CalvinBackup/hexstrike-ai

Fork 0

mirror of https://github.com/0x4m4/hexstrike-ai.git synced 2026-02-10 14:03:03 +00:00

Go to file

Muhammad Osama 38e8c74d7b readme update

2025-07-11 03:07:07 +05:00

assets

usage update

2025-07-11 03:05:58 +05:00

hexstrike_mcp.py

update

2025-07-10 23:07:24 +05:00

hexstrike_server.py

update

2025-07-10 23:07:24 +05:00

hexstrike-ai-mcp.json

update

2025-07-10 23:07:24 +05:00

README.md

readme update

2025-07-11 03:07:07 +05:00

requirements.txt

update

2025-07-10 23:07:24 +05:00

README.md

HexStrike AI MCP Agents v5.0

AI-Powered Cybersecurity Tool Integration via Model Context Protocol

MCP Server that enables AI agents to perform autonomous cybersecurity testing and penetration testing through 70+ integrated security tools

🏗️ Architecture • 🚀 Installation • 🛠️ Features • 🤖 AI Usage • 📡 API Reference • ⭐ Star Us

🏗️ Architecture Overview

HexStrike AI MCP Agents is a Model Context Protocol (MCP) server that bridges AI agents with cybersecurity tools. This project serves as the foundation for HexStrike AI - a separate automated AI pentesting platform.

graph TD
    A[AI Agent - Claude/GPT/Copilot] -->|MCP Protocol| B[HexStrike MCP Server]
    B -->|Tool Execution| C[Security Tools - nmap/nuclei/etc]
    B -->|File Operations| D[Payload Generation]
    B -->|Process Control| E[Real-time Monitoring]
    C -->|Results| B
    D -->|Payloads| B
    E -->|Status| B
    B -->|Analysis & Results| A
    
    style A fill:#ff6b6b,stroke:#d63031,stroke-width:3px,color:#fff
    style B fill:#a29bfe,stroke:#6c5ce7,stroke-width:3px,color:#fff
    style C fill:#fd79a8,stroke:#e84393,stroke-width:3px,color:#fff
    style D fill:#fdcb6e,stroke:#e17055,stroke-width:3px,color:#fff
    style E fill:#55a3ff,stroke:#0984e3,stroke-width:3px,color:#fff

How It Works:

AI Agent Connection: Claude, GPT, or other MCP-compatible AI agents connect to this server
Intelligent Tool Usage: AI agents autonomously select and execute appropriate security tools
Real-time Results: Agents receive live feedback and adapt their testing strategies
Autonomous Pentesting: AI performs comprehensive security assessments without human intervention

Note: Some components of this project are integrated into the main HexStrike AI automated pentesting platform.

Why Choose HexStrike AI MCP Agents?

Enable your AI agents to become autonomous cybersecurity experts with access to professional-grade security tools and intelligent automation capabilities.

🎯 Perfect For:

🤖 AI Agent Developers - Provide your agents with cybersecurity capabilities
🔍 Automated Penetration Testing - Let AI agents perform comprehensive security assessments
💰 Bug Bounty Automation - AI-driven target analysis and vulnerability discovery
🏆 CTF Automation - AI agents that can solve security challenges
🔬 Security Research - Automated tool orchestration and payload generation
📚 Security Training - AI tutors with practical security tool access

Key Highlights

🤖 AI Agent Integration	🛠️ 70+ Security Tools	⚡ Real-time Control
MCP protocol for seamless AI connection	Complete penetration testing toolkit	Command termination & progress tracking

🔧 Intelligent Automation	🌐 Modern API Testing	📊 Advanced Monitoring
AI-driven tool selection & usage	GraphQL, JWT, REST API security	Live dashboards & system metrics

✨ What Makes Us Special:

🔥 Zero Human Intervention - AI agents handle complete security assessments
🎨 Beautiful Real-time Output - Progress bars, ETA calculations, visual status
🧠 Intelligent Tool Selection - AI chooses the right tools for each scenario
📊 Live Dashboard - Monitor all AI agent activities with system metrics
🔄 Smart Caching - Optimized performance for repeated operations
🛡️ Comprehensive Coverage - Network, web, binary, cloud, CTF tools

Comprehensive Feature Set

🎯 Core Security Tools (70+)

🔍 Network Reconnaissance & Scanning

Nmap - Advanced port scanning with custom NSE scripts
Amass - Comprehensive subdomain enumeration and OSINT
Subfinder - Fast passive subdomain discovery
Nuclei - Fast vulnerability scanner with 4000+ templates
AutoRecon - Automated reconnaissance with 35+ parameters
Fierce - DNS reconnaissance and zone transfer testing
Masscan - High-speed Internet-scale port scanner

