HexStrike AI
HexStrike AI наделяет AI-агентов возможностями автономной наступательной кибербезопасности. Интегрирует 70+ профессиональных инструментов безопасности для автоматического пентестинга, интеллектуальной генерации полезных нагрузок и мониторинга в реальном времени через MCP.
HexStrike AI — это сервер Model Context Protocol (MCP), который выступает в роли моста, позволяя агентам больших языковых моделей (LLM), таким как Claude, GPT и Copilot, автономно взаимодействовать и выполнять обширный набор из более чем 70 инструментов кибербезопасности. Он автоматизирует тестирование на проникновение, поиск уязвимостей, автоматизацию Bug Bounty и исследования в области безопасности, позволяя ИИ-агентам интеллектуально выбирать инструменты, генерировать полезные нагрузки и анализировать результаты в реальном времени без участия человека, фактически предоставляя ИИ возможности реального наступательного арсенала средств безопасности.
Ключевые возможности
Варианты использования
MCP Server that enables AI agents to perform autonomous cybersecurity testing and penetration testing through 70+ integrated security tools
🏗️ Architecture • 🚀 Installation • 🛠️ Features • 🤖 AI Usage • 📡 API Reference • ⭐ Star Us
HexStrike AI MCP Agents is a Model Context Protocol (MCP) server that bridges AI agents with cybersecurity tools. This project serves as the foundation for HexStrike AI - a separate automated AI pentesting platform.
%%{init: {"themeVariables": {
"primaryColor": "#b71c1c",
"secondaryColor": "#ff5252",
"tertiaryColor": "#ff8a80",
"background": "#2d0000",
"edgeLabelBackground":"#b71c1c",
"fontFamily": "monospace",
"fontSize": "20px",
"fontColor": "#fffde7",
"nodeTextColor": "#fffde7"
}}}%%
graph TD
A[AI Agent - Claude/GPT/Copilot] -->|MCP Protocol| B[HexStrike MCP Server]
B -->|Tool Execution| C[Security Tools - nmap/nuclei/etc]
B -->|File Operations| D[Payload Generation]
B -->|Process Control| E[Real-time Monitoring]
C -->|Results| B
D -->|Payloads| B
E -->|Status| B
B -->|Analysis & Results| A
style A fill:#b71c1c,stroke:#ff5252,stroke-width:3px,color:#fffde7
style B fill:#ff5252,stroke:#b71c1c,stroke-width:3px,color:#fffde7
style C fill:#ff8a80,stroke:#b71c1c,stroke-width:3px,color:#fffde7
style D fill:#b71c1c,stroke:#ff8a80,stroke-width:3px,color:#fffde7
style E fill:#b71c1c,stroke:#ff5252,stroke-width:3px,color:#fffde7
- AI Agent Connection: Claude, GPT, or other MCP-compatible AI agents connect to this server
- Intelligent Tool Usage: AI agents autonomously select and execute appropriate security tools
- Real-time Results: Agents receive live feedback and adapt their testing strategies
- Autonomous Pentesting: AI performs comprehensive security assessments without human intervention
Note: Some components of this project are integrated into the main HexStrike AI automated pentesting platform.
Enable your AI agents to become autonomous cybersecurity experts with access to professional-grade security tools and intelligent automation capabilities.
