{"id":26937703,"url":"https://github.com/atomicchonk/roadrecon_mcp_server","last_synced_at":"2025-04-02T13:15:51.200Z","repository":{"id":285033908,"uuid":"956870410","full_name":"atomicchonk/roadrecon_mcp_server","owner":"atomicchonk","description":"Claude MCP server to perform analysis on ROADrecon data","archived":false,"fork":false,"pushed_at":"2025-03-29T03:05:29.000Z","size":0,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-29T03:26:51.558Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/atomicchonk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-29T02:41:58.000Z","updated_at":"2025-03-29T03:05:33.000Z","dependencies_parsed_at":"2025-03-29T03:37:08.052Z","dependency_job_id":null,"html_url":"https://github.com/atomicchonk/roadrecon_mcp_server","commit_stats":null,"previous_names":["atomicchonk/roadrecon_mcp_server"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomicchonk%2Froadrecon_mcp_server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomicchonk%2Froadrecon_mcp_server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomicchonk%2Froadrecon_mcp_server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atomicchonk%2Froadrecon_mcp_server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/atomicchonk","download_url":"https://codeload.github.com/atomicchonk/roadrecon_mcp_server/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246819783,"owners_count":20839095,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-04-02T13:15:28.276Z","updated_at":"2025-04-02T13:15:51.177Z","avatar_url":"https://github.com/atomicchonk.png","language":"Python","funding_links":[],"categories":["Security","Security \u0026 Attestation MCP Servers","💾 MCP Security Servers","🤖 AI/ML","MCP 服务器精选列表","پیاده‌سازی‌های سرور","MCP Servers","Table of Contents","🧩 Miscellaneous","🧰 MCP Tools","🏴 Post-Exploitation \u0026 Active Directory"],"sub_categories":["Identity \u0026 Access","🔒 安全与分析","🔒 \u003ca name=\"security\"\u003e\u003c/a\u003eامنیت","How to Submit","Other Tools and Integrations","🔐 Security Tools"],"readme":"# ROADrecon MCP Server\n\nThis MCP (Model Context Protocol) server provides AI assistants like Claude with access to your ROADRecon Azure AD data for security analysis.\n\nThe amazing ROADtools suite by dirkjanm can be found here: [ROADRecon](https://github.com/dirkjanm/ROADtools)\n\n## Features\n\n- **Resources**: Access Azure AD data from your ROADRecon instance\n- **Tools**: Run security analysis on the data\n- **Prompts**: Pre-built analysis templates for common security tasks\n\n## Prerequisites\n\n- Python 3.8+\n- A running ROADRecon instance with the web GUI accessible\n- MCP-compatible client (Claude Desktop, etc.)\n\n## Installation\n\n1. Clone this repository\n2. Install dependencies:\n   ```\n   pip install -r requirements.txt\n   ```\n\n## Usage\n\n### Running the server\n\n1. Make sure your ROADRecon GUI is running (default: http://localhost:5000)\n\n2. Run the MCP server:\n   ```\n   python roadrecon_mcp_server.py\n   ```\n\n3. To specify a different ROADRecon URL:\n   ```\n   ROADRECON_URL=http://localhost:8080 python roadrecon_mcp_server.py\n   ```\n\n### Connecting with Claude Desktop\n\n1. Open Claude Desktop\n2. Go to Settings → Servers → Add Server\n3. Select \"Add from running server\" \n4. The server should appear in the list - click \"Install\"\n\nMore details on this step can be found here: https://modelcontextprotocol.io/quickstart/server\n\n### Using in Claude\n\nOnce connected, Claude can:\n- Access Azure AD data via resources (e.g., `roadrecon://users`)\n- Run security analysis with tools (e.g., `find_privileged_users`)\n- Use pre-built prompts for common security tasks\n\n## Example Queries\n\n- \"Analyze the MFA status of users in this Azure AD tenant\"\n- \"Find all users with privileged roles\"\n- \"Check for applications with secrets or certificates\"\n- \"Analyze the overall security posture of this Azure AD environment\"\n\n\n\nhttps://github.com/user-attachments/assets/806e9ccd-d80e-4058-be4f-9d37095f1fd6\n\n\n\n## Resources Available\n\n- `roadrecon://stats` - Summary statistics\n- `roadrecon://users` - All users\n- `roadrecon://users/{id}` - User details\n- `roadrecon://groups` - All groups\n- `roadrecon://groups/{id}` - Group details\n- `roadrecon://applications` - All applications\n- `roadrecon://applications/{id}` - Application details\n- `roadrecon://serviceprincipals` - All service principals\n- `roadrecon://serviceprincipals/{id}` - Service principal details\n- `roadrecon://devices` - All devices\n- `roadrecon://mfa` - MFA status for all users\n- `roadrecon://directoryroles` - All directory roles\n- `roadrecon://roledefinitions` - All role definitions\n- `roadrecon://approles` - All app role assignments\n- `roadrecon://oauth2permissions` - All OAuth2 permission grants\n- `roadrecon://tenantdetails` - Tenant details\n\n## Tools Available\n\n- `find_privileged_users()` - Find users with high-privilege roles\n- `analyze_mfa_status()` - Analyze MFA deployment across users\n- `find_applications_with_secrets()` - Find applications with secrets/certificates\n- `analyze_groups()` - Analyze group types and membership\n- `identify_stale_accounts()` - Find accounts that haven't logged in or changed password within a specified period\n- `analyze_pim_implementation()` - Assess Privileged Identity Management implementation\n- `analyze_service_principal_credentials()` - Find over-permissioned service principals with long-lived credentials\n- `analyze_legacy_authentication()` - Identify risks from legacy authentication protocols that bypass MFA\n- `analyze_conditional_access_policies(file_path: str = \"\")` - Analyze conditional access policies from an HTML file. Looks for the file at \"C:\\Temp\\caps.html\" by default, or prompts the user to specify a file path if not found.\n\n## Prompts Available\n\n- `analyze_security_posture` - Comprehensive security analysis\n- `analyze_privileged_access` - Analysis of privileged access model\n- `investigate_application_risks` - Application security risk assessment\n- `analyze_identity_security` - Identity security configuration analysis\n- `analyze_stale_accounts` - Analysis of inactive user accounts\n- `analyze_privileged_access_management` - PIM implementation assessment\n- `analyze_service_principal_security` - Service principal credential risk analysis\n- `analyze_legacy_authentication_risks` - Legacy authentication protocol risk assessment\n- `analyze_conditional_access` - Analysis of conditional access policies and recommendations\n- `comprehensive_security_review` - Complete security review of the entire environment\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatomicchonk%2Froadrecon_mcp_server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fatomicchonk%2Froadrecon_mcp_server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatomicchonk%2Froadrecon_mcp_server/lists"}