skillpack.co
All solutions

HexStrike AI

active

Dominant offensive security MCP repo. 7,561 stars — largest security MCP repo period. 150+ cybersecurity tools via MCP. Autonomous pentesting, vulnerability discovery, bug bounty automation.

Score 80

Where it wins

7,561 stars — largest security MCP repo

150+ cybersecurity tools accessible via MCP

Autonomous pentesting and vulnerability discovery

Bug bounty automation workflow support

Where to be skeptical

Offensive tools require clear authorization context (pentesting/CTF)

Breadth over depth — 150+ tools may not all be well-maintained

Editorial verdict

#1 offensive security skill. 7,561 stars — largest security MCP repo. 150+ cybersecurity tools. For authorized pentesting, CTF, and bug bounty only. The clear leader in agent-assisted offensive security.

Related

Security

#06of 10

Agent-assisted offensive security — authorized pentesting, CTF, and bug bounty automation

CodeQL (via GitHub MCP Server)

88

GitHub-native SAST via CodeQL, accessible through the official GitHub MCP Server. Copilot Autofix generates fixes from CodeQL alerts. GitHub Security Lab Taskflow Agent found ~30 real CVEs. Zero extra setup for GitHub users.

TruffleHog

88

18K+ stars. 800+ secret types. Unique credential verification — confirms if leaked creds are still active. Scans S3, Docker, Slack — not just git. No official MCP but community integrations exist.

Gitleaks

88

24.4K stars — most-starred secret scanner. 150+ patterns. Fastest pre-commit scanner. The community default for pre-commit secret detection. No official MCP.

Tencent AI-Infra-Guard

81

Most comprehensive OSS AI red teaming tool. 3,264 stars. Full-stack: ClawScan, Agent Scan, Skills Scan, MCP scan, jailbreak eval. 43 AI framework components, 589 CVEs cataloged. v4.0 released.

Public evidence

Raw GitHub source

GitHub README peek

Constrained peek so you can sanity-check the source material without leaving the site.

<div align="center"> <img src="https://raw.githubusercontent.com/0x4m4/hexstrike-ai/master/assets/hexstrike-logo.png" alt="HexStrike AI Logo" width="220" style="margin-bottom: 20px;"/>

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

Advanced AI-powered penetration testing MCP framework with 150+ security tools and 12+ autonomous AI agents

📋 What's New🏗️ Architecture🚀 Installation🛠️ Features🤖 AI Agents📡 API Reference

</div>
<div align="center">

Follow Our Social Accounts

<p align="center"> <a href="https://discord.gg/BWnmrrSHbA"> </a> &nbsp;&nbsp; <a href="https://www.linkedin.com/company/hexstrike-ai"> </a> </p> </div>

Architecture Overview

HexStrike AI MCP v6.0 features a multi-agent architecture with autonomous AI agents, intelligent decision-making, and vulnerability intelligence.

%%{init: {"themeVariables": {
  "primaryColor": "#b71c1c",
  "secondaryColor": "#ff5252",
  "tertiaryColor": "#ff8a80",
  "background": "#2d0000",
  "edgeLabelBackground":"#b71c1c",
  "fontFamily": "monospace",
  "fontSize": "16px",
  "fontColor": "#fffde7",
  "nodeTextColor": "#fffde7"
}}}%%
graph TD
    A[AI Agent - Claude/GPT/Copilot] -->|MCP Protocol| B[HexStrike MCP Server v6.0]
    
    B --> C[Intelligent Decision Engine]
    B --> D[12+ Autonomous AI Agents]
    B --> E[Modern Visual Engine]
    
    C --> F[Tool Selection AI]
    C --> G[Parameter Optimization]
    C --> H[Attack Chain Discovery]
    
    D --> I[BugBounty Agent]
    D --> J[CTF Solver Agent]
    D --> K[CVE Intelligence Agent]
    D --> L[Exploit Generator Agent]
    
    E --> M[Real-time Dashboards]
    E --> N[Progress Visualization]
    E --> O[Vulnerability Cards]
    
    B --> P[150+ Security Tools]
    P --> Q[Network Tools - 25+]
    P --> R[Web App Tools - 40+]
    P --> S[Cloud Tools - 20+]
    P --> T[Binary Tools - 25+]
    P --> U[CTF Tools - 20+]
    P --> V[OSINT Tools - 20+]
    
    B --> W[Advanced Process Management]
    W --> X[Smart Caching]
    W --> Y[Resource Optimization]
    W --> Z[Error Recovery]
    
    style A fill:#b71c1c,stroke:#ff5252,stroke-width:3px,color:#fffde7
    style B fill:#ff5252,stroke:#b71c1c,stroke-width:4px,color:#fffde7
    style C fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
    style D fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
    style E fill:#ff8a80,stroke:#b71c1c,stroke-width:2px,color:#fffde7
How It Works
  1. AI Agent Connection - Claude, GPT, or other MCP-compatible agents connect via FastMCP protocol
  2. Intelligent Analysis - Decision engine analyzes targets and selects optimal testing strategies
  3. Autonomous Execution - AI agents execute comprehensive security assessments
  4. Real-time Adaptation - System adapts based on results and discovered vulnerabilities
  5. Advanced Reporting - Visual output with vulnerability cards and risk analysis

Installation

Quick Setup to Run the hexstrike MCPs Server
# 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai

# 2. Create virtual environment
python3 -m venv hexstrike-env
source hexstrike-env/bin/activate  # Linux/Mac
# hexstrike-env\Scripts\activate   # Windows

# 3. Install Python dependencies
pip3 install -r requirements.txt
Installation and Setting Up Guide for various AI Clients:

Installation & Demo Video

Watch the full installation and setup walkthrough here: YouTube - HexStrike AI Installation & Demo

Supported AI Clients for Running & Integration

You can install and run HexStrike AI MCPs with various AI clients, including:

  • 5ire (Latest version v0.14.0 not supported for now)
  • VS Code Copilot
  • Roo Code
  • Cursor
  • Claude Desktop
  • Any MCP-compatible agent

Refer to the video above for step-by-step instructions and integration examples for these platforms.

View on GitHub →