HexStrike AI

by 0x4m4 (community)

Advanced MCP server that lets AI agents perform offensive security tasks and red-team workflows. 8,695 GitHub stars and 1 commit on main in the last 30 days.

★ 8,695·6 tools·Released JUN 2025·MIT

pip install hexstrike-ai

“Advanced MCP server that lets AI agents perform offensive security tasks and red-team workflows. 8,695 stars and 1 commit on main in the last 30 days.”
Reviewed by M. Nouriel · MAY 2026

// Connect

INSTALL THIS SERVER

{
  "mcpServers": {
    "hexstrike": {
      "command": "python",
      "args": [
        "-m",
        "hexstrike_ai"
      ]
    }
  }
}

PrereqPyPI: `hexstrike-ai`. Use ONLY within explicit written authorisation; offensive security operations against systems you do not own may violate the law. Path: ~/Library/Application Support/Claude/claude_desktop_config.json (macOS).

{
  "mcpServers": {
    "hexstrike": {
      "command": "python",
      "args": [
        "-m",
        "hexstrike_ai"
      ]
    }
  }
}

{
  "mcpServers": {
    "hexstrike": {
      "command": "python",
      "args": [
        "-m",
        "hexstrike_ai"
      ]
    }
  }
}

{
  "mcpServers": {
    "hexstrike": {
      "command": "python",
      "args": [
        "-m",
        "hexstrike_ai"
      ]
    }
  }
}

{
  "mcpServers": {
    "hexstrike": {
      "command": "python",
      "args": [
        "-m",
        "hexstrike_ai"
      ]
    }
  }
}

// Tools

6 TOOLS AVAILABLE

run_recon

Run reconnaissance against a target (domain, IP, asset)

Admin

scan_target

Scan a target for known vulnerabilities

Admin

list_findings

List findings with severity and CVE references

Read

generate_report

Generate a security assessment report

Read

list_techniques

List available offensive-security techniques (MITRE ATT&CK aligned)

Read

plan_engagement

Plan a red-team engagement based on target and scope

Admin

// Editorial Review

OUR ASSESSMENT

Strengths

8,695 GitHub stars.
1 commit on main in the last 30 days.
MIT license.
MITRE ATT&CK aligned technique catalog.
End-to-end workflow from recon to reporting.

Weaknesses

Offensive-security tooling carries legal risk if used outside authorised engagements.
1 commit/30d is at the bottom of the strict gate.
Community-maintained; no commercial security backing.

Security Notes

HexStrike AI executes offensive-security techniques. Use ONLY within explicit written authorisation (engagement letter, bug bounty program scope, your own infrastructure). Running against systems you do not own or have permission to test may violate the Computer Fraud and Abuse Act (US), Computer Misuse Act (UK), and similar laws worldwide. Agents that orchestrate HexStrike must include scope enforcement in the prompt path.

Best For

Authorised penetration testers running red-team engagements; security researchers studying offensive techniques; bug bounty hunters automating recon and triage within program scope.

// Technical

TECHNICAL DETAILS

Language

python

Transport

stdio

Clients

Claude DesktopClaude CodeCursorVS CodeWindsurf

License

MIT

GitHub

0x4m4/hexstrike-ai · ★ 8,695

npm

hexstrike-ai

Last Release

hexstrike-ai (PyPI latest)MAY 12, 2026

First Released

JUN 1, 2025

// Adoption

ADOPTION METRICS

// GitHub Stars

8,695

// Reading this8,695 stars on 0x4m4/hexstrike-ai. 1 commit on main in the last 30 days.

// Popularity Rank

Globally · #4 in Security

// Reading thisPairs with Prowler, Trivy, CrowdStrike Falcon, Snyk Agent Scan, Auth0, AWS IAM, AWS CloudTrail, HashiCorp Vault, Infisical, Okta in security. HexStrike owns the offensive-security slot.

