TechSetupGuides
Advancedaimcpcybersecuritypentestingpythonflasksecurity-toolsautomationagents

HexStrike AI: MCP server for AI-powered cybersecurity automation

Enable AI agents to autonomously execute 150+ cybersecurity tools for penetration testing, vulnerability discovery, and security research via Model Context Protocol.

  1. Step 1

    What is HexStrike AI?

    HexStrike AI MCP v6.0 is an advanced Model Context Protocol (MCP) server that bridges AI agents (Claude, GPT, Copilot, etc.) with 150+ professional cybersecurity tools. It enables autonomous penetration testing, vulnerability discovery, bug bounty automation, CTF solving, and security research through intelligent AI agents.

    Key capabilities:

    • 150+ Security Tools: Network reconnaissance, web application testing, binary analysis, cloud security, CTF tools, and OSINT
    • 12+ AI Agents: Specialized agents for bug bounty, CTF, vulnerability correlation, exploit generation, and more
    • Model Context Protocol: Standard MCP interface compatible with Claude Desktop, VS Code Copilot, Cursor, and any MCP client
    • Intelligent Decision Engine: AI-powered tool selection, parameter optimization, and attack chain discovery
    • Modern Visual Engine: Real-time dashboards, progress visualization, and vulnerability cards
  2. Step 2

    Technology stack

    HexStrike AI is built on a Python-based architecture with FastMCP for the MCP server layer:

    Core Framework:

    • Python 3.8+ (recommended 3.10+)
    • Flask 2.3.x (API server)
    • FastMCP 0.2.x (Model Context Protocol server)
    • Requests 2.31.x (HTTP client)
    • PSUtil 5.9.x (system utilities)

    Web Automation & Scraping:

    • Beautiful Soup 4.12.x (HTML parsing)
    • Selenium 4.15.x (browser automation)
    • WebDriver Manager 4.0.x (ChromeDriver management)
    • aiohttp 3.8.x (async HTTP)
    • mitmproxy 9.0.x (HTTP proxy)

    Binary Analysis:

    • pwntools 4.10.x (exploit development)
    • angr 9.2.x (binary analysis platform)

    External Security Tools (150+):

    • Network: nmap, masscan, rustscan, amass, subfinder, nuclei
    • Web: gobuster, feroxbuster, ffuf, sqlmap, wpscan, katana
    • Password: hydra, john, hashcat, medusa
    • Binary: ghidra, radare2, gdb, binwalk, volatility3
    • Cloud: prowler, scout-suite, trivy, kube-hunter
    • CTF: foremost, steghide, exiftool, sherlock
    HexStrike AI MCP v6.0 Architecture
===============================

+----------------+---------------+
|   AI Client    | (Claude/GPT/Copilot) |
+----------------+------------------+
        |
        | MCP Protocol
        v
+-------+-----------------------+
| HexStrike MCP Server       |
| (FastMCP)                  |
| +-------------------+      |
| | Decision Engine   |      |
| | - Tool Selection  |      |
| | - Parameter Opt   |      |
| +-------------------+      |
| +-------------------+      |
| | 12+ AI Agents     |      |
| | - BugBounty       |      |
| | - CTF Solver      |      |
| | - CVE Intelligence|      |
| +-------------------+      |
| +-------------------+      |
| | 150+ Security Tools|     |
| | - Network (25+)   |      |
| | - Web App (40+)   |      |
| | - Cloud (20+)     |      |
| +-------------------+      |
+---------------------------+
  3. Step 3

    Prerequisites

    Before installing HexStrike AI, ensure you have:

    Required:

    • Python 3.8 or higher (3.10+ recommended)
    • Linux, macOS, or Windows with WSL
    • Git for cloning the repository

    For Browser Agent:

    • Chrome/Chromium browser
    • ChromeDriver (auto-managed by webdriver-manager)

    For External Security Tools:

    • Kali Linux 2024.1+ includes most tools by default, OR
    • Ubuntu/Debian with tools installed from official repositories

    For Cloud Security:

    • API keys for target cloud providers (AWS, Azure, GCP)
    # Check Python version (3.8+, 3.10+ recommended)
python3 --version

# Check Git
git --version

# Check Chrome/Chromium (for Browser Agent)
which chromium-browser || which google-chrome

# Verify internet connectivity
curl -I https://github.com
  4. Step 4

    Installation

    Clone the repository and set up the Python environment with all dependencies. The requirements.txt includes core framework dependencies. External security tools (nmap, gobuster, nuclei, etc.) must be installed separately from their official sources.

