Skip to main content

MCP server for Nobody AI Pentest Engine v2 — real tool execution (nmap, httpx, CVE APIs) via Claude Code

Project description

Nobody Pentest MCP Server v2

MCP server yang menghubungkan Claude Code dengan Nobody AI Pentest Engine. v2: Real tool execution -- tools dijalankan secara lokal, bukan hanya prompt ke API.

Features

Real Executors (lokal, tidak perlu API)

  • port_scan: nmap port scan + service detection + vuln suggestions
  • web_audit: technology detection, security headers, misconfigs, dir enumeration, SQLi/XSS indicators
  • cve_search: CVE databases (NIST NVD + circl.lu) + exploit references
  • payload_gen: reverse shell, bind shell, web shell, SQLi, XSS, command injection templates

AI-Based (via Nobody API)

  • exploit_gen: AI-generated exploit code
  • code_audit: AI-powered SAST
  • report: AI-formatted pentest report
  • custom: AI general pentest

Quick Setup

Install (Recommended)

pip install nobody-pentest-mcp

Add to Claude Code

# First, find where nobody-pentest-mcp is installed
python -c "import nobody_pentest_mcp.server; print(nobody_pentest_mcp.server.__file__)"
# Output: C:\...\Lib\site-packages\nobody_pentest_mcp\server.py

# Then add to Claude Code using the full path
claude mcp add nobody-pentest -- python "C:\...\Lib\site-packages\nobody_pentest_mcp\server.py"

# Using your own API key (for external endpoints)
claude mcp add nobody-pentest -e NOBODY_API_KEY=sk-nobody-xxx -- python "C:\...\Lib\site-packages\nobody_pentest_mcp\server.py"

Note: Claude Code does not support python -m syntax. Use full path to server.py instead.

Manual Setup

# Install dependencies
pip install mcp httpx python-nmap

# Run server
python -m nobody_pentest_mcp.server

Requirements

  • Python 3.10+
  • nmap (for port scanning) -- https://nmap.org/download.html
  • mcp pip package
  • httpx pip package
  • python-nmap pip package (optional, nmap CLI works too)
  • NOBODY_API_KEY (optional for Nobody AI endpoint, required for external endpoints)

API Key

Using Default Nobody AI Endpoint (v2.nobody0x.com)

API key is optional. The default endpoint handles authentication automatically.

# Just install and use
pip install nobody-pentest-mcp
claude mcp add nobody-pentest nobody-pentest-mcp

Using External Endpoints (OpenAI, OpenRouter, etc.)

API key is required. Set it via environment variable or .env file.

# Set API key
export NOBODY_API_KEY=sk-your-key-here

# Or use .env file
echo "NOBODY_API_KEY=sk-your-key-here" > .env

Architecture

User (Claude Code)
    | MCP protocol (tool call)
Nobody Pentest MCP Server (local)
    |-- REAL EXECUTION: nmap, httpx, CVE APIs, templates
    |-- AI EXECUTION: POST /v1/messages -> Backend AI
    v
Results returned to Claude Code

Tools

Tool Executor API Required
nobody_pentest_scan nmap (local) No
nobody_pentest_web_audit httpx + manual checks (local) No
nobody_pentest_cve_search NVD + circl.lu APIs (local) No
nobody_pentest_payload_gen Templates (local) No
nobody_pentest_exploit_gen Nobody AI API Yes (external only)
nobody_pentest_code_audit Nobody AI API Yes (external only)
nobody_pentest_report Nobody AI API Yes (external only)
nobody_pentest_custom Nobody AI API Yes (external only)

Environment Variables

Variable Default Description
NOBODY_API_KEY (none) API key (optional for Nobody AI endpoint)
NOBODY_API_URL https://v2.nobody0x.com/v1/messages API endpoint
NOBODY_MODEL nobody-pentest Model name
NMAP_PATH nmap Path to nmap binary
SCAN_TIMEOUT 300 Max scan time in seconds
HTTP_TIMEOUT 15.0 HTTP request timeout

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nobody_pentest_mcp-2.0.6.tar.gz (37.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nobody_pentest_mcp-2.0.6-py3-none-any.whl (21.2 kB view details)

Uploaded Python 3

File details

Details for the file nobody_pentest_mcp-2.0.6.tar.gz.

File metadata

  • Download URL: nobody_pentest_mcp-2.0.6.tar.gz
  • Upload date:
  • Size: 37.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.10

File hashes

Hashes for nobody_pentest_mcp-2.0.6.tar.gz
Algorithm Hash digest
SHA256 77148a7ee3c6fc176ba2da34140cd11b4093c9be49f3fb66da065d61e960f7b4
MD5 c7f8a6bde1af4d4781bd83e0f0852ab6
BLAKE2b-256 b2f3fa45c689b194011e2d0472102fe0a16fc2b22b787792a8457cb7f79b119b

See more details on using hashes here.

File details

Details for the file nobody_pentest_mcp-2.0.6-py3-none-any.whl.

File metadata

File hashes

Hashes for nobody_pentest_mcp-2.0.6-py3-none-any.whl
Algorithm Hash digest
SHA256 2dcc8402636d1b791cde2be96e6aaf513bd6e03dde27e88c0e0bc779a9041bab
MD5 61dfe9777394bd52a26275f48e18b2b8
BLAKE2b-256 28726ec554f89979df6cafd42ef884aa08d18b3c6bfd433afaff062eb31d6900

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page