Model Context Protocol server for PwnDoc pentest documentation
This guide covers setting up PwnDoc MCP Server with Claude Desktop for seamless AI-powered pentest documentation.
pip install pwndoc-mcp-server[all])Claude Desktop stores its configuration at:
| Platform | Path |
|---|---|
| macOS | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Windows | %APPDATA%\Claude\claude_desktop_config.json |
| Linux | ~/.config/Claude/claude_desktop_config.json |
Open the Claude Desktop config file and add the PwnDoc server:
{
"mcpServers": {
"pwndoc": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_URL": "https://your-pwndoc-instance.com",
"PWNDOC_USERNAME": "your-username",
"PWNDOC_PASSWORD": "your-password"
}
}
}
}
{
"mcpServers": {
"pwndoc": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_URL": "https://your-pwndoc-instance.com",
"PWNDOC_TOKEN": "your-jwt-token"
}
}
}
}
Close and reopen Claude Desktop for changes to take effect.
Look for “pwndoc” in the tools panel, or ask Claude:
“What PwnDoc tools do you have access to?”
If you prefer Docker:
{
"mcpServers": {
"pwndoc": {
"command": "docker",
"args": [
"run", "-i", "--rm",
"-e", "PWNDOC_URL=https://your-pwndoc.com",
"-e", "PWNDOC_TOKEN=your-token",
"ghcr.io/walidfaour/pwndoc-mcp-server:latest"
]
}
}
}
{
"mcpServers": {
"pwndoc": {
"command": "/usr/local/bin/pwndoc-mcp-server",
"args": [],
"env": {
"PWNDOC_URL": "https://your-pwndoc.com",
"PWNDOC_TOKEN": "your-token"
}
}
}
}
{
"mcpServers": {
"pwndoc": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_CONFIG_FILE": "/path/to/custom/config.yaml"
}
}
}
}
Enable debug logging:
{
"mcpServers": {
"pwndoc": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_URL": "https://your-pwndoc.com",
"PWNDOC_TOKEN": "your-token",
"PWNDOC_LOG_LEVEL": "DEBUG",
"PWNDOC_LOG_FILE": "/tmp/pwndoc-mcp.log"
}
}
}
}
Connect to multiple PwnDoc servers:
{
"mcpServers": {
"pwndoc-prod": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_URL": "https://pwndoc.production.com",
"PWNDOC_TOKEN": "prod-token"
}
},
"pwndoc-dev": {
"command": "pwndoc-mcp",
"args": ["serve"],
"env": {
"PWNDOC_URL": "https://pwndoc.dev.local",
"PWNDOC_TOKEN": "dev-token"
}
}
}
}
Once connected, you can ask Claude natural language questions:
“Show me all audits for Acme Corp”
“What’s the status of the Q4 web application pentest?”
“Create a new audit called ‘Mobile App Assessment 2024’ for Client XYZ”
“List all critical findings across my audits”
“Find SQL injection vulnerabilities in the e-commerce audit”
“What are the most common vulnerability types this quarter?”
“Generate the report for the completed infrastructure assessment”
“Summarize the findings from audit [audit-id]”
“Update the executive summary section of the current audit”
“Compare vulnerability trends between Q3 and Q4”
“Which clients have the most critical findings?”
“Show me all unremediated high-severity findings”
pwndoc-mcp is in your PATHpwndoc-mcp serve in terminal# Test credentials outside Claude
pwndoc-mcp test
# Test PwnDoc connectivity
curl https://your-pwndoc.com/api/users/me -H "Authorization: Bearer $TOKEN"
Check the debug log:
tail -f /tmp/pwndoc-mcp.log
| Platform | Log Location |
|---|---|
| macOS | ~/Library/Logs/Claude/ |
| Windows | %APPDATA%\Claude\logs\ |
| Linux | ~/.config/Claude/logs/ |
Prefer JWT tokens over username/password when possible.
chmod 600 ~/Library/Application\ Support/Claude/claude_desktop_config.json
Use environment variables instead of hardcoding credentials:
# In your shell profile
export PWNDOC_TOKEN="your-token"
Then in config:
{
"mcpServers": {
"pwndoc": {
"command": "pwndoc-mcp",
"args": ["serve"]
}
}
}
Regularly review PwnDoc access logs and API usage.