MCPcopy Index your code
hub / github.com/0x4m4/hexstrike-ai

github.com/0x4m4/hexstrike-ai @main sqlite

repository ↗ · DeepWiki ↗
810 symbols 1,956 edges 2 files 614 documented · 76%
README

HexStrike AI Logo

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

Python License Security MCP Version Tools Agents Stars

Advanced AI-powered penetration testing MCP framework with 150+ security tools and 12+ autonomous AI agents

📋 What's New🏗️ Architecture🚀 Installation🛠️ Features🤖 AI Agents📡 API Reference


Follow Our Social Accounts

Join our Discord    Follow us on LinkedIn


Architecture Overview

HexStrike AI MCP v6.0 features a multi-agent architecture with autonomous AI agents, intelligent decision-making, and vulnerability intelligence.

%%{init: {"themeVariables": {
  "primaryColor": "#b71c1c",
  "secondaryColor": "#ff5252",
  "tertiaryColor": "#ff8a80",
  "background": "#2d0000",
  "edgeLabelBackground":"#b71c1c",
  "fontFamily": "monospace",
  "fontSize": "16px",
  "fontColor": "#fffde7",
  "nodeTextColor": "#fffde7"
}}}%%
graph TD
    A[AI Agent - Claude/GPT/Copilot] -->|MCP Protocol| B[HexStrike MCP Server v6.0]

    B --> C[Intelligent Decision Engine]
    B --> D[12+ Autonomous AI Agents]
    B --> E[Modern Visual Engine]

    C --> F[Tool Selection AI]
    C --> G[Parameter Optimization]
    C --> H[Attack Chain Discovery]

    D --> I[BugBounty Agent]
    D --> J[CTF Solver Agent]
    D --> K[CVE Intelligence Agent]
    D --> L[Exploit Generator Agent]

    E --> M[Real-time Dashboards]
    E --> N[Progress Visualization]
    E --> O[Vulnerability Cards]

    B --> P[150+ Security Tools]
    P --> Q[Network Tools - 25+]
    P --> R[Web App Tools - 40+]
    P --> S[Cloud Tools - 20+]
    P --> T[Binary Tools - 25+]
    P --> U[CTF Tools - 20+]
    P --> V[OSINT Tools - 20+]

    B --> W[Advanced Process Management]
    W --> X[Smart Caching]
    W --> Y[Resource Optimization]
    W --> Z[Error Recovery]

    style A fill:#b71c1c,stroke:#ff5252,stroke-width:3px,color:#fffde7
    style B fill:#ff5252,stroke:#b71c1c,stroke-width:4px,color:#fffde7
    style C fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
    style D fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
    style E fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7

How It Works

  1. AI Agent Connection - Claude, GPT, or other MCP-compatible agents connect via FastMCP protocol
  2. Intelligent Analysis - Decision engine analyzes targets and selects optimal testing strategies
  3. Autonomous Execution - AI agents execute comprehensive security assessments
  4. Real-time Adaptation - System adapts based on results and discovered vulnerabilities
  5. Advanced Reporting - Visual output with vulnerability cards and risk analysis

Installation

Quick Setup to Run the hexstrike MCPs Server

# 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai

# 2. Create virtual environment
python3 -m venv hexstrike-env
source hexstrike-env/bin/activate  # Linux/Mac
# hexstrike-env\Scripts\activate   # Windows

# 3. Install Python dependencies
pip3 install -r requirements.txt

Installation and Setting Up Guide for various AI Clients:

Installation & Demo Video

Watch the full installation and setup walkthrough here: YouTube - HexStrike AI Installation & Demo

Supported AI Clients for Running & Integration

You can install and run HexStrike AI MCPs with various AI clients, including:

  • 5ire (Latest version v0.14.0 not supported for now)
  • VS Code Copilot
  • Roo Code
  • Cursor
  • Claude Desktop
  • Any MCP-compatible agent

Refer to the video above for step-by-step instructions and integration examples for these platforms.