🌐 Web Application Security Testing

Gobuster - Directory, file, and DNS enumeration
FFuf - Fast web fuzzer with advanced filtering capabilities
Dirb - Comprehensive web content scanner
Nikto - Web server vulnerability scanner
SQLMap - Advanced automatic SQL injection testing
WPScan - WordPress security scanner with vulnerability database
Burp Suite - Professional web security testing platform
OWASP ZAP - Web application security scanner
Arjun - HTTP parameter discovery tool
Wafw00f - Web application firewall fingerprinting
Feroxbuster - Fast content discovery tool
Dotdotpwn - Directory traversal fuzzer
XSSer - Cross-site scripting detection and exploitation
Wfuzz - Web application fuzzer

🔐 Authentication & Password Security

Hydra - Network login cracker supporting 50+ protocols
John the Ripper - Advanced password hash cracking
Hashcat - World's fastest password recovery tool
Medusa - Speedy, parallel, modular login brute-forcer
Patator - Multi-purpose brute-forcer
CrackMapExec - Swiss army knife for pentesting networks
Evil-WinRM - Windows Remote Management shell

🔬 Binary Analysis & Reverse Engineering

GDB - GNU Debugger with Python scripting
Radare2 - Advanced reverse engineering framework
Binwalk - Firmware analysis and extraction tool
ROPgadget - ROP/JOP gadget finder
Checksec - Binary security property checker
Strings - Extract printable strings from binaries
Objdump - Display object file information
Ghidra - NSA's software reverse engineering suite
XXD - Hex dump utility

🏆 Advanced CTF & Forensics Tools

Volatility3 - Advanced memory forensics framework
Foremost - File carving and data recovery
Steghide - Steganography detection and extraction
ExifTool - Metadata reader/writer for various file formats
HashPump - Hash length extension attack tool
Binwalk - Firmware analysis and reverse engineering
Autopsy - Digital forensics platform
Sleuth Kit - Collection of command-line digital forensics tools

☁️ Cloud & Container Security

Prowler - AWS/Azure/GCP security assessment tool
Trivy - Comprehensive vulnerability scanner for containers
Scout Suite - Multi-cloud security auditing tool
Kube-Hunter - Kubernetes penetration testing tool
Kube-Bench - CIS Kubernetes benchmark checker
CloudSploit - Cloud security scanning and monitoring

🔥 Bug Bounty & Reconnaissance Arsenal

Hakrawler - Fast web endpoint discovery and crawling
HTTPx - Fast and multi-purpose HTTP toolkit
ParamSpider - Mining parameters from dark corners of web archives
Aquatone - Visual inspection of websites across hosts
Subjack - Subdomain takeover vulnerability checker
DNSENUM - DNS enumeration script
Fierce - Domain scanner for locating targets

🤖 AI-Powered Automation Features

🎯 Intelligent Payload Generation

Smart Attack Vector Creation:

XSS Payloads - Basic, advanced, filter bypass techniques
SQL Injection - Database-specific, blind, time-based attacks
Command Injection - OS-specific, blind execution techniques
LFI/RFI - Local/remote file inclusion with wrapper techniques
SSTI - Server-side template injection for various engines
XXE - XML external entity attacks with data exfiltration
CSRF - Cross-site request forgery payload generation

Features:

🧠 Context Awareness - AI adapts payloads to target technology
🎯 Risk Assessment - Automatic payload severity rating
🔄 Encoding Variations - URL, HTML, Unicode encoding
📊 Success Probability - AI-calculated effectiveness scores

🧪 Automated Vulnerability Testing

Intelligent Test Cases - AI-guided vulnerability assessment
Response Analysis - Automated vulnerability confirmation
False Positive Reduction - Smart filtering and validation
Comprehensive Reports - Detailed security assessments
Attack Chaining - Multi-stage exploit development

🌐 Advanced API Security Testing

GraphQL Security - Introspection, depth limiting, batch query testing
JWT Analysis - Algorithm confusion, signature bypass, token manipulation
REST API Testing - Endpoint discovery, parameter fuzzing, authentication bypass
API Schema Analysis - OpenAPI/Swagger security assessment
Comprehensive Audits - Multi-technique API penetration testing

⚡ Performance & Control Features

🎮 Real-time Process Management

Advanced Command Control:

Live Termination - Stop scans without server restart
Progress Tracking - Real-time progress bars with ETA calculations
Process Dashboard - Monitor all active scans simultaneously
Resource Management - CPU and memory optimization
Pause/Resume - Full control over long-running operations

