNot checkedEnables AI assistants to search and resolve over 2,800 security commands with argument templates, allowing natural language interaction with a comprehensive com
About
Enables AI assistants to search and resolve over 2,800 security commands with argument templates, allowing natural language interaction with a comprehensive command library for penetration testing.
README

PentQuiver
A blazing-fast, cross-platform command library and cheat-sheet launcher for pentesters - TUI, CLI, HTTP API and MCP server in one.
Search 2,800+ security commands, fill in the arguments, and copy or run them - from your terminal, your scripts, or your AI assistant.
PyPI Python License: MIT Built with Textual Buy Me A Coffee

Legal notice / Aviso legal
PentQuiver is a command launcher intended solely for authorized security testing, CTF competitions and education.
You are fully responsible for how you use this tool. The author accepts no responsibility and assumes no liability for any misuse, damage, or illegal activity carried out with it. Only test systems that you own or for which you have explicit written permission.
El autor no se hace responsable del uso que se le de a esta herramienta.
This notice is also shown every time the TUI starts and must be accepted first.
Features
- Fuzzy search across 2,800+ commands / 240+ tools (recon, web, Active Directory, credential access, post-exploitation, forensics and more).
- Argument templates -
{{arg}}and{{arg|default}}with a live preview. - Four interfaces, one core: interactive TUI, scriptable CLI, an HTTP API, and an MCP server so AI assistants can query your library.
- Hexagonal architecture (ports and adapters) - clean, testable, extensible.
- Cross-platform - Linux, macOS, Windows, WSL. Pure Python, no OS-specific build constraints.
- Simple YAML cheat-sheets - bring your own, or use the bundled collection.
Install
pip install pentquiver # TUI + CLI
pip install "pentquiver[api]" # + HTTP API (FastAPI/uvicorn)
pip install "pentquiver[mcp]" # + MCP server
pip install "pentquiver[all]" # everything
On Linux, clipboard copy needs xclip or xsel (sudo apt install -y xclip).
Usage
pentquiver # launch the TUI (default)
pentquiver list nmap # print matching commands (id + name)
pentquiver show nmap/nmap-aggressive-scan
pentquiver api --port 8000 # serve the HTTP API
pentquiver mcp # serve the MCP server over stdio
pentquiver --info # project, author and support info
pentquiver --upgrade # update to the latest release via pip
pentquiver --version
TUI keys
| Key | Action |
|---|---|
/ |
focus search, Up/Down move, Enter open then fill args then Copy/Run |
c |
quick-copy the raw template, Esc clear / back |
u |
upgrade to the latest release, q quit |
CLI

HTTP API
pentquiver api # http://127.0.0.1:8000 (interactive docs at /docs)
curl 'localhost:8000/commands?q=nmap&limit=5'
curl -X POST localhost:8000/commands/nmap/nmap-aggressive-scan/resolve \
-H 'content-type: application/json' -d '{"values":{"target":"10.0.0.0/24"}}'

MCP (AI assistants)
Run it without installing using uv - the server is fetched and cached on first use:
{
"mcpServers": {
"pentquiver": {
"command": "uvx",
"args": ["--from", "pentquiver[mcp]", "pentquiver", "mcp"]
}
}
}
Or, if it is already installed (pip install "pentquiver[mcp]"):
{ "mcpServers": { "pentquiver": { "command": "pentquiver", "args": ["mcp"] } } }
Tools exposed: search_commands, list_sources, get_command,
get_arguments, resolve_command.

Architecture
Hexagonal (ports and adapters) - the domain and use cases never depend on I/O:
pentquiver/
domain/ entities + pure logic (Command, placeholders, fuzzy search)
application/ ports (interfaces) + use-case service (CommandLibrary)
adapters/
inbound/ tui, cli, api, mcp (driving)
outbound/ yaml, system(clipboard/exec) (driven)
config/ filesystem locations
container.py composition root (wires adapters into the service)
Swapping a data source or adding an interface means writing one adapter - the core stays untouched.
Cheat-sheet format
Drop .yml/.yaml files in your user directory:
- Linux/macOS:
~/.config/pentquiver/cheatsheets/ - Windows:
%APPDATA%\pentquiver\cheatsheets\ - or set
PENTQUIVER_HOMEto any directory, or pass-d PATH.
commands:
- name: Nmap - quick TCP scan
command: nmap -sV -sC -oA {{outfile|scan}} {{target}}
description: Service/version detection with default scripts.
tags: [nmap, scan, recon]
Both the native shape above and the tool/actions shape are auto-detected.
The large bundled collection under pentquiver/cheatsheets/vendor/ is redistributed
under the MIT license - see THIRD-PARTY-NOTICES.md.
Author and support
Built by Eduardo González - www.edggdev.cloud
PRs and new cheat-sheets welcome. If PentQuiver saves you time, you can support it:
License
PentQuiver's own code is MIT. Bundled cheat-sheet data keeps its upstream MIT license (see THIRD-PARTY-NOTICES.md). Use responsibly.
Install PentQuiver Server in Claude Desktop, Claude Code & Cursor
unyly install pentquiver-mcp-serverInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add pentquiver-mcp-server -- uvx pentquiverFAQ
Is PentQuiver Server MCP free?
Yes, PentQuiver Server MCP is free — one-click install via Unyly at no cost.
Does PentQuiver Server need an API key?
No, PentQuiver Server runs without API keys or environment variables.
Is PentQuiver Server hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install PentQuiver Server in Claude Desktop, Claude Code or Cursor?
Open PentQuiver Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
by modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
by xuzexin-hzCompare PentQuiver Server with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All ai MCPs
