0x4m4/hexstrike-ai

HexStrike AI is an MCP server that connects AI assistants like Claude, GPT, or GitHub Copilot to a large collection of cybersecurity tools so they can run security assessments autonomously. MCP (Model Context Protocol) is a standard that lets AI chat interfaces call external tools and receive results. HexStrike acts as the bridge between the AI and more than 150 security programs that security professionals use for penetration testing. The idea is that instead of manually running individual tools and interpreting results yourself, you describe a target or task to the AI assistant, and it decides which tools to run, executes them in sequence, and reports back. The system includes 12 or more specialized agents focused on specific tasks: one for bug bounty hunting, one for CTF (capture-the-flag) competition challenges, one for searching known vulnerabilities, and one for generating exploit code, among others. The 150-plus tools are organized by category. Network scanning tools map open ports and services on a target. Web application tools look for common vulnerabilities in websites. Cloud tools check for misconfigurations in cloud infrastructure. Binary analysis tools examine compiled programs for weaknesses. OSINT tools gather publicly available information about a target. Password tools test authentication systems. The README lists the specific tool names under each category. Setup involves cloning the repository, installing Python dependencies, separately installing the security tools you want to use (most are standard Linux packages), starting the Python server, and then configuring your AI client to point to the local server address. Claude Desktop and VS Code Copilot configurations are both documented. The project is intended for authorized penetration testing, bug bounty research, and security education. It is released under the MIT License.