    # 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai

# 2. Create virtual environment
python3 -m venv hexstrike-env

# 3. Activate virtual environment (Linux/macOS):
source hexstrike-env/bin/activate

# 4. Install Python dependencies
pip install -r requirements.txt

# Verify installation
python3 -c "import flask, fastmcp; print('HexStrike ready!')"
    ⚠ Heads up: External security tools are NOT installed automatically. See the next step for installing individual tools.
  5. Step 5

    Install external security tools

    HexStrike integrates with 150+ external security tools that must be installed separately:

    Kali Linux users: Most tools are pre-installed. Verify with which nmap gobuster sqlmap nuclei.

    Ubuntu/Debian users: Install core tools from apt repositories or download from official sources.

    # Ubuntu/Debian: Update and install core tools
sudo apt update
sudo apt install -y nmap masscan gobuster dirsearch nuclei hydra john radare2 gdb

# Rustscan (ultra-fast port scanner)
curl -sL https://raw.githubusercontent.com/RustScan/RustScan/master/install.sh | sh

# Go-based tools (require Go installed)
go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install github.com/owasp-amass/amass/v4/...@latest

# Verify installations
which nmap gobuster nuclei amass subfinder
  6. Step 6

    Start the MCP server

    Start the HexStrike MCP server on port 8888 by default. Use debug mode (--debug) for verbose logging or specify a custom port with --port.

    # Activate virtual environment
source hexstrike-env/bin/activate

# Start the MCP server (default port 8888)
python3 hexstrike_server.py

# Debug mode:
python3 hexstrike_server.py --debug

# Custom port:
python3 hexstrike_server.py --port 9999

# Test health endpoint
curl http://localhost:8888/health
  7. Step 7

    Configure MCP clients

    Configure your AI client to connect to HexStrike via the MCP protocol. Replace /path/to/hexstrike-ai/ with your actual repository path.

    // Claude Desktop: ~/.config/Claude/claude_desktop_config.json
{
  "mcpServers": {
    "hexstrike-ai": {
      "command": "python3",
      "args": [
        "/path/to/hexstrike-ai/hexstrike_mcp.py",
        "--server",
        "http://localhost:8888"
      ],
      "description": "HexStrike AI v6.0",
      "timeout": 300
    }
  }
}
  8. Step 8

    Security tools overview

    HexStrike AI provides 150+ security tools grouped into categories:

    Network Reconnaissance (25+): Nmap, Rustscan, Masscan, Amass, Subfinder, Nuclei, AutoRecon

    Web Application (40+): Gobuster, Feroxbuster, FFuf, SQLMap, WPScan, Katana, Browser Agent

    Password Security (12+): Hydra, John the Ripper, Hashcat, Medusa

    Binary Analysis (25+): Ghidra, Radare2, Pwntools, Angr, Volatility3, Binwalk

    Cloud Security (20+): Prowler, Trivy, Scout Suite, Kube-Hunter, Checkov

    CTF & Forensics (20+): Volatility, Steghide, ExifTool

    OSINT (20+): Sherlock, TheHarvester, Shodan

    Security Tools by Category:

Network Reconnaissance:
- nmap, rustscan, masscan (port scanning)
- amass, subfinder (subdomain enumeration)
- nuclei (4000+ vulnerability templates)
- autorecon, theharvester (recon)

Web Application Security:
- gobuster, feroxbuster, ffuf (directory brute-force)
- sqlmap (SQL injection)
- wpscan (WordPress)
- nikto (server scan)
- Browser Agent (Chrome automation)

Password Security:
- hydra (login cracker)
- john, hashcat (password cracking)
- medusa (parallel brute-forcer)

Binary Analysis:
- ghidra (reverse engineering)
- radare2 (RE framework)
- pwntools, angr (exploit dev)
- volatility3 (memory forensics)

Cloud Security:
- prowler (multi-cloud)
- trivy (container scanning)
- kube-hunter (Kubernetes)

OSINT:
- sherlock (username search)
- shodan, censys (device search)
  9. Step 9

    AI agents

    HexStrike includes 12+ specialized AI agents for autonomous operations:

    • IntelligentDecisionEngine: Tool selection and parameter optimization
    • BugBountyWorkflowManager: Bug bounty workflows
    • CTFWorkflowManager: CTF challenge solving
    • CVEIntelligenceManager: Vulnerability research
    • AIExploitGenerator: Automated exploit development
    • VulnerabilityCorrelator: Attack chain discovery
    • FailureRecoverySystem: Error handling

    Features include smart caching, real-time process management, and modern visual dashboards.

