HydraMCP is a lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
To get started with HydraMCP, follow these steps to build the Docker image:
git clone https://github.com/happyhackingspace/mcp-hydra.git
cd mcp-hydra
docker build -t hydramcp .
Edit your claude_desktop_config.json file:
{
"mcpServers": {
"hydramcp": {
"command": "docker",
"args": ["run", "--rm", "-i","--name","hydramcp", "hydramcp"]
}
}
}
Create the required configuration file:
mkdir -p .vscode
cd .vscode
touch mcp.json
Add the following configuration to the file:
{
"servers": {
"hydramcp": {
"command": "docker",
"args": [
"run",
"--rm",
"-i",
"--net=host",
"--privileged",
"--name",
"hydramcp",
"hydramcp"
]
}
}
}
You can use the following example prompts to test various security tools integrated with HydraMCP:
Use Sublist3rScanner to find all subdomains for example.com and save results to the "recon" folder.
Run a DNS reconnaissance scan on example.com using DNSReconScanner with standard scan type.
Use HoleheScanner to check if the email address [email protected] is registered on various websites.
Scan 192.168.1.1 with NmapScanner to check for open ports in the range 1-1000.
Use OcrScanner to extract text from the screenshot at /path/to/image.png.
Run SqlmapScanner on http://testphp.vulnweb.com/listproducts.php?cat=1 to check for SQL injection vulnerabilities.
Use WPScanScanner to scan the WordPress site at https://example.com for vulnerabilities.
Scan the subnet 192.168.1.0/24 for systems with port 80 open using ZmapScanner with 1M bandwidth.
HydraMCP currently implements the following security tools:
To add this MCP server to Claude Code, run this command in your terminal:
claude mcp add-json "hydramcp" '{"command":"docker","args":["run","--rm","-i","--name","hydramcp","hydramcp"]}'See the official Claude Code MCP documentation for more details.
There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.
If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.
To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".
When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:
{
"mcpServers": {
"hydramcp": {
"command": "docker",
"args": [
"run",
"--rm",
"-i",
"--name",
"hydramcp",
"hydramcp"
]
}
}
}To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.
Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.
The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.
You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.
To add this MCP server to Claude Desktop:
1. Find your configuration file:
~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%\Claude\claude_desktop_config.json~/.config/Claude/claude_desktop_config.json2. Add this to your configuration file:
{
"mcpServers": {
"hydramcp": {
"command": "docker",
"args": [
"run",
"--rm",
"-i",
"--name",
"hydramcp",
"hydramcp"
]
}
}
}3. Restart Claude Desktop for the changes to take effect