{"id":27004155,"url":"https://github.com/cyproxio/mcp-for-security","last_synced_at":"2025-04-09T17:05:06.754Z","repository":{"id":285959389,"uuid":"959903176","full_name":"cyproxio/mcp-for-security","owner":"cyproxio","description":"MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, and more. Integrate security testing into AI workflows.","archived":false,"fork":false,"pushed_at":"2025-04-03T15:04:17.000Z","size":20,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-03T15:39:17.708Z","etag":null,"topics":["ai-assistants","ai-security","cybersecurity","hacking-tools","mcp","model-context-protocol","pentesting","security-automation","security-integrations","security-testing","security-tools","web-security"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cyproxio.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-04-03T14:36:20.000Z","updated_at":"2025-04-03T15:16:31.000Z","dependencies_parsed_at":"2025-04-03T15:40:14.978Z","dependency_job_id":"98ada895-cad5-4cda-abb4-4acdfe64357c","html_url":"https://github.com/cyproxio/mcp-for-security","commit_stats":null,"previous_names":["cyproxio/mcp-for-security"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyproxio%2Fmcp-for-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyproxio%2Fmcp-for-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyproxio%2Fmcp-for-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyproxio%2Fmcp-for-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cyproxio","download_url":"https://codeload.github.com/cyproxio/mcp-for-security/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248074976,"owners_count":21043490,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-assistants","ai-security","cybersecurity","hacking-tools","mcp","model-context-protocol","pentesting","security-automation","security-integrations","security-testing","security-tools","web-security"],"created_at":"2025-04-04T06:15:12.759Z","updated_at":"2025-04-09T17:05:06.749Z","avatar_url":"https://github.com/cyproxio.png","language":"JavaScript","funding_links":[],"categories":["📚 Projects (1974 total)","AI/ML","TypeScript","Servers","Security","security-tools","カテゴリ","MCP Servers","MCP Servers \u0026 Protocol","Attack Techniques \u0026 Red Teaming","🛠️ MCP Servers for Pentesting \u0026 Security"],"sub_categories":["MCP Servers","Security","How to Submit","🔒 \u003ca name=\"security--auth\"\u003e\u003c/a\u003eセキュリティ・認証","Security \u0026 Reverse Engineering","AI-Assisted Offensive Security"],"readme":"# MCP for Security Tools\n\nThis repository contains Model Context Protocol (MCP) server implementations for various security testing tools, making them accessible through a standardized interface.\n\n## Tools\n\n### FFUF MCP Server\nA server implementation that wraps the FFUF fuzzing tool, allowing it to be used through the MCP interface.\n\n#### Features\n- URL-based fuzzing\n- Support for all FFUF command line arguments\n\n#### Parameters\n- `url`: Target URL to fuzz\n- `ffuf_args`: Array of additional FFUF arguments\n\n\n#### Usage\n```bash\nffuf-mcp \u003cffuf binary\u003e\n```\n\n#### Claude Configuration\n\n```json\n \"ffuf\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"ffuf\"\n ]\n }\n```\n\n### SQLmap MCP Server\nA server implementation that wraps the SQLmap SQL injection testing tool, allowing it to be used through the MCP interface.\n\n#### Features\n- URL-based SQL injection testing\n- Support for all SQLmap command line arguments\n- Error handling and status reporting\n- Comprehensive SQL injection testing capabilities\n\n#### Parameters\n- `url`: Target URL to test for SQL injection\n- `sqlmap_args`: Array of additional SQLmap arguments\n\n\n#### Usage\n```bash\nsqlmap-mcp \u003csqlmap binary or python3 sqlmap\u003e\n```\n\n\n#### Claude Configuration\n\n```json\n \"sqlmap\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"sqlmap\"\n ]\n }\n```\n\n\n### Masscan MCP Server\nA server implementation that wraps the Masscan tool, allowing it to be used through the MCP interface.