150+ security tools MCP server with AI-powered analysis for Claude Code, GPT, Copilot, etc.
Project description
Nobody Pentest Ultra MCP Server
150+ security tools with AI-powered analysis via Nobody AI backend.
MCP server yang menghubungkan Claude Code, GPT, Copilot, atau MCP-compatible agent dengan 150+ tools keamanan.
Features
150+ Security Tools
| Category | Tools | Count |
|---|---|---|
| Network Recon | nmap, masscan, rustscan, amass, subfinder, fierce, dnsenum, autorecon, theharvester, arp-scan, enum4linux, smbmap, netexec, responder | 14+ |
| Web App | gobuster, feroxbuster, ffuf, dirsearch, httpx, katana, nuclei, nikto, sqlmap, wpscan, dalfox, wafw00f, wfuzz, commix, nosqlmap, tplmap, testssl, sslscan, sslyze, whatweb, jwt_tool, paramspider, arjun, x8, hakrawler, gau, waybackurls | 27+ |
| Auth/Brute | hydra, john, hashcat, medusa, evil-winrm, hashid | 6+ |
| Binary/RE | ghidra, radare2, gdb, binwalk, checksec, strings, objdump, volatility, foremost, steghide, exiftool, msfvenom, ROPgadget, one_gadget, upx, pwntools | 16+ |
| Cloud | prowler, trivy, kube-hunter, kube-bench, docker-bench, scout-suite, cloudmapper, checkov, falco | 9+ |
| CTF/Forensics | volatility3, stegsolve, zsteg, outguess, bulk-extractor, scalpel, autopsy | 7+ |
| OSINT | sherlock, recon-ng, spiderfoot, shodan, censys, social-analyzer, trufflehog | 7+ |
AI-Powered Analysis
- Tool Selection: AI selects the best tool for each task
- Parameter Optimization: AI optimizes tool parameters
- Attack Chain Discovery: AI finds attack paths
- Report Generation: AI creates professional pentest reports
Smart Features
- Auto-detect: Detects if tools are installed
- Graceful Fallback: Suggests installation for missing tools
- Caching: Smart result caching
- Timeout: Configurable timeouts
Quick Setup
Install
pip install nobody-pentest-ultra
Add to Claude Code
# First, find where nobody-pentest-ultra is installed
python -c "import nobody_pentest_ultra.server; print(nobody_pentest_ultra.server.__file__)"
# Output: C:\...\Lib\site-packages\nobody_pentest_ultra\server.py
# Then add to Claude Code using the full path
claude mcp add nobody-pentest-ultra -- python "C:\...\Lib\site-packages\nobody_pentest_ultra\server.py"
# With API key (external endpoints)
claude mcp add nobody-pentest-ultra -e NOBODY_API_KEY=sk-nobody-xxx -- python "C:\...\Lib\site-packages\nobody_pentest_ultra\server.py"
Note: Claude Code does not support
python -msyntax. Use full path to server.py instead.
Add to OpenCode
Add to your opencode.json or opencode.jsonc project config:
{
"$schema": "https://opencode.ai/config.json",
"mcp": {
"nobody-pentest-ultra": {
"type": "local",
"command": ["npx", "-y", "nobody-pentest-ultra"],
"enabled": true
}
}
}
If installed via pip (not npx), use python -m:
{
"$schema": "https://opencode.ai/config.json",
"mcp": {
"nobody-pentest-ultra": {
"type": "local",
"command": ["python", "-m", "nobody_pentest_ultra.server"],
"enabled": true,
"environment": {
"NOBODY_API_KEY": "sk-nobody-xxx"
}
}
}
}
Tip: OpenCode supports
-msyntax, sopython -m nobody_pentest_ultra.serverworks directly.
After adding the config, restart OpenCode. All 150+ security tools will be available as MCP tools.
Restart Claude Code
> Scan example.com for all vulnerabilities
> Perform full web app security test on target.com
> Enumerate subdomains for company.com
Usage Examples
Network Scanning
> Scan 192.168.1.1 for open ports and services
> Run masscan on 10.0.0.0/24
> Enumerate subdomains for example.com
Web Application Testing
> Test example.com for SQL injection
> Enumerate directories on target.com
> Scan for XSS vulnerabilities
> Check SSL/TLS configuration
Complete Pentest
> Perform full penetration test on example.com
> Run all security checks on target.com
Tool Installation
Tools are not bundled with this package. Install them as needed:
# Network
apt install nmap masscan
go install github.com/owasp-amass/amass/v4/...@master
go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
# Web
apt install nikto
go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
pip install sqlmap
# Binary
apt install radare2 gdb binwalk
# Cloud
pip install prowler
go install github.com/aquasecurity/trivy/cmd/trivy@latest
# OSINT
pip install sherlock-cli
Environment Variables
| Variable | Default | Description |
|---|---|---|
NOBODY_API_KEY |
(none) | API key for AI analysis (optional for Nobody endpoint) |
NOBODY_API_URL |
https://v2.nobody0x.com/v1/messages |
AI backend URL |
NOBODY_MODEL |
nobody-pentest |
AI model name |
SCAN_TIMEOUT |
300 |
Max scan time in seconds |
HTTP_TIMEOUT |
30 |
HTTP request timeout |
License
MIT License
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file nobody_pentest_ultra-1.0.4.tar.gz.
File metadata
- Download URL: nobody_pentest_ultra-1.0.4.tar.gz
- Upload date:
- Size: 22.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
858ba0def463186b8a28738b348b0f173d53f473afed7889180baa7edc86d71e
|
|
| MD5 |
a4419a7ef7a0e93a7cd832a7e2adfbcb
|
|
| BLAKE2b-256 |
78ca1f597daf43f6247316f80853c82bdc36158118b9b452feef8766ff36075b
|
File details
Details for the file nobody_pentest_ultra-1.0.4-py3-none-any.whl.
File metadata
- Download URL: nobody_pentest_ultra-1.0.4-py3-none-any.whl
- Upload date:
- Size: 14.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
24e1c8d1e470b6bdca76b0fb1851a45ae8537ebe3d163895cd530e8e78bdd4e2
|
|
| MD5 |
87af043789dc3a15b818a622ead0a81a
|
|
| BLAKE2b-256 |
177d87bf8fe1dd1124ba89dfc1dc5b16f002a221de4f71d9ddb46191207c5669
|