Skip to main content
This is the fastest path to a working local pwno-mcp instance.
pwno-mcp needs SYS_PTRACE, SYS_ADMIN, and unconfined seccomp/apparmor settings so GDB and attach flows work correctly inside Docker.
1

Create a workspace mount

Put the target binary you want to analyze inside a local workspace directory.
mkdir -p ./workspace
cp ./path/to/your/binary ./workspace/chal
chmod +x ./workspace/chal
2

Choose a transport

Use HTTP when your client wants a url. Use stdio when your client wants a local command plus args.
3

Start the server

Pick one of the launch commands below.
4

Connect your client

Open Client Setup and copy the matching config for your MCP client.
docker run --rm -p 5500:5500 \
  --cap-add=SYS_PTRACE \
  --cap-add=SYS_ADMIN \
  --security-opt seccomp=unconfined \
  --security-opt apparmor=unconfined \
  -v "$PWD/workspace:/workspace" \
  ghcr.io/pwno-io/pwno-mcp:latest
In HTTP mode, connect clients to http://127.0.0.1:5500/mcp and use http://127.0.0.1:5500/healthz for health checks. In stdio mode, your client spawns the container as a local MCP server instead of calling an HTTP endpoint.

Important defaults

  • http_path defaults to /mcp.
  • The HTTP health endpoint is /healthz.
  • The attach helper API defaults to 127.0.0.1:5501 inside the runtime.
  • Tool path arguments should use container-visible paths under /workspace.
  • Relative paths are resolved under /workspace by the server.
If you mounted ./workspace from your host, your first binary path inside tool calls is usually /workspace/chal.

Next steps

Configure your client

Copy a ready-to-use HTTP or stdio config for your MCP client.

Verify the setup

Run a short end-to-end validation flow against your local server.