// How we found this server

SOURCES & VERIFICATION

We don't take any single directory's word for it. Before scoring, we cross-reference 4 public MCP sources, install the server ourselves against the clients we cover, and record when we last re-verified.

Discovered

Manual submission

First indexed MAY 12, 2026

Cross-referenced

4 directories

PulseMCP, MCP.so, Glama, Smithery

Verified against

Claude Desktop, Cursor

Installed and tested across clients

Last re-checked

MAY 12, 2026

Weekly re-verification

// How other directories see it

The same server, 4 different lenses. We reconcile these signals into our editorial score, which is why our number sometimes diverges from a directory-aggregate star count.

Source	Their rating	Their star count	Their downloads	Last synced
AutomationSwitch This page	4.3editorial	8,695	—	MAY 12, 2026
PulseMCP	— unrated	unavailable	unavailable	MAY 12, 2026
MCP.so	— unrated	unavailable	unavailable	MAY 12, 2026
Glama	— unrated	unavailable	unavailable	MAY 12, 2026
Smithery	— unrated	unavailable	unavailable	MAY 12, 2026

// Counts are directory-reported; we don't adjust them. Discrepancies usually come from different snapshot times or star-caching.

// Alternatives

OTHER SECURITY MCP SERVERS

Vendor4.6

Prowler MCP

Prowler

Cloud Security Posture Management (CSPM) platform with 1000+ security checks across multiple cloud providers and 70+ compliance frameworks, exposed through MCP. Three deployment options: Prowler Cloud (recommended), local stdio, self-hosted HTTP. 13,717 stars, Apache-2.0.

8 tools★ 13,717

Official4.5

Snyk Agent Scan

Snyk

Snyk's security scanner for AI agents, MCP servers, and agent skills. Scans MCP server manifests and agent skill files for known security risks. 2,366 GitHub stars and 81 commits on main in the last 30 days.

6 tools★ 2,366

Official4.4

CrowdStrike Falcon MCP

CrowdStrike

Official CrowdStrike Falcon MCP server. Connect AI agents to CrowdStrike Falcon for automated security analysis and threat hunting. 148 stars and 8 commits on main in the last 30 days.

7 tools★ 148

Vendor4.3

Auth0 MCP Server

Auth0

Official Auth0 MCP server connecting Claude, Cursor, Windsurf, VS Code, and Gemini to Auth0 Management APIs. Create apps, deploy Actions, debug logs, and query users with natural-language commands. Read-only mode and tool-glob filtering supported. Beta software per Auth0.

8 tools★ 106

Official4.2

HashiCorp Vault MCP

HashiCorp

Official HashiCorp MCP for Vault: secrets, mounts, KV, and PKI management with stdio and Streamable HTTP transports. 9 commits on main in the last 30 days. MPL-2.0 with HashiCorp official-vendor signal.

9 tools★ 45

Official4.1

AWS IAM MCP

AWS Labs

Official AWS Labs MCP for IAM administration: users, roles, groups, policies, inline policies, access keys, and policy simulation. Read-only mode supported via --allow-write opt-in pattern. Apache-2.0 within awslabs/mcp monorepo.

7 tools★ 8,924

// Get in touch

DISCUSS YOUR
MCP REQUIREMENTS.

Evaluating a server, scoping an internal deployment, or working out whether MCP is the right fit at all. Start the conversation and we will point you at the right piece of the ecosystem.

Discuss Your MCP Requirements →

HexStrike AI

INSTALL THIS SERVER

6 TOOLS AVAILABLE

OUR ASSESSMENT

TECHNICAL DETAILS

ADOPTION METRICS

SOURCES & VERIFICATION

OTHER SECURITY MCP SERVERS

Prowler MCP

Snyk Agent Scan

CrowdStrike Falcon MCP

Auth0 MCP Server

HashiCorp Vault MCP

AWS IAM MCP

DISCUSS YOURMCP REQUIREMENTS.

DISCUSS YOUR
MCP REQUIREMENTS.