Visual Progress Display:

⚡ PROGRESS ⣷ [████████████░░░░░░░░] 60.5% | 12.3s | ETA: 8s | PID: 87369
📊 FINAL RESULTS ✅
   ├─ Command: nmap -sV -sC example.com
   ├─ Duration: 15.2s
   ├─ Output Size: 2847 bytes
   ├─ Exit Code: 0
   └─ Status: SUCCESS | Cached: Yes

🚀 Intelligent Caching System

Performance Optimization - Smart result caching with LRU eviction
Context-Aware TTL - Dynamic cache expiration based on command type
Hit Rate Optimization - Statistical analysis and cache tuning
Memory Management - Configurable cache size and cleanup
Cache Analytics - Detailed performance metrics

Quick Installation

📋 System Requirements

# Recommended Environment
OS: Kali Linux 2023.1+ / Ubuntu 20.04+ / Debian 11+
Python: 3.8+ with pip
RAM: 4GB+ (8GB recommended)
Storage: 20GB+ free space
Network: High-speed internet for tool updates

🛠️ Installation Steps

Step 1: Install Server Dependencies

# 1. Clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai

# 2. Install Python dependencies
pip3 install -r requirements.txt

Step 2: Install Security Tools

Required Tools (install separately from their respective sources):

Network Tools: nmap, amass, subfinder, nuclei, autorecon, fierce, masscan
Web Tools: gobuster, ffuf, dirb, nikto, sqlmap, wpscan, burpsuite, zaproxy
Password Tools: hydra, john, hashcat, medusa, patator, crackmapexec
Binary Tools: gdb, radare2, binwalk, ropgadget, checksec, ghidra
Forensics Tools: volatility3, foremost, steghide, exiftool, hashpump
Cloud Tools: prowler, trivy, scout-suite, kube-hunter, kube-bench
Recon Tools: hakrawler, httpx, paramspider, aquatone, subjack, dnsenum

Note: Each tool should be installed according to its official documentation. Even if not all tools are installed it will work fine and will ignore that tool.

Step 3: Start HexStrike Server

# Start the MCP server
python3 hexstrike_server.py

# Verify server is running
curl http://localhost:5000/health

Step 4: Configure AI Agent

Use the provided MCP configuration file hexstrike-ai-mcp.json with your AI agent.

AI Integration Setup

Claude Desktop Integration

Claude MCP Configuration

Configure Claude Desktop: Edit ~/.config/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "hexstrike-ai": {
      "command": "python3",
      "args": [
        "/path/to/hexstrike-ai/hexstrike_mcp.py",
        "--server", "http://localhost:5000"
      ],
      "env": {
        "HEXSTRIKE_SERVER": "http://localhost:5000"
      }
    }
  }
}

VS Code Copilot Integration

VS Code MCP Configuration

Configure VS Code settings in .vscode/settings.json:

{
	"servers": {
		"hexstrike": {
			"type": "stdio",
			"command": "python3",
			"args": [
				"/path/to/hexstrike-ai/hexstrike_mcp.py",
				"--server",
				"http://localhost:5000"
			]
		}
	},
	"inputs": []
}

Cursor AI Integration

Cursor MCP Setup Guide

Configure Cursor settings in ~/.cursor/mcp_settings.json:

{
  "mcpServers": {
    "hexstrike-ai": {
      "command": "python3",
      "args": [
        "/path/to/hexstrike-ai/hexstrike_mcp.py",
        "--server", "http://localhost:5000"
      ],
      "description": "HexStrike AI MCP Agents v5.0"
    }
  }
}

AI Agent Usage Examples

🎯 Example AI Conversations

Autonomous Penetration Testing

User: "Perform a comprehensive security assessment of example.com"

AI Agent: "I'll conduct a multi-phase security assessment:
1. Starting with network reconnaissance using nmap...
2. Performing subdomain enumeration with amass...
3. Running web application scans with nuclei...
4. Testing for common vulnerabilities...

[Real-time results and analysis follow]"

Intelligent Vulnerability Discovery

User: "Find XSS vulnerabilities in this web application"

AI Agent: "I'll test for XSS vulnerabilities:
1. Crawling the application with hakrawler...
2. Discovering parameters with paramspider...
3. Generating contextual XSS payloads...
4. Testing each injection point...

[Detailed vulnerability report with proof-of-concepts]"

Advanced API Security Testing

User: "Audit this GraphQL API for security issues"

AI Agent: "I'll perform a comprehensive GraphQL security audit:
1. Testing introspection queries...
2. Analyzing query depth limitations...
3. Checking for batch query vulnerabilities...
4. Examining authentication bypass techniques...

