Model Context Protocol Server

AI-Powered Penetration Testing
with Siemba GenPT

Connect Claude, Cursor, or any MCP-compatible AI assistant directly to Siemba's penetration testing platform. Run scans, review findings, and manage assets — all from your AI chat.

Connect an AI Client See Available Tools

MCP Endpoint

Siemba Platform

Continuous Threat Exposure Management

Siemba helps security and engineering teams find and fix vulnerabilities before attackers do — continuously, at scale.

GenPT

AI-driven DAST penetration testing. Automated discovery, exploitation, and reporting for web apps and APIs.

PTaaS

Penetration Testing as a Service. Expert-led testing combined with continuous automated coverage.

EASM

External Attack Surface Management. Discover and monitor all internet-facing assets continuously.

GenVA

AI-powered vulnerability assessment with intelligent prioritization and compliance mapping.

AISO

AI Security Orchestration. Correlate findings, prioritize risk, and automate remediation workflows.

MCP Tools

15 Tools Available

Every tool is secured with OAuth 2.1 + PKCE and proxied through the Siemba REST API on your behalf.

health_check

Verify MCP server liveness and Siemba API connectivity

initiate_genpt_test

Start the GenPT test wizard for a target URL

advance_genpt_wizard

Advance wizard steps — asset creation, WAF and redirect acceptance

get_genpt_wizard_state

Resume an in-progress wizard session by chat ID

list_saved_credentials

List saved credentials for a web app asset

start_genpt_test

Launch the test once the wizard reaches START_TEST

list_tests

List previously run test sessions with filters

get_test_status

Get current status and progress of a test session

list_findings

List security findings by severity, date, or target

get_finding_detail

Get full finding detail including remediation guidance

list_assets

List assets with filters — platform, priority, status

get_asset_detail

Get full details of a specific asset

get_test_activities

Poll per-step activity status for in-progress or failed tests

get_activity_screenshot

Download a screenshot from a test activity step

logout

Revoke the active session and disconnect the MCP server

Get Connected

Connect Your AI Assistant

Choose your AI client and follow the steps. A Siemba account with 2FA enabled is required to authenticate.

1
Install mcp-remote globally

Claude Desktop does not support remote MCP servers natively. Install the bridge once using Node.js:
Terminal
```
npm install -g mcp-remote
```
Requires Node.js 18+. Run once — no reinstall needed for future connections.
Open Claude Desktop settings

Go to Claude → Settings → Developer → Edit Config. This opens claude_desktop_config.json in your editor.
Add the Siemba MCP server entry

Paste the snippet on the right into the mcpServers object and save the file.
Restart Claude Desktop

Quit and reopen Claude Desktop. A hammer icon in the toolbar confirms MCP tools are loaded.
Authenticate with Siemba

A browser opens automatically to the Siemba login page. Enter your email, password, and TOTP code to authorize.

claude_desktop_config.json

Config file location (macOS):
~/Library/Application Support/Claude/claude_desktop_config.json

Config file location (Windows):
%APPDATA%\Claude\claude_desktop_config.json

Open Claude.ai settings

Go to claude.ai → Settings → Integrations and click Add Integration.
Paste the MCP server URL

Enter the endpoint shown on the right and save. Claude.ai will auto-discover the OAuth configuration.
Complete OAuth authorization

You will be redirected to the Siemba login page. Enter your credentials and TOTP code to authorize.
Start testing

Siemba tools appear in your Claude.ai chat. Ask Claude to run a GenPT test on any target URL.

MCP Server URL

Create or edit your MCP config

Add the snippet on the right to .cursor/mcp.json in your project root, or ~/.cursor/mcp.json for a global config.
Reload Cursor

Open the Command Palette (Cmd+Shift+P) and run MCP: Reload Servers, or restart Cursor.
Authenticate

Cursor opens a browser to the Siemba login page. Complete authentication with your credentials and TOTP code.

.cursor/mcp.json

Streamable HTTP transport

This server uses the MCP Streamable HTTP transport (spec 2025-03-26). Any MCP-compatible client supporting this transport can connect.
OAuth 2.1 auto-discovery

Clients that support Dynamic Client Registration will auto-configure via the /.well-known/oauth-authorization-server metadata endpoint.
Send requests with Bearer token

All requests to /mcp require Authorization: Bearer <token>. TOTP (2FA) is mandatory during login.

HTTP Request

OAuth metadata: /.well-known/oauth-authorization-server

OAuth 2.1 + PKCE

MFA Required

Token Rotation

Redis-backed Sessions

Rate Limited

Support

Frequently Asked Questions

Common issues and how to resolve them.

Claude Desktop says "Could not attach to MCP server" — what do I do?

This is almost always caused by mcp-remote not being installed globally. When using npx mcp-remote, npm checks the registry for the latest version on every startup — this check can take 60+ seconds, which exceeds Claude Desktop's 60-second initialize timeout.

Fix — install mcp-remote globally once:

Terminal

npm install -g mcp-remote

Then update your claude_desktop_config.json to use it directly:

claude_desktop_config.json

Restart Claude Desktop. The connection comes up in a few seconds.

The browser opens but the connection still fails after logging in.

Claude Desktop times out (60 seconds) while waiting for the OAuth flow to complete. This happens when npx mcp-remote takes too long to start before opening the browser.

Installing mcp-remote globally (see first FAQ item) resolves this — the process starts instantly so the browser opens well within the timeout window.

How do I log out or switch accounts?

Ask Claude to call the logout tool — it revokes your session on the Siemba server. Then clear the local token cache and reconnect:

Terminal

rm -rf ~/.mcp-auth

Restart Claude Desktop. The browser will open for fresh authentication.

Tools are returning "Your Siemba session has expired" errors.

Your Siemba session JWT has expired (separate from the MCP access token). Call the logout tool to clear the session, then disconnect and reconnect the MCP server. You will be prompted to log in again with a fresh TOTP code.

Was working before but stopped connecting after a restart.

Stale coordination files from a previous mcp-remote session can block new connections. Clear the cache:

Terminal

rm -rf ~/.mcp-auth && pkill -f mcp-remote

Then restart Claude Desktop.

AI-Powered Penetration Testing with Siemba GenPT

Continuous Threat Exposure Management

GenPT

PTaaS

EASM

GenVA

AISO

15 Tools Available

Connect Your AI Assistant

Install mcp-remote globally

Open Claude Desktop settings

Add the Siemba MCP server entry

Restart Claude Desktop

Authenticate with Siemba

Open Claude.ai settings

Paste the MCP server URL

Complete OAuth authorization

Start testing

Create or edit your MCP config

Reload Cursor

Authenticate

Streamable HTTP transport

OAuth 2.1 auto-discovery

Send requests with Bearer token

Frequently Asked Questions

AI-Powered Penetration Testing
with Siemba GenPT