AI-powered red team MCP agent exposes 74+ offensive security tools
Ans.inayat built an open-source MCP platform that gives Claude/Cursor access to 74+ offensive security tools — including Nmap, BloodHound, Impacket, and EAPHammer — with a FastAPI dashboard and scope guardrails for authorized assessments.
Score breakdown
Security practitioners can use this platform to orchestrate complex, multi-tool red team workflows through a single MCP-compatible AI client like Claude or Cursor, with built-in scope enforcement to keep authorized assessments within bounds.
- 01Integrates 74+ offensive security tools including Nmap, BloodHound, Impacket, and EAPHammer
- 02MCP server communicates over stdio and exposes helper actions: `set_scope`, `search_tools`, and `generate_payload`
- 03FastAPI dashboard provides REST endpoints, WebSocket terminal streaming, and optional Anthropic-backed AI chat
Ans.inayat released an open-source MCP platform designed for authorized offensive security workflows, giving MCP-compatible clients like Claude and Cursor programmatic access to 74+ security tools including Nmap, BloodHound, Impacket, and EAPHammer. The server component (`mcp_server/mcp_server.py`) communicates over stdio and exposes registry-defined tools alongside helper actions such as `set_scope`, `search_tools`, and `generate_payload`.
The platform pairs the MCP server with a FastAPI application that provides a browser-based dashboard, REST endpoints, and real-time WebSocket terminal streaming.
The platform pairs the MCP server with a FastAPI application that provides a browser-based dashboard, REST endpoints, and real-time WebSocket terminal streaming. An optional Anthropic-backed AI chat interface is also included. All commands execute locally, with outputs written to `reports/`, payloads stored in `payloads/`, and activity captured in `logs/`. Scope guardrails are built in to block execution against targets outside a defined assessment scope.
Setup involves cloning the `ans-inayat/offensive-sec-mcp` repository, creating a Python virtual environment, installing dependencies via `requirements.txt`, running `install_tools.sh` to provision the offensive tooling, and setting an `ANTHROPIC_API_KEY` environment variable before launching via `start.sh`.
Key facts
- 01Integrates 74+ offensive security tools including Nmap, BloodHound, Impacket, and EAPHammer
- 02MCP server communicates over stdio and exposes helper actions: `set_scope`, `search_tools`, and `generate_payload`
- 03FastAPI dashboard provides REST endpoints, WebSocket terminal streaming, and optional Anthropic-backed AI chat
- 04Scope guardrails are included to block execution against out-of-scope targets
- 05Outputs are written to `reports/`, payloads to `payloads/`, and audit logs to `logs/`
- 06Project is open source, available at `ans-inayat/offensive-sec-mcp` on GitHub