A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Configuration
View docs{
"mcpServers": {
"happyhackingspace-mcp-hydra": {
"command": "docker",
"args": [
"run",
"--rm",
"-i",
"--name",
"hydramcp",
"hydramcp"
]
}
}
}Hydra MCP is a lightweight, extensible Model Context Protocol server that lets you connect AI assistants to security tools for automated reconnaissance, scanning, and analysis. It provides a streamlined way to run multiple security tools under MCP control, enabling you to orchestrate pentesting workflows with AI assistance.
Use Hydra MCP by running it as a local STDIO server so your MCP client can communicate with the containerized service and orchestrate tools like Sublist3r, Nmap, SQLMap, and more. You can start Hydra MCP from your development environment or integrate it into your IDE workflow via standard MCP client configuration. When connected, you can issue prompts that map to the available scanners and receive structured results to drive your testing cycles.
Prerequisites: you need Docker installed on your machine to build and run the Hydra MCP image.
Clone the project and build the Docker image.
git clone https://github.com/happyhackingspace/mcp-hydra.git
cd mcp-hydra
docker build -t hydramcp .Edit your MCP client configuration to point to the Hydra MCP STDIO server. You will run Hydra MCP as a Docker container with a defined name so the client can connect to it.
{
"mcpServers": {
"hydramcp": {
"command": "docker",
"args": ["run", "--rm", "-i", "--name", "hydramcp", "hydramcp"]
}
}
}If you prefer to configure via VSCode, create a client config that runs Hydra MCP inside a container with host networking and the necessary privileges.
{
"servers": {
"hydramcp": {
"command": "docker",
"args": [
"run",
"--rm",
"-i",
"--net=host",
"--privileged",
"--name",
"hydramcp",
"hydramcp"
]
}
}
}You can run the included tools by issuing prompts that select a scanner and provide the target. For example, you can target a domain for subdomain discovery, perform DNS reconnaissance, or scan a host for open ports. The toolkit supports a range of tools described in the available prompts.
Common prompts include selecting a scanner and providing a target, then reviewing results returned by the MCP server. You can combine multiple tools in a single workflow to gather reconnaissance data, assess exposure, and identify vulnerabilities.
Use prompts to exercise the tools and confirm the integration with Hydra MCP. Examples include running a subdomain enumeration, performing DNS reconnaissance, checking email registrations across sites, scanning a host for open ports, extracting text from images, testing for SQL injection, and scanning a WordPress site.
If the container fails to start, ensure Docker is running and that no existing containers use the hydramcp name. Check that the image hydramcp exists locally after the build step. If network access is required for tool operations, verify your host network configuration and permissions for the container.
Domain enumeration tool used to discover subdomains for a target domain.
DNS reconnaissance tool used to identify DNS records and potential exposure.
Email registration checker to see where an email address is registered across websites.
Network scanner used to identify open ports and services on hosts.
Optical Character Recognition tool to extract text from images.
SQL injection scanner to detect and exploit SQL injection vulnerabilities.
WordPress security scanner that looks for known vulnerabilities.
Internet-wide scanner used to quickly identify hosts with open ports.