npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

hacktricks-mcp-server

v1.3.4

Published

MCP server for searching HackTricks documentation

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

xplo8explo8e

Keywords

mcphacktrickspentestingsecurity

Readme

HackTricks MCP Server

MCP (Model Context Protocol) server for searching and querying HackTricks pentesting documentation directly from Claude.

Features

  • Quick lookup - One-shot exploitation info with alias support (sqli, xss, ssrf, etc.)
  • Grouped search results - Results aggregated by file with match count, title, and relevant sections
  • Page outline - Quick table of contents to identify relevant sections
  • Section extraction - Read specific sections instead of full pages (token-efficient)
  • Cheatsheet mode - Extract only code blocks/commands from pages
  • Category browsing - Discover available topics and file paths
  • Fast grep search - Uses ripgrep for instant results
  • Security hardened - Protection against command injection and path traversal

Setup

Option 1: Install from npm (Recommended)

# Install the package
npm install -g hacktricks-mcp-server

# The postinstall script will automatically clone HackTricks repository

Option 2: Install from source

git clone https://github.com/Xplo8E/hacktricks-mcp-server.git
cd hacktricks-mcp-server
git submodule update --init --recursive
npm install
npm run build

Configure Claude

Add to your Claude settings (~/.claude/settings.json):

{
  "mcpServers": {
    "hacktricks": {
      "command": "node",
      "args": ["/path/to/hacktricks-mcp/dist/index.js"],
      "disabled": false
    }
  }
}

5. Restart Claude

After adding the MCP server configuration, restart Claude for the changes to take effect.

Available Tools

hacktricks_quick_lookup

One-shot exploitation lookup. Searches, finds best page, and returns exploitation sections + code blocks in one call.

Parameters:

  • topic (string, required): Attack/technique to look up (e.g., 'SUID', 'sqli', 'xss', 'docker escape')
  • category (string, optional): Category filter for faster results

Supported aliases: sqli, xss, rce, lfi, rfi, ssrf, csrf, xxe, ssti, idor, jwt, suid, privesc

Example:

hacktricks_quick_lookup("SSRF", category="pentesting-web")

Benefits: Reduces 3+ tool calls to 1 for "how do I exploit X" questions.

search_hacktricks

Search through HackTricks documentation. Returns results GROUPED BY FILE with match count, page title, and relevant section headers.

Parameters:

  • query (string, required): Search term or regex pattern
  • category (string, optional): Filter to specific category (e.g., 'pentesting-web')
  • limit (number, optional): Max grouped results (default: 20)

Example output:

Found matches in 5 files for: "SUID"

────────────────────────────────────────────────────────────

📄 **Linux Privilege Escalation**
   Path: src/linux-hardening/privilege-escalation/README.md
   Matches: 12
   Sections: SUID Binaries | Finding SUID | GTFOBins
   Preview:
     L45: Find files with SUID bit set...
     L78: Common SUID exploitation techniques...

────────────────────────────────────────────────────────────

get_hacktricks_outline

Get the table of contents of a page (all section headers). Use this BEFORE reading full pages to understand structure.

Parameters:

  • path (string): Relative path to markdown file

Example output:

# Linux Privilege Escalation
  ## Enumeration
    ### System Information
    ### Network
  ## SUID Binaries
    ### Finding SUID Files
    ### Exploiting SUID
  ## Capabilities

Benefits: See page structure in ~20 lines vs reading 500+ lines.

get_hacktricks_section

Extract a specific section from a page by header name. Much more efficient than reading the full page.

Parameters:

  • path (string): Relative path to markdown file
  • section (string): Section header to extract (partial match, case-insensitive)

Example:

get_hacktricks_section("src/linux-hardening/privilege-escalation/README.md", "SUID")

Benefits: Read just "SUID Binaries" section (~200 tokens) instead of entire page (~3000 tokens).

get_hacktricks_cheatsheet

Extract only code blocks from a page. Perfect when you just need commands, payloads, or examples.

Parameters:

  • path (string): Relative path to markdown file

Example output:

find / -perm -4000 2>/dev/null
./vulnerable_suid -p

Benefits: Skip explanatory text when you just need "give me the command".

get_hacktricks_page

Get full content of a HackTricks page.

Parameters:

  • path (string): Relative path to markdown file

Warning: Pages can be very long (3000+ tokens). Consider using get_hacktricks_outline + get_hacktricks_section instead.

list_hacktricks_categories

List categories and their contents.

Parameters:

  • category (string, optional): Category to expand

Without category: Lists top-level categories With category: Shows full directory tree with file paths

Efficient Usage Pattern

For optimal token usage, Claude should:

  1. Search with category filter → Get grouped results with context
  2. Get outline of relevant page → See structure before reading
  3. Extract specific section → Read only what's needed
  4. Get cheatsheet → Quick command reference

Before (inefficient):

search_hacktricks("SUID")     → 50 raw lines
get_page(file1)               → 3000 tokens
get_page(file2)               → 2500 tokens  
Total: ~5500 tokens, 3 calls

After (efficient):

search_hacktricks("SUID", category="linux-hardening")  → Grouped results
get_outline(best_match)                                 → 20 lines
get_section(best_match, "SUID")                         → 200 tokens
Total: ~400 tokens, 3 calls

Requirements

  • Node.js (v18 or higher)
  • ripgrep (rg) - usually pre-installed on macOS/Linux
  • Bun (for package management)

Development

Watch mode:

bun run dev

Test locally:

bun run start

License

MIT

Credits