Install Security Tools

Core Tools (Essential):

# Network & Reconnaissance
nmap masscan rustscan amass subfinder nuclei fierce dnsenum
autorecon theharvester responder netexec enum4linux-ng

# Web Application Security
gobuster feroxbuster dirsearch ffuf dirb httpx katana
nikto sqlmap wpscan arjun paramspider dalfox wafw00f

# Password & Authentication
hydra john hashcat medusa patator crackmapexec
evil-winrm hash-identifier ophcrack

# Binary Analysis & Reverse Engineering
gdb radare2 binwalk ghidra checksec strings objdump
volatility3 foremost steghide exiftool

Cloud Security Tools:

prowler scout-suite trivy
kube-hunter kube-bench docker-bench-security

Browser Agent Requirements:

# Chrome/Chromium for Browser Agent
sudo apt install chromium-browser chromium-chromedriver
# OR install Google Chrome
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" | sudo tee /etc/apt/sources.list.d/google-chrome.list
sudo apt update && sudo apt install google-chrome-stable

Start the Server

# Start the MCP server
python3 hexstrike_server.py

# Optional: Start with debug mode
python3 hexstrike_server.py --debug

# Optional: Custom port configuration
python3 hexstrike_server.py --port 8888

Verify Installation

# Test server health
curl http://localhost:8888/health

# Test AI agent capabilities
curl -X POST http://localhost:8888/api/intelligence/analyze-target \
  -H "Content-Type: application/json" \
  -d '{"target": "example.com", "analysis_type": "comprehensive"}'

AI Client Integration Setup

Claude Desktop Integration or Cursor

Edit ~/.config/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "hexstrike-ai": {
      "command": "python3",
      "args": [
        "/path/to/hexstrike-ai/hexstrike_mcp.py",
        "--server",
        "http://localhost:8888"
      ],
      "description": "HexStrike AI v6.0 - Advanced Cybersecurity Automation Platform",
      "timeout": 300,
      "disabled": false
    }
  }
}

VS Code Copilot Integration

Configure VS Code settings in .vscode/settings.json:

{
  "servers": {
    "hexstrike": {
      "type": "stdio",
      "command": "python3",
      "args": [
        "/path/to/hexstrike-ai/hexstrike_mcp.py",
        "--server",
        "http://localhost:8888"
      ]
    }
  },
  "inputs": []
}

Features

Security Tools Arsenal

150+ Professional Security Tools:

🔍 Network Reconnaissance & Scanning (25+ Tools)

  • Nmap - Advanced port scanning with custom NSE scripts and service detection
  • Rustscan - Ultra-fast port scanner with intelligent rate limiting
  • Masscan - High-speed Internet-scale port scanning with banner grabbing
  • AutoRecon - Comprehensive automated reconnaissance with 35+ parameters
  • Amass - Advanced subdomain enumeration and OSINT gathering
  • Subfinder - Fast passive subdomain discovery with multiple sources
  • Fierce - DNS reconnaissance and zone transfer testing
  • DNSEnum - DNS information gathering and subdomain brute forcing
  • TheHarvester - Email and subdomain harvesting from multiple sources
  • ARP-Scan - Network discovery using ARP requests
  • NBTScan - NetBIOS name scanning and enumeration
  • RPCClient - RPC enumeration and null session testing
  • Enum4linux - SMB enumeration with user, group, and share discovery
  • Enum4linux-ng - Advanced SMB enumeration with enhanced logging
  • SMBMap - SMB share enumeration and exploitation
  • Responder - LLMNR, NBT-NS and MDNS poisoner for credential harvesting
  • NetExec - Network service exploitation framework (formerly CrackMapExec)

🌐 Web Application Security Testing (40+ Tools)

  • Gobuster - Directory, file, and DNS enumeration with intelligent wordlists
  • Dirsearch - Advanced directory and file discovery with enhanced logging
  • Feroxbuster - Recursive content discovery with intelligent filtering
  • FFuf - Fast web fuzzer with advanced filtering and parameter discovery
  • Dirb - Comprehensive web content scanner with recursive scanning
  • HTTPx - Fast HTTP probing and technology detection
  • Katana - Next-generation crawling and spidering with JavaScript support
  • Hakrawler - Fast web endpoint discovery and crawling
  • Gau - Get All URLs from multiple sources (Wayback, Common Crawl, etc.)
  • Waybackurls - Historical URL discovery from Wayback Machine
  • Nuclei - Fast vulnerability scanner with 4000+ templates
  • Nikto - Web server vulnerability scanner with comprehensive checks
  • SQLMap - Advanced automatic SQL injection testing with tamper scripts
  • WPScan - WordPress security scanner with vulnerability database
  • Arjun - HTTP parameter discovery with intelligent fuzzing
  • ParamSpider - Parameter mining from web archives
  • X8 - Hidden parameter discovery with advanced techniques
  • Jaeles - Advanced vulnerability scanning with custom signatures
  • Dalfox - Advanced XSS vulnerability scanning with DOM analysis
  • Wafw00f - Web application firewall fingerprinting
  • TestSSL - SSL/TLS configuration testing and vulnerability assessment
  • SSLScan - SSL/TLS cipher suite enumeration
  • SSLyze - Fast and comprehensive SSL/TLS configuration analyzer
  • Anew - Append new lines to files for efficient data processing
  • QSReplace - Query string parameter replacement for systematic testing
  • Uro - URL filtering and deduplication for efficient testing
  • Whatweb - Web technology identification with fingerprinting
  • JWT-Tool - JSON Web Token testing with algorithm confusion
  • GraphQL-Voyager - GraphQL schema exploration and introspection testing
  • Burp Suite Extensions - Custom extensions for advanced web testing
  • ZAP Proxy - OWASP ZAP integration for automated security scanning
  • Wfuzz - Web application fuzzer with advanced payload generation
  • Commix - Command injection exploitation tool with automated detection
  • NoSQLMap - NoSQL injection testing for MongoDB, CouchDB, etc.
  • Tplmap - Server-side template injection exploitation tool

