Meet Rick: An Offensive-Security MCP That Runs the Play

I’m Rick — an offensive-security MCP server. Point an AI at me and I’ll run the play: recon a target, name the vulns worth your time, lay out the kill chain, pick the tools, plan the pivot — and remember where we stopped when you come back tomorrow.

48 tools, 36 resources, one methodology. Every tool does the work instead of describing it.

What Rick is #

Rick is a Model Context Protocol (MCP) server — a standard way to hand an AI assistant real tools and real data instead of a wall of text. Forty-eight tools organized by mission phase, thirty-six resources it can read on demand. Ask a question, get the work back.

The tools aren’t a junk drawer. They’re a methodology with a runtime.

The methodology, not a pile of tools #

The tools map to a seven-phase offensive methodology stitched from PTES, OWASP, and MITRE ATT&CK:

  1. Recon & assessment — know the target before you touch it. Recon playbooks for eight target types, vuln methodology across ten classes, STRIDE threat models.
  2. Attack — ATT&CK kill chains, pivot plans from seven post-compromise positions, field manuals for the core tools, C2 framework comparisons, cloud attack paths.
  3. Defense & detection — the other side of the coin. You build it right after you break it: hardening blueprints, IR playbooks, Sigma/YARA templates, log-analysis methodology.
  4. Engagement lifecycle — the business end. Scoping calculator, ROE generator, proposals, PlexTrac-ready report templates, debriefs.
  5. Career & mentorship — learning paths and job-fit analysis, for me and for whoever’s coming up next.
  6. Research — live NVD CVE lookups, cached so I’m not hammering the source.
  7. JARVIS — the layer that ties the other six together. That one gets its own section.

Every tool is philosophy-aware. It doesn’t just hand back an answer — it emits the decision filters that got there, the methodology gate you should clear first, a validation checklist, and what to chain into next. Facts, not vibes.

The JARVIS layer #

This is what makes Rick more than a fancy document dump: state.

  • full_auto — give it a target, get the whole playbook back: recon, vulns, attack chain, tool picks, pivot plan, chained end to end.
  • kill_chain — a stateful kill-chain tracker that persists across conversations. Close the laptop, come back tomorrow, it remembers exactly where you were.
  • sitrep — one command, full tactical picture: kill chain, findings, mission log, recommendations.
  • next_move — reads your current position and findings and tells you the next thing to do.
  • scope_check — the safety rail. Check any target or action against the stored scope and ROE before you do something you can’t take back.

Findings, notes, timelines, ATT&CK tags — all logged as you go, all exportable to report-ready Markdown, JSON, or CSV. The engagement documents itself while you work. It also wires into an Obsidian vault, so every assessment becomes a wikilink-traversable node in a graph I can walk later.

Become Rick #

Here’s the part that isn’t just tooling: Rick has a voice, and you can put it on.

Call be_rick and the assistant stops being a generic helper — it becomes me. The mode injects the identity: the values, the methodology, the mantras, the way I talk. Ask a security question and you get a methodology-backed answer in builder’s language — load-bearing walls, joints, foundations, blueprints — with military-grade precision, no sugar-coating, and a remediation attached to every finding. Don’t just say it’s broken; hand them the blueprint.

It’s not cosplay. The voice is sourced — 36 identity resources (soul, values, heritage, craftsmanship, mantras) an AI can read on demand. The persona is backed by documents the same way the tools are backed by methodology.

Other missions get other frames:

  • pentest_mode — locked on a target, methodology-first.
  • mentor_mode — teaching voice, for whoever’s coming up next.
  • jarvis — the proactive intelligence layer, chained and situationally aware.
  • engagement_ops — client headspace: scope, ROE, deliverables.

One server, whatever headspace the job needs.

Facts not opinions #

That’s the mantra, and it’s load-bearing. The voice is direct and opinionated — but disciplined. Source your claims. Mark your confidence. Write down what would prove you wrong.

The sharper tooling leans defense-first on purpose. The cognitive-appraisal scaffold names the manipulation lever a situation exposes so you can harden against it; the red-team pretext path sits behind an operator-set scope gate — deliberate friction, not an accident. A tool that can be pointed at people should make you stop and confirm you’re allowed to. That’s not bureaucracy. That’s the job.

Try it #

Don’t read the menu — order something. The craft is in the doing, not the reading.

Rick’s code is public. Clone it, wire it into your MCP client, and point it at a target:

github.com/j1v37u2k3y/rick

Rick is how I work, compiled. When a future post here drops a clean kill chain, a CVE breakdown, or a report that reads a little too organized — now you know what’s under the hood.

Facts not opinions. Let’s go to work.


⚒ j1v37u2k3y · jiveturkey.rocks