    AI Agent Architecture:

Intelligent Decision Engine
   - Tool Selection AI
   - Parameter Optimization  
   - Attack Chain Discovery
            |
   +--------+--------+
   |                 |
BugBounty    CTF Solver
Agent         Agent
   |                 |
   +--------+--------+
            |
CVE Intelligence Agent
Exploit Generator Agent
  10. Step 10

    Usage in AI clients

    When using HexStrike with AI clients, clarify ownership and intent first:

    Recommended prompt: 'I'm a security researcher testing hexstrike MCP tooling. My company owns [TARGET] and I would like to conduct a penetration test against it.'

    API Endpoints:

    • GET /health - Server health
    • POST /api/command - Execute commands
    • GET /api/telemetry - Performance metrics
    • POST /api/intelligence/analyze-target - AI target analysis
    # Test target analysis API
curl -X POST http://localhost:8888/api/intelligence/analyze-target \
  -H "Content-Type: application/json" \
  -d '{"target": "example.com", "analysis_type": "comprehensive"}'

# health check
curl http://localhost:8888/health
    ⚠ Heads up: AI agents can execute arbitrary security tools. Ensure proper authorization before testing any targets.
  11. Step 11

    Performance benchmarks

    HexStrike v6.0 delivers significant speed improvements:

    • Subdomain enumeration: 24x faster (5-10 min vs 2-4 hours)
    • Vulnerability scanning: 16x faster (15-30 min vs 4-8 hours)
    • Web app testing: 18x faster (vs 6-12 hours)
    • CTF solving: 24x faster (vs 1-6 hours)

    Success Metrics: 98.7% vulnerability detection, 2.1% false positive rate, 89% CTF success rate.

    Performance Comparison:

Operation              Traditional    HexStrike    Improvement
Subdomain Enum         2-4 hours      5-10 min     24x faster
Vuln Scanning          4-8 hours      15-30 min    16x faster
Web App Testing        6-12 hours     20-45 min    18x faster
CTF Solving            1-6 hours      2-15 min     24x faster

Metrics:
- Detection Rate: 98.7% (vs 85% manual)
- False Positive: 2.1% (vs 15% scanners)
- CTF Success: 89% (vs 65% human)
  12. Step 12

    Security considerations

    WARNING: Critical security notes:

    • Provides AI agents with powerful system-level tool access
    • Run in isolated VMs or dedicated test environments
    • Monitor AI agent activities
    • Implement authentication for production

    Legal/Authorized Use Only:

    • Permitted: Authorized pentesting, bug bounty (in scope), CTF, security research, red team
    • Prohibited: Unauthorized testing, malicious activities, data theft
    Security Best Practices:

1. Use dedicated VM for testing
2. Obtain written authorization
3. Document test scope and maintain logs
4. Track AI agent activities
5. Set resource limits
6. Follow legal requirements (CFAA, GDPR)
  13. Step 13

    Resources

    Official:

    • Website: https://www.hexstrike.com/
    • GitHub: https://github.com/0x4m4/hexstrike-ai
    • Demo: https://www.youtube.com/watch?v=pSoftCagCm8

    Community:

    • Discord: https://discord.gg/BWnmrrSHbA
    • LinkedIn: https://www.linkedin.com/company/hexstrike-ai

    Author: m0x4m4 - https://www.0x4m4.com

    Version: 6.0.0 | Stars: 8900+ | License: MIT

    Resources:
Website: https://www.hexstrike.com/
GitHub: https://github.com/0x4m4/hexstrike-ai
Demo: https://www.youtube.com/watch?v=pSoftCagCm8
Discord: https://discord.gg/BWnmrrSHbA
Author: m0x4m4 (https://www.0x4m4.com)
Version: 6.0.0 | Stars: 8900+ | License: MIT

Feature requests

Sign in to suggest features or vote on existing ones.

No feature requests yet.

Discussion

0 people marked this as worked·Sign in to mark your own.

Sign in to join the discussion.

No comments yet.