Connects Claude to TurboPentest's API so you can launch pentests, poll for findings, and pull reports without switching windows. Exposes seven tools covering the full workflow: start scans against verified domains, filter findings by severity, download reports in markdown or PDF, and verify blockchain attestations. Four built-in prompts handle common sequences like compare_pentests for diff'ing two runs or security_posture for an executive view across recent scans. Supports white-box mode if you pass a GitHub repo URL, adding SAST and secret detection on top of black-box testing. Each completed scan gets anchored on-chain with a SHA-256 hash you can verify independently. Useful when you want security testing in the same loop as code review and deployment prep.
claude mcp add --transport stdio io.github.integsec-turbopentest -- npx -y @turbopentest/mcp-server