[Complete API security assessment with recommendations]"

Example Test Run: Basic quick recon on 0x4m4.com

API Reference

🔧 Core System Endpoints

Endpoint	Method	Description	Parameters
`/health`	GET	Server health check	None
`/api/command`	POST	Execute arbitrary commands	`command`, `use_cache`
`/api/telemetry`	GET	System performance metrics	None
`/api/cache/stats`	GET	Cache performance statistics	None

🛡️ Security Tools API

Network Security Tools

Tool	Endpoint	Key Parameters
Nmap	`/api/tools/nmap`	`target`, `scan_type`, `ports`, `additional_args`
Amass	`/api/tools/amass`	`domain`, `mode`, `additional_args`
Subfinder	`/api/tools/subfinder`	`domain`, `silent`, `additional_args`
Nuclei	`/api/tools/nuclei`	`target`, `severity`, `additional_args`

🤖 AI-Powered Features

Intelligent Security Testing

Feature	Endpoint	Key Parameters
Payload Generation	`/api/ai/generate_payload`	`attack_type`, `complexity`, `technology`
Payload Testing	`/api/ai/test_payload`	`payload`, `target_url`, `method`
Attack Suite	`/api/ai/generate_attack_suite`	`target_url`, `attack_types`

🎮 Process Management

Real-time Command Control

Action	Endpoint	Description
List Processes	`GET /api/processes/list`	List all active processes
Process Status	`GET /api/processes/status/<pid>`	Get detailed process information
Terminate	`POST /api/processes/terminate/<pid>`	Stop specific process
Dashboard	`GET /api/processes/dashboard`	Live monitoring dashboard

Troubleshooting

Common Issues

MCP Connection Failed:

# Check if server is running
netstat -tlnp | grep 5000

# Restart server
python3 hexstrike_server.py

Security Tools Not Found:

# Check tool availability
which nmap gobuster nuclei

# Install missing tools from their official sources

AI Agent Cannot Connect:

# Verify MCP configuration paths
# Check server logs for connection attempts
python3 hexstrike_mcp.py --debug

Debug Mode

Enable debug mode for detailed logging:

python3 hexstrike_server.py --debug
python3 hexstrike_mcp.py --debug

Performance Features

⚡ Result Caching: Optimized performance for repeated operations
🔄 Concurrent Execution: Multiple tools can run simultaneously
📊 Real-time Progress: Live command output and progress tracking
💾 Memory Optimization: Efficient handling of large outputs
🔧 Automatic Cleanup: Temporary files and processes are managed

What's New in v5.0

🔥 Major Enhancements

MCP Integration: Full Model Context Protocol support for AI agents
Advanced Process Control: Real-time command termination and monitoring
Enhanced Caching: LRU cache with intelligent TTL management
Cloud Security: Comprehensive cloud and container security tools
AI Automation: Intelligent payload generation and testing capabilities
File Operations: Complete file management system for AI agents

🆕 New Features

Real-time command output streaming
Progress indicators for long-running operations
Contextual payload generation system
Advanced API security testing (GraphQL, JWT)
Comprehensive process dashboard
Enhanced error handling with detailed logging

🔒 Security Considerations

⚠️ Important Security Notes:

This tool provides AI agents with powerful system access
Run in isolated environments or dedicated security testing VMs
AI agents can execute arbitrary security tools - ensure proper oversight
Monitor AI agent activities through the real-time dashboard
Consider implementing authentication for production deployments

📝 Contributing

We welcome contributions from the cybersecurity and AI community!

🔧 Development Environment Setup

# 1. Fork and clone the repository
git clone https://github.com/0x4m4/hexstrike-ai.git
cd hexstrike-ai

# 2. Create development environment
python3 -m venv hexstrike-dev
source hexstrike-dev/bin/activate

# 3. Install development dependencies
pip install -r requirements.txt

# 4. Start development server
python3 hexstrike_server.py --port 5000 --debug

🎯 Priority Areas for Contribution

🤖 AI Agent Integrations - Support for new AI platforms and agents
🛠️ Security Tool Additions - Integration of additional security tools
⚡ Performance Optimizations - Caching improvements and scalability enhancements
📖 Documentation - AI usage examples and integration guides
🧪 Testing Frameworks - Automated testing for AI agent interactions

📄 License

MIT License - see LICENSE file for details.

👨‍💻 Author

m0x4m4 - www.0x4m4.com | HexStrike

HexStrike AI MCP Agents v5.0 - Empowering AI agents with autonomous cybersecurity capabilities!