\n\n#### Features\n- Target based Port Scanning\n- Support for all Masscan command line arguments\n- Error handling and status reporting\n\n#### Parameters\n- `target`: Target ip to scanning ports \n- `port`: Port nubmers to target ip \n- `masscan_args`: Array of additional masscan arguments\n\n\n#### Usage\n```bash\nmasscan-mcp \u003cmasscan\u003e\n```\n\n\n#### Claude Configuration\n\n```json\n \"masscan\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"masscan\"\n ]\n }\n```\n\n### nmap MCP Server\nA server implementation that wraps the nmap scanning tool, allowing it to be used through the MCP interface.\n\n#### Features\n- Target based port scanning \n- Support for all nmap command line arguments\n\n#### Parameters\n- `target`: Target ìp to fuzz\n- `nmap_args`: Array of additional nmap arguments\n\n\n#### Usage\n```bash\nnmap-mcp \u003cnmap binary\u003e\n```\n\n#### Claude Configuration\n\n```json\n \"nmap\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"nmap\"\n ]\n }\n```\n\n\n### Mobsf MCP Server\nA server implementation that wraps the Mobsf tool, allowing it to be used through the MCP interface.\n\n#### Features\n- MobSF functionality exposed through MCP\n- Simple configuration and setup\n- Easy integration with other MCP-compatible tools and systems\n- Standardized input/output handling\n- Support for Android (APK), iOS (IPA), and Windows (APPX) mobile applications\n\n#### Parameters\n- `base_url`: The MobSF server URL (e.g., `http://localhost:8000`)\n- `api_key `: Your MobSF API key\n\n\n#### Usage\n```bash\nmobsf-mcp \u003cbase_url\u003e \u003capi_key\u003e\n```\n\n#### Claude Configuration\n\n```json\n \"mobsf\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"http://127.0.0.1:8000\",\n \"\u003capi key\u003e\"\n ]\n }\n```\n\n\n### Nuclei MCP Server\nA server implementation that wraps the nuclei tool, allowing it to be used through the MCP interface.\n\n#### Features\n- Simple configuration and setup\n- Easy integration with other MCP-compatible tools and systems\n- Standardized input/output handling\n- Access to Nuclei's extensive template library\n\n#### Parameters\n- `url`: The target URL to scan (required)\n- `tags`: Comma-separated list of template tags to filter which checks to run (optional)\n\n\n#### Usage\n```bash\nnuclei-mcp \u003cnuclei\u003e\n```\n\n#### Claude Configuration\n\n```json\n \"nuclei\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"\u003c/usr/local/go/bin/nuclei\u003e\"\n ]\n }\n```\n\n\n### Sslcan MCP Server\nA server implementation that wraps the sslscan tool, allowing it to be used through the MCP interface.\n\n#### Features\n- Full SSLScan functionality exposed through MCP\n- Simple configuration and setup\n- Easy integration with other MCP-compatible tools and systems\n- Standardized input/output handling\n- Support for all SSLScan options and configurations\n\n#### Parameters\n- `target`: The target URL to scan (required)\n- `sslscan_args`: Array of additional sslscan arguments\n\n\n#### Usage\n```bash\nsslscan-mcp \u003csslscan\u003e\n```\n\n#### Claude Configuration\n\n```json\n \"sslscan\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\",\n \"\u003csslscan\u003e\"\n ]\n }\n```\n\n\n### HTTP Headers Security MCP\nA server implementation that wraps the http security headers , allowing it to be used through the MCP interface.\n\n#### Features\n- Analysis of HTTP response headers against OWASP security standards\n- Identification of security headers that should be removed\n- Recommendations for missing security headers that should be added\n- Simple configuration and setup\n- Easy integration with other MCP-compatible tools and systems\n- Standardized input/output handling\n\n#### Parameters\n- `target`: The target URL to analyze http headers (required)\n\n\n#### Usage\n```bash\nhttp-headers-security-mcp \n```\n\n#### Claude Configuration\n\n```json\n \"http_header_analyze\": {\n \"command\": \"node\",\n \"args\": [\n \"/path/to/build/index.js\"\n ]\n }\n```\n\n\n## TO-DO Tools \n- amass\n- massdns\n- gowitness\n- httpx\n- ...\n\n## Development\n\nThe project uses TypeScript and the Model Context Protocol SDK. To contribute:\n\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Submit a pull request\n\n## License","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyproxio%2Fmcp-for-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcyproxio%2Fmcp-for-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyproxio%2Fmcp-for-security/lists"}