Add operant-mcp to Exploiting section

_pages/index.rst

@@ -502,10 +502,10 @@ Exploiting
 - `AttackSurfaceAnalyzer <https://github.com/microsoft/AttackSurfaceAnalyzer>`_ - Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
 - `Bashfuscator <https://github.com/Bashfuscator/Bashfuscator>`_ - A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
 - `BeEF <http://beefproject.com>`_ - The Browser Exploitation Framework Project.
-- `Bowcaster Exploit Development Framework <https://github.com/zcutlip/bowcaster>`_ - This framework, implemented in Python, is intended to aid those developing
-exploits by providing useful set of tools and modules, such as payloads,
-encoders, connect-back servers, etc.  Currently the framework is focused on the
-MIPS CPU architecture, but the design is intended to be modular enough to
+- `Bowcaster Exploit Development Framework <https://github.com/zcutlip/bowcaster>`_ - This framework, implemented in Python, is intended to aid those developing
+exploits by providing useful set of tools and modules, such as payloads,
+encoders, connect-back servers, etc.  Currently the framework is focused on the
+MIPS CPU architecture, but the design is intended to be modular enough to
 support arbitrary architectures.
 - `BugId <https://github.com/SkyLined/BugId>`_ - Detect, analyze and uniquely identify crashes in Windows applications.
 - `CALDERA <https://github.com/mitre/caldera>`_ - A cyber security framework designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.
@@ -525,6 +525,7 @@ support arbitrary architectures.
 - `Gorsair <https://github.com/Ullaakut/Gorsair>`_ - Gorsair hacks its way into remote docker containers that expose their APIs.
 - `Infection Monkey <https://github.com/guardicore/monkey>`_ - An open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.
 - `Inveigh <https://github.com/Kevin-Robertson/Inveigh>`_ - .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.
+- `operant-mcp <https://github.com/operantlabs/operant-mcp>`_ - Open-source MCP server providing 51 security testing tools across 19 modules including SQL injection, XSS, command injection, SSRF, path traversal, PCAP/network forensics, reconnaissance, memory forensics, and malware document analysis.
 - `Jir-thief <https://github.com/antman1p/Jir-Thief>`_ - A Red Team tool for exfiltrating sensitive data from Jira tickets.
 - `Kube-hunter <https://github.com/aquasecurity/kube-hunter>`_ - Hunt for security weaknesses in Kubernetes clusters.
 - `LAVA <https://github.com/panda-re/lava>`_ - Large-scale Automated Vulnerability Addition.
@@ -873,7 +874,7 @@ Reporting
 - `DefectDojo <https://github.com/DefectDojo/django-DefectDojo>`_ - An open-source application vulnerability correlation and security orchestration tool.
 - `Dradis <https://dradisframework.com/ce/>`_ - Colllaboration and reporting for IT Security teams.
 - `Faraday <http://www.faradaysec.com>`_ - Collaborative Penetration Test and Vulnerability Management Platform.
-- `PwnDoc <https://github.com/pwndoc/pwndoc>`_ - A pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report.
+- `PwnDoc <https://github.com/pwndoc/pwndoc>`_ - A pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report.
 The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users.
 - `VECTR <https://github.com/SecurityRiskAdvisors/VECTR>`_ - A tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios.
 - `WriteHat <https://github.com/blacklanternsecurity/writehat>`_ - A reporting tool which removes Microsoft Word (and many hours of suffering) from the reporting process. Markdown --> HTML --> PDF. Created by penetration testers, for penetration testers - but can be used to generate any kind of report.
@@ -1157,7 +1158,7 @@ Cloud Security
 - `Security Monkey <https://github.com/Netflix/security_monkey>`_ - Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
 - `SyntheticSun <https://github.com/jonrau1/SyntheticSun>`_ - A defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
 - `ThreatMapper <https://github.com/deepfence/ThreatMapper>`_ - Hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice.
-- `Varna <https://github.com/endgameinc/varna>`_ - Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)
+- `Varna <https://github.com/endgameinc/varna>`_ - Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)
 Resources
 - `s3cr3t <https://github.com/axl89/s3cr3t>`_ - Serve files securely from an S3 bucket with expiring links and other restrictions.