- 🤖 AI Agent Developers - Provide your agents with cybersecurity capabilities
- 🔍 Automated Penetration Testing - Let AI agents perform comprehensive security assessments
- 💰 Bug Bounty Automation - AI-driven target analysis and vulnerability discovery
- 🏆 CTF Automation - AI agents that can solve security challenges
- 🔬 Security Research - Automated tool orchestration and payload generation
- 📚 Security Training - AI tutors with practical security tool access
| 🤖 AI Agent Integration | 🛠️ 70+ Security Tools | ⚡ Real-time Control |
|---|---|---|
| MCP protocol for seamless AI connection | Complete penetration testing toolkit | Command termination & progress tracking |
| 🔧 Intelligent Automation | 🌐 Modern API Testing | 📊 Advanced Monitoring |
|---|---|---|
| AI-driven tool selection & usage | GraphQL, JWT, REST API security | Live dashboards & system metrics |
- 🔥 Zero Human Intervention - AI agents handle complete security assessments
- 🎨 Beautiful Real-time Output - Progress bars, ETA calculations, visual status
- 🧠 Intelligent Tool Selection - AI chooses the right tools for each scenario
- 📊 Live Dashboard - Monitor all AI agent activities with system metrics
- 🔄 Smart Caching - Optimized performance for repeated operations
- 🛡️ Comprehensive Coverage - Network, web, binary, cloud, CTF tools
🔍 Network Reconnaissance & Scanning
- Nmap - Advanced port scanning with custom NSE scripts
- Amass - Comprehensive subdomain enumeration and OSINT
- Subfinder - Fast passive subdomain discovery
- Nuclei - Fast vulnerability scanner with 4000+ templates
- AutoRecon - Automated reconnaissance with 35+ parameters
- Fierce - DNS reconnaissance and zone transfer testing
- Masscan - High-speed Internet-scale port scanner
🌐 Web Application Security Testing
- Gobuster - Directory, file, and DNS enumeration
- FFuf - Fast web fuzzer with advanced filtering capabilities
- Dirb - Comprehensive web content scanner
- Nikto - Web server vulnerability scanner
- SQLMap - Advanced automatic SQL injection testing
- WPScan - WordPress security scanner with vulnerability database
- Burp Suite - Professional web security testing platform
- OWASP ZAP - Web application security scanner
- Arjun - HTTP parameter discovery tool
- Wafw00f - Web application firewall fingerprinting
- Feroxbuster - Fast content discovery tool
- Dotdotpwn - Directory traversal fuzzer
- XSSer - Cross-site scripting detection and exploitation
- Wfuzz - Web application fuzzer
🔐 Authentication & Password Security
- Hydra - Network login cracker supporting 50+ protocols
- John the Ripper - Advanced password hash cracking
- Hashcat - World's fastest password recovery tool
- Medusa - Speedy, parallel, modular login brute-forcer
- Patator - Multi-purpose brute-forcer
- CrackMapExec - Swiss army knife for pentesting networks
- Evil-WinRM - Windows Remote Management shell
🔬 Binary Analysis & Reverse Engineering
- GDB - GNU Debugger with Python scripting
- Radare2 - Advanced reverse engineering framework
- Binwalk - Firmware analysis and extraction tool
- ROPgadget - ROP/JOP gadget finder
- Checksec - Binary security property checker
- Strings - Extract printable strings from binaries
- Objdump - Display object file information
- Ghidra - NSA's software reverse engineering suite
- XXD - Hex dump utility
🏆 Advanced CTF & Forensics Tools
- Volatility3 - Advanced memory forensics framework
- Foremost - File carving and data recovery
- Steghide - Steganography detection and extraction
- ExifTool - Metadata reader/writer for various file formats
- HashPump - Hash length extension attack tool
- Binwalk - Firmware analysis and reverse engineering
- Autopsy - Digital forensics platform
- Sleuth Kit - Collection of command-line digital forensics tools
☁️ Cloud & Container Security
- Prowler - AWS/Azure/GCP security assessment tool
- Trivy - Comprehensive vulnerability scanner for containers
- Scout Suite - Multi-cloud security auditing tool
- Kube-Hunter - Kubernetes penetration testing tool
- Kube-Bench - CIS Kubernetes benchmark checker
- CloudSploit - Cloud security scanning and monitoring
🔥 Bug Bounty & Reconnaissance Arsenal
- Hakrawler - Fast web endpoint discovery and crawling
- HTTPx - Fast and multi-purpose HTTP toolkit
- ParamSpider - Mining parameters from dark corners of web archives
- Aquatone - Visual inspection of websites across hosts
- Subjack - Subdomain takeover vulnerability checker
- DNSENUM - DNS enumeration script
- Fierce - Domain scanner for locating targets
🎯 Intelligent Payload Generation
Smart Attack Vector Creation:
- XSS Payloads - Basic, advanced, filter bypass techniques
- SQL Injection - Database-specific, blind, time-based attacks
- Command Injection - OS-specific, blind execution techniques
- LFI/RFI - Local/remote file inclusion with wrapper techniques
- SSTI - Server-side template injection for various engines
- XXE - XML external entity attacks with data exfiltration
- CSRF - Cross-site request forgery payload generation
Features:
- 🧠 Context Awareness - AI adapts payloads to target technology
- 🎯 Risk Assessment - Automatic payload severity rating
- 🔄 Encoding Variations - URL, HTML, Unicode encoding
- 📊 Success Probability - AI-calculated effectiveness scores
🧪 Automated Vulnerability Testing
- Intelligent Test Cases - AI-guided vulnerability assessment
- Response Analysis - Automated vulnerability confirmation
- False Positive Reduction - Smart filtering and validation
- Comprehensive Reports - Detailed security assessments
- Attack Chaining - Multi-stage exploit development
🌐 Advanced API Security Testing
- GraphQL Security - Introspection, depth limiting, batch query testing
- JWT Analysis - Algorithm confusion, signature bypass, token manipulation
- REST API Testing - Endpoint discovery, parameter fuzzing, authentication bypass
- API Schema Analysis - OpenAPI/Swagger security assessment
- Comprehensive Audits - Multi-technique API penetration testing
🎮 Real-time Process Management
Advanced Command Control:
- Live Termination - Stop scans without server restart
- Progress Tracking - Real-time progress bars with ETA calculations
- Process Dashboard - Monitor all active scans simultaneously
- Resource Management - CPU and memory optimization
- Pause/Resume - Full control over long-running operations
Visual Progress Display:
⚡ PROGRESS ⣷ [████████████░░░░░░░░] 60.5% | 12.3s | ETA: 8s | PID: 87369
📊 FINAL RESULTS ✅
├─ Command: nmap -sV -sC example.com
├─ Duration: 15.2s
├─ Output Size: 2847 bytes
├─ Exit Code: 0
└─ Status: SUCCESS | Cached: Yes🚀 Intelligent Caching System
- Performance Optimization - Smart result caching with LRU eviction
- Context-Aware TTL - Dynamic cache expiration based on command type
- Hit Rate Optimization - Statistical analysis and cache tuning
- Memory Management - Configurable cache size and cleanup
- Cache Analytics - Detailed performance metrics
# Recommended Environment
OS: Kali Linux 2023.1+ / Ubuntu 20.04+ / Debian 11+
Python: 3.8+ with pip
RAM: 4GB+ (8GB recommended)
Storage: 20GB+ free space
Network: High-speed internet for tool updates# 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai
# 2. Install Python dependencies
pip3 install -r requirements.txtRequired Tools (install separately from their respective sources):
- Network Tools: nmap, amass, subfinder, nuclei, autorecon, fierce, masscan
- Web Tools: gobuster, ffuf, dirb, nikto, sqlmap, wpscan, burpsuite, zaproxy
- Password Tools: hydra, john, hashcat, medusa, patator, crackmapexec
- Binary Tools: gdb, radare2, binwalk, ropgadget, checksec, ghidra
- Forensics Tools: volatility3, foremost, steghide, exiftool, hashpump
- Cloud Tools: prowler, trivy, scout-suite, kube-hunter, kube-bench
- Recon Tools: hakrawler, httpx, paramspider, aquatone, subjack, dnsenum
Note: Each tool should be installed according to its official documentation. Even if not all tools are installed it will work fine and will ignore that tool.
# Start the MCP server
python3 hexstrike_server.py
# Verify server is running
curl http://localhost:5000/healthUse the provided MCP configuration file hexstrike-ai-mcp.json with your AI agent.
Claude MCP Configuration
Configure Claude Desktop:
Edit ~/.config/Claude/claude_desktop_config.json:
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": [
"/path/to/hexstrike-ai/hexstrike_mcp.py",
"--server", "http://localhost:5000"
],
"env": {
"HEXSTRIKE_SERVER": "http://localhost:5000"
}
}
}
}VS Code MCP Configuration
Configure VS Code settings in .vscode/settings.json:
{
"servers": {
"hexstrike": {
"type": "stdio",
"command": "python3",
"args": [
"/path/to/hexstrike-ai/hexstrike_mcp.py",
"--server",
"http://localhost:5000"
]
}
},
"inputs": []
}Cursor MCP Setup Guide
Configure Cursor settings in ~/.cursor/mcp_settings.json:
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": [
"/path/to/hexstrike-ai/hexstrike_mcp.py",
"--server", "http://localhost:5000"
],
"description": "HexStrike AI MCP Agents v5.0"
}
}
}User: "Perform a comprehensive security assessment of example.com"
AI Agent: "I'll conduct a multi-phase security assessment:
1. Starting with network reconnaissance using nmap...
2. Performing subdomain enumeration with amass...
3. Running web application scans with nuclei...
4. Testing for common vulnerabilities...
[Real-time results and analysis follow]"
User: "Find XSS vulnerabilities in this web application"
AI Agent: "I'll test for XSS vulnerabilities:
1. Crawling the application with hakrawler...
2. Discovering parameters with paramspider...
3. Generating contextual XSS payloads...
4. Testing each injection point...
[Detailed vulnerability report with proof-of-concepts]"
User: "Audit this GraphQL API for security issues"
AI Agent: "I'll perform a comprehensive GraphQL security audit:
1. Testing introspection queries...
2. Analyzing query depth limitations...
3. Checking for batch query vulnerabilities...
4. Examining authentication bypass techniques...
[Complete API security assessment with recommendations]"
| Endpoint | Method | Description | Parameters |
|---|---|---|---|
/health |
GET | Server health check | None |
/api/command |
POST | Execute arbitrary commands | command, use_cache |
/api/telemetry |
GET | System performance metrics | None |
/api/cache/stats |
GET | Cache performance statistics | None |
Network Security Tools
| Tool | Endpoint | Key Parameters |
|---|---|---|
| Nmap | /api/tools/nmap |
target, scan_type, ports, additional_args |
| Amass | /api/tools/amass |
domain, mode, additional_args |
| Subfinder | /api/tools/subfinder |
domain, silent, additional_args |
| Nuclei | /api/tools/nuclei |
target, severity, additional_args |
Intelligent Security Testing
| Feature | Endpoint | Key Parameters |
|---|---|---|
| Payload Generation | /api/ai/generate_payload |
attack_type, complexity, technology |
| Payload Testing | /api/ai/test_payload |
payload, target_url, method |
| Attack Suite | /api/ai/generate_attack_suite |
target_url, attack_types |
Real-time Command Control
| Action | Endpoint | Description |
|---|---|---|
| List Processes | GET /api/processes/list |
List all active processes |
| Process Status | GET /api/processes/status/<pid> |
Get detailed process information |
| Terminate | POST /api/processes/terminate/<pid> |
Stop specific process |
| Dashboard | GET /api/processes/dashboard |
Live monitoring dashboard |
-
MCP Connection Failed:
# Check if server is running netstat -tlnp | grep 5000 # Restart server python3 hexstrike_server.py
-
Security Tools Not Found:
# Check tool availability which nmap gobuster nuclei # Install missing tools from their official sources
-
AI Agent Cannot Connect:
# Verify MCP configuration paths # Check server logs for connection attempts python3 hexstrike_mcp.py --debug
Enable debug mode for detailed logging:
python3 hexstrike_server.py --debug
python3 hexstrike_mcp.py --debug- ⚡ Result Caching: Optimized performance for repeated operations
- 🔄 Concurrent Execution: Multiple tools can run simultaneously
- 📊 Real-time Progress: Live command output and progress tracking
- 💾 Memory Optimization: Efficient handling of large outputs
- 🔧 Automatic Cleanup: Temporary files and processes are managed
- MCP Integration: Full Model Context Protocol support for AI agents
- Advanced Process Control: Real-time command termination and monitoring
- Enhanced Caching: LRU cache with intelligent TTL management
- Cloud Security: Comprehensive cloud and container security tools
- AI Automation: Intelligent payload generation and testing capabilities
- File Operations: Complete file management system for AI agents
- Real-time command output streaming
- Progress indicators for long-running operations
- Contextual payload generation system
- Advanced API security testing (GraphQL, JWT)
- Comprehensive process dashboard
- Enhanced error handling with detailed logging
⚠️ Important Security Notes:
- This tool provides AI agents with powerful system access
- Run in isolated environments or dedicated security testing VMs
- AI agents can execute arbitrary security tools - ensure proper oversight
- Monitor AI agent activities through the real-time dashboard
- Consider implementing authentication for production deployments
We welcome contributions from the cybersecurity and AI community!
# 1. Fork and clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai
# 2. Create development environment
python3 -m venv hexstrike-dev
source hexstrike-dev/bin/activate
# 3. Install development dependencies
pip install -r requirements.txt
# 4. Start development server
python3 hexstrike_server.py --port 5000 --debug- 🤖 AI Agent Integrations - Support for new AI platforms and agents
- 🛠️ Security Tool Additions - Integration of additional security tools
- ⚡ Performance Optimizations - Caching improvements and scalability enhancements
- 📖 Documentation - AI usage examples and integration guides
- 🧪 Testing Frameworks - Automated testing for AI agent interactions
MIT License - see LICENSE file for details.
m0x4m4 - www.0x4m4.com | HexStrike
HexStrike AI MCP Agents v5.0 - Empowering AI agents with autonomous cybersecurity capabilities!
HexStrike AI MCP Agents v5.0
AI-Powered Cybersecurity Tool Integration via Model Context Protocol
Python | Лицензия | Репозиторий | Релизы
MCP-сервер, который позволяет AI-агентам (Claude, GPT, Copilot и др.) выполнять автономное тестирование на проникновение и кибербезопасность через 70+ встроенных инструментов.
Архитектура
Система работает по схеме: AI-агент → MCP-протокол → HexStrike MCP Server → выполнение инструментов безопасности (nmap, nuclei и др.) → генерация полезных нагрузок → мониторинг в реальном времени → результаты обратно агенту.
Как это работает:
- AI-агент подключается к серверу через MCP
- Агент автономно выбирает и запускает подходящие инструменты
- Получает результаты в реальном времени и адаптирует стратегию
- Выполняет полное тестирование без участия человека
Возможности
70+ инструментов безопасности
Сетевая разведка: Nmap, Amass, Subfinder, Nuclei, AutoRecon, Fierce, Masscan
Веб-безопасность: Gobuster, FFuf, Dirb, Nikto, SQLMap, WPScan, Burp Suite, OWASP ZAP, Arjun, Wafw00f, Feroxbuster, Dotdotpwn, XSSer, Wfuzz
Аутентификация и пароли: Hydra, John the Ripper, Hashcat, Medusa, Patator, CrackMapExec, Evil-WinRM
Бинарный анализ: GDB, Radare2, Binwalk, ROPgadget, Checksec, Strings, Objdump, Ghidra, XXD
Форензика и CTF: Volatility3, Foremost, Steghide, ExifTool, HashPump, Autopsy, Sleuth Kit
Облачная безопасность: Prowler, Trivy, Scout Suite, Kube-Hunter, Kube-Bench, CloudSploit
Разведка для Bug Bounty: Hakrawler, HTTPx, ParamSpider, Aquatone, Subjack, DNSENUM
AI-автоматизация
Генерация полезных нагрузок:
- XSS, SQL-инъекции, Command Injection, LFI/RFI, SSTI, XXE, CSRF
- Адаптация под целевую технологию
- Оценка риска и вероятности успеха
- Варианты кодирования (URL, HTML, Unicode)
Автоматическое тестирование уязвимостей:
- Интеллектуальные тест-кейсы
- Анализ ответов и подтверждение уязвимостей
- Снижение ложных срабатываний
- Многоэтапные эксплойты
API-безопасность:
- GraphQL: интроспекция, depth limiting, batch query
- JWT: algorithm confusion, signature bypass, token manipulation
- REST: endpoint discovery, parameter fuzzing, authentication bypass
- OpenAPI/Swagger assessment
Управление процессами
- Остановка сканирования без перезапуска сервера
- Прогресс-бары с ETA
- Дашборд активных процессов
- Мониторинг CPU и памяти
- Пауза/возобновление
Кэширование
- Умное кэширование с LRU-эвакуацией
- Динамический TTL в зависимости от типа команды
- Настраиваемый размер кэша
- Аналитика попаданий
Установка
Системные требования
- ОС: Kali Linux 2023.1+ / Ubuntu 20.04+ / Debian 11+
- Python 3.8+ с pip
- RAM: 4 ГБ+ (рекомендуется 8 ГБ)
- Storage: 20 ГБ+ свободного места
- Высокоскоростной интернет для обновления инструментов
Шаги
- Клонируйте репозиторий и установите зависимости:
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai
pip3 install -r requirements.txt
-
Установите необходимые инструменты безопасности (каждый согласно официальной документации). Если какой-то инструмент отсутствует, сервер просто его проигнорирует.
-
Запустите сервер:
python3 hexstrike_server.py
Проверьте: curl http://localhost:5000/health
- Настройте AI-агента, используя файл конфигурации MCP
hexstrike-ai-mcp.json.
Интеграция с AI-агентами
Claude Desktop
Отредактируйте ~/.config/Claude/claude_desktop_config.json:
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": ["/path/to/hexstrike-ai/hexstrike_mcp.py", "--server", "http://localhost:5000"],
"env": {
"HEXSTRIKE_SERVER": "http://localhost:5000"
}
}
}
}
VS Code Copilot
В .vscode/settings.json:
{
"servers": {
"hexstrike": {
"type": "stdio",
"command": "python3",
"args": ["/path/to/hexstrike-ai/hexstrike_mcp.py", "--server", "http://localhost:5000"]
}
},
"inputs": []
}
Cursor AI
В ~/.cursor/mcp_settings.json:
{
"mcpServers": {
"hexstrike-ai": {
"command": "python3",
"args": ["/path/to/hexstrike-ai/hexstrike_mcp.py", "--server", "http://localhost:5000"],
"description": "HexStrike AI MCP Agents v5.0"
}
}
}
Примеры использования
После настройки AI-агент может выполнять команды вроде:
- «Просканируй порты example.com с помощью nmap»
- «Проверь уязвимости веб-приложения на test.site»
- «Сгенерируй XSS-пейлоад для обхода фильтра»
- «Выполни тестирование GraphQL API на /graphql»
Примечания
- Некоторые компоненты проекта интегрированы в основную платформу HexStrike AI.
- Сервер работает по протоколу MCP, что обеспечивает бесшовное подключение к AI-агентам.
- Для полного функционала рекомендуется установить все перечисленные инструменты.
Что такое HexStrike AI?
HexStrike AI — это MCP-сервер (Model Context Protocol), который наделяет AI-агентов возможностями автономного наступательного кибербезопасности, интегрируя и оркестрируя более 70 профессиональных инструментов безопасности для автоматизированного тестирования на проникновение.
Как HexStrike AI интегрируется с AI-агентами?
Он бесшовно интегрируется с AI-агентами, такими как Claude, GPT или Copilot, через протокол Model Context Protocol (MCP). Это позволяет AI-агентам автономно выбирать, выполнять и получать обратную связь в реальном времени от широкого спектра инструментов кибербезопасности.
Какие типы инструментов безопасности интегрирует HexStrike AI?
HexStrike AI оркестрирует более 70 разнообразных инструментов кибербезопасности, охватывающих сетевую разведку, безопасность веб-приложений, аутентификацию и взлом паролей, бинарный анализ, CTF, облачную безопасность и арсенал для bug bounty.
Каковы основные преимущества использования HexStrike AI?
Ключевые преимущества включают возможность AI-агентов проводить комплексные оценки безопасности без участия человека, интеллектуальную генерацию полезной нагрузки, автоматизированное тестирование уязвимостей, управление процессами в реальном времени и широкий охват различных доменов безопасности.
Можно ли использовать HexStrike AI для автоматизации bug bounty или CTF?
Да, HexStrike AI отлично подходит для автоматизированного тестирования на проникновение, автоматизации bug bounty (анализ целей с помощью AI), автоматизации CTF (AI-агенты решают задачи безопасности) и исследований в области безопасности, предоставляя AI-агентам практический доступ к инструментам.
Комментарии
Комментариев пока нет. Будьте первым.