Last updated
March 16, 2026
MCP profile
HackTricks MCP Server
Search and query HackTricks pentesting documentation with quick lookup and section extraction
Security & IdentityPackageJavaScript/TypeScriptOpen SourceExternal
Visibility
Public
ByRegistry
About This MCP Server
Search and query HackTricks pentesting documentation with quick lookup and section extraction This MCP server enables AI assistants like Claude to seamlessly interact with HackTricks, providing structured access to its functionality through the Model Context Protocol (MCP).
Key Capabilities:
- Search and retrieve web content
- Extract structured data from web pages
- Navigate and interact with websites
- Process and analyze web content
Common Use Cases:
- Automated web research and data collection
- Content extraction and processing
- Market research and competitive analysis
- Building knowledge bases from web sources
How It Works: HackTricks integrates with AI coding assistants and chat interfaces through the standardized MCP protocol. Once configured, your AI assistant can directly invoke HackTricks's tools, enabling natural language interaction with its features without manual API calls or custom integrations.
Technical Details: Server type: Package · Language: JavaScript/TypeScript
Capabilities
Quick lookup - One-shot exploitation info with alias support (sqli, xss, ssrf, etc.)Grouped search results - Results aggregated by file with match count, title, and relevant sectionsPage outline - Quick table of contents to identify relevant sectionsSection extraction - Read specific sections instead of full pages (token-efficient)Cheatsheet mode - Extract only code blocks/commands from pagesCategory browsing - Discover available topics and file pathsFast grep search - Uses ripgrep for instant resultsSecurity hardened - Protection against command injection and path traversal
Tools & Endpoints
Example Workflow
• "Search HackTricks for SQL injection techniques"
• "Give me SUID privilege escalation commands"
• "Show me XSS payloads"
• "List all pentesting categories in HackTricks"
• "How do I exploit XXE vulnerabilities?"
What Problems It Solves
- "Search HackTricks for SQL injection techniques"
- "Give me SUID privilege escalation commands"
- "Show me XSS payloads"
- "List all pentesting categories in HackTricks"
- "How do I exploit XXE vulnerabilities?"
Why Use HackTricks MCP Server?
- Quick lookup - One-shot exploitation info with alias support (sqli, xss, ssrf, etc.)
- Grouped search results - Results aggregated by file with match count, title, and relevant sections
- Page outline - Quick table of contents to identify relevant sections
- Section extraction - Read specific sections instead of full pages (token-efficient)
- Cheatsheet mode - Extract only code blocks/commands from pages
- Category browsing - Discover available topics and file paths
- Fast grep search - Uses ripgrep for instant results
- Security hardened - Protection against command injection and path traversal
Specifications
Status
live
Industry
Security & Identity
Category
General
Server type
Package
Language
JavaScript/TypeScript
License
Open Source
Verified
Yes
Requirements
- Node.js (v18 or higher)
- ripgrep (rg) - usually pre-installed on macOS/Linux
- Bun (for package management)
Hosting
Hosting Options
- Package
API
Integrate this server into your application. Choose a connection method below.
1
Install
Install command
JavaScript/TypeScript
npm install -g hacktricks-mcp-server2
Configure
Configuration
json
{
"mcpServers": {
"hacktricks": {
"command": "npx",
"args": ["hacktricks-mcp-server"]
}
}
}Performance
Usage
Quick Reference
- Name
- HackTricks MCP Server
- Function
- Search and query HackTricks pentesting documentation with quick lookup and section extraction
- Transport
- Package
- Language
- JavaScript/TypeScript
- Install
- npm install -g hacktricks-mcp-server
- Source
- External (Registry)
- License
- Open Source
Get started
Ready to integrate this MCP server?
Book a demo to see how this server fits your workflow, or explore the full catalog.