Hacktricks Mcp Server
БесплатноНе проверенMCP server for searching HackTricks documentation
Описание
MCP server for searching HackTricks documentation
README
MCP (Model Context Protocol) server for searching and querying HackTricks pentesting documentation directly from Claude.
Features
- Quick lookup - One-shot exploitation info with alias support (sqli, xss, ssrf, etc.)
- Grouped search results - Results aggregated by file with match count, title, and relevant sections
- Page outline - Quick table of contents to identify relevant sections
- Section extraction - Read specific sections instead of full pages (token-efficient)
- Cheatsheet mode - Extract only code blocks/commands from pages
- Category browsing - Discover available topics and file paths
- Fast grep search - Uses ripgrep for instant results
- Security hardened - Protection against command injection and path traversal
Quick Start
Installation
npm install -g hacktricks-mcp-server
The postinstall script automatically clones the HackTricks repository (~2 minutes on first install).
Configure Claude Desktop
Add to your Claude settings (~/.claude/settings.json):
{
"mcpServers": {
"hacktricks": {
"command": "npx",
"args": ["hacktricks-mcp-server"]
}
}
}
Restart Claude Desktop and try: "Search HackTricks for SQL injection"
Alternative: Install from Source
git clone https://github.com/Xplo8E/hacktricks-mcp-server.git
cd hacktricks-mcp-server
git submodule update --init --recursive
npm install
npm run build
Configuration for source install:
{
"mcpServers": {
"hacktricks": {
"command": "node",
"args": ["/absolute/path/to/hacktricks-mcp-server/dist/index.js"]
}
}
}
Usage Examples
Once configured in Claude Desktop, you can ask:
- "Search HackTricks for SQL injection techniques"
- "Give me SUID privilege escalation commands"
- "Show me XSS payloads"
- "List all pentesting categories in HackTricks"
- "How do I exploit XXE vulnerabilities?"
The server provides 7 specialized tools for efficient HackTricks searching.
Available Tools
hacktricks_quick_lookup
⚡ One-shot exploitation lookup. Searches, finds best page, and returns exploitation sections + code blocks in one call.
Parameters:
topic(string, required): Attack/technique to look up (e.g., 'SUID', 'sqli', 'xss', 'docker escape')category(string, optional): Category filter for faster results
Supported aliases: sqli, xss, rce, lfi, rfi, ssrf, csrf, xxe, ssti, idor, jwt, suid, privesc
Example:
hacktricks_quick_lookup("SSRF", category="pentesting-web")
Benefits: Reduces 3+ tool calls to 1 for "how do I exploit X" questions.
search_hacktricks
Search through HackTricks documentation. Returns results GROUPED BY FILE with match count, page title, and relevant section headers.
Parameters:
query(string, required): Search term or regex patterncategory(string, optional): Filter to specific category (e.g., 'pentesting-web')limit(number, optional): Max grouped results (default: 20)
Example output:
Found matches in 5 files for: "SUID"
────────────────────────────────────────────────────────────
📄 **Linux Privilege Escalation**
Path: src/linux-hardening/privilege-escalation/README.md
Matches: 12
Sections: SUID Binaries | Finding SUID | GTFOBins
Preview:
L45: Find files with SUID bit set...
L78: Common SUID exploitation techniques...
────────────────────────────────────────────────────────────
get_hacktricks_outline
Get the table of contents of a page (all section headers). Use this BEFORE reading full pages to understand structure.
Parameters:
path(string): Relative path to markdown file
Example output:
# Linux Privilege Escalation
## Enumeration
### System Information
### Network
## SUID Binaries
### Finding SUID Files
### Exploiting SUID
## Capabilities
Benefits: See page structure in ~20 lines vs reading 500+ lines.
get_hacktricks_section
Extract a specific section from a page by header name. Much more efficient than reading the full page.
Parameters:
path(string): Relative path to markdown filesection(string): Section header to extract (partial match, case-insensitive)
Example:
get_hacktricks_section("src/linux-hardening/privilege-escalation/README.md", "SUID")
Benefits: Read just "SUID Binaries" section (~200 tokens) instead of entire page (~3000 tokens).
get_hacktricks_cheatsheet
Extract only code blocks from a page. Perfect when you just need commands, payloads, or examples.
Parameters:
path(string): Relative path to markdown file
Example output:
find / -perm -4000 2>/dev/null
./vulnerable_suid -p
Benefits: Skip explanatory text when you just need "give me the command".
get_hacktricks_page
Get full content of a HackTricks page.
Parameters:
path(string): Relative path to markdown file
Warning: Pages can be very long (3000+ tokens). Consider using get_hacktricks_outline + get_hacktricks_section instead.
list_hacktricks_categories
List categories and their contents.
Parameters:
category(string, optional): Category to expand
Without category: Lists top-level categories With category: Shows full directory tree with file paths
Efficient Usage Pattern
For optimal token usage, Claude should:
- Search with category filter → Get grouped results with context
- Get outline of relevant page → See structure before reading
- Extract specific section → Read only what's needed
- Get cheatsheet → Quick command reference
Before (inefficient):
search_hacktricks("SUID") → 50 raw lines
get_page(file1) → 3000 tokens
get_page(file2) → 2500 tokens
Total: ~5500 tokens, 3 calls
After (efficient):
search_hacktricks("SUID", category="linux-hardening") → Grouped results
get_outline(best_match) → 20 lines
get_section(best_match, "SUID") → 200 tokens
Total: ~400 tokens, 3 calls
Requirements
- Node.js (v18 or higher)
- ripgrep (
rg) - usually pre-installed on macOS/Linux - Bun (for package management)
Development
Watch mode:
bun run dev
Test locally:
bun run start
Contributing
Contributions are welcome! If you'd like to improve the server:
- Fork the repository
- Create a feature branch (
git checkout -b feature/improvement) - Make your changes and test locally
- Submit a pull request
Please ensure your PR includes tests for new features and maintains the existing code style.
License
MIT
Credits
- HackTricks by Carlos Polop
- Built with Model Context Protocol SDK
Установить Hacktricks Mcp Server в Claude Desktop, Claude Code, Cursor
unyly install hacktricks-mcp-serverСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add hacktricks-mcp-server -- npx -y hacktricks-mcp-serverFAQ
Hacktricks Mcp Server MCP бесплатный?
Да, Hacktricks Mcp Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Hacktricks Mcp Server?
Нет, Hacktricks Mcp Server работает без API-ключей и переменных окружения.
Hacktricks Mcp Server — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Hacktricks Mcp Server в Claude Desktop, Claude Code или Cursor?
Открой Hacktricks Mcp Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Hacktricks Mcp Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