🌐 Advanced Browser Agent: - Headless Chrome Automation - Full Chrome browser automation with Selenium - Screenshot Capture - Automated screenshot generation for visual inspection - DOM Analysis - Deep DOM tree analysis and JavaScript execution monitoring - Network Traffic Monitoring - Real-time network request/response logging - Security Header Analysis - Comprehensive security header validation - Form Detection & Analysis - Automatic form discovery and input field analysis - JavaScript Execution - Dynamic content analysis with full JavaScript support - Proxy Integration - Seamless integration with Burp Suite and other proxies - Multi-page Crawling - Intelligent web application spidering and mapping - Performance Metrics - Page load times, resource usage, and optimization insights

🔐 Authentication & Password Security (12+ Tools)

  • Hydra - Network login cracker supporting 50+ protocols
  • John the Ripper - Advanced password hash cracking with custom rules
  • Hashcat - World's fastest password recovery tool with GPU acceleration
  • Medusa - Speedy, parallel, modular login brute-forcer
  • Patator - Multi-purpose brute-forcer with advanced modules
  • NetExec - Swiss army knife for pentesting networks
  • SMBMap - SMB share enumeration and exploitation tool
  • Evil-WinRM - Windows Remote Management shell with PowerShell integration
  • Hash-Identifier - Hash type identification tool
  • HashID - Advanced hash algorithm identifier with confidence scoring
  • CrackStation - Online hash lookup integration
  • Ophcrack - Windows password cracker using rainbow tables

🔬 Binary Analysis & Reverse Engineering (25+ Tools)

  • GDB - GNU Debugger with Python scripting and exploit development support
  • GDB-PEDA - Python Exploit Development Assistance for GDB
  • GDB-GEF - GDB Enhanced Features for exploit development
  • Radare2 - Advanced reverse engineering framework with comprehensive analysis
  • Ghidra - NSA's software reverse engineering suite with headless analysis
  • IDA Free - Interactive disassembler with advanced analysis capabilities
  • Binary Ninja - Commercial reverse engineering platform
  • Binwalk - Firmware analysis and extraction tool with recursive extraction
  • ROPgadget - ROP/JOP gadget finder with adva

Core symbols most depended-on inside this repo

get
called by 1407
hexstrike_server.py
safe_post
called by 142
hexstrike_mcp.py
execute_command
called by 111
hexstrike_server.py
format_tool_status
called by 14
hexstrike_server.py
format_error_card
called by 10
hexstrike_server.py
safe_get
called by 10
hexstrike_mcp.py
to_dict
called by 9
hexstrike_server.py
get_stats
called by 7
hexstrike_server.py

Shape

Function 331
Method 276
Route 156
Class 47

Languages

Python100%

Modules by API surface

hexstrike_server.py648 symbols
hexstrike_mcp.py162 symbols

Dependencies from manifests, versioned

aiohttp3.8.0 · 1×
angr9.2.0 · 1×
bcrypt4.0.1 · 1×
beautifulsoup44.12.0 · 1×
fastmcp0.2.0 · 1×
flask2.3.0 · 1×
mitmproxy9.0.0 · 1×
psutil5.9.0 · 1×
pwntools4.10.0 · 1×
requests2.31.0 · 1×
selenium4.15.0 · 1×
webdriver-manager4.0.0 · 1×

For agents

$ claude mcp add hexstrike-ai \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact