https://github.com/cyproxio/mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, and more. Integrate security testing into AI workflows.
https://github.com/cyproxio/mcp-for-security

ai-assistants ai-security cybersecurity hacking-tools mcp model-context-protocol pentesting security-automation security-integrations security-testing security-tools web-security

Last synced: 6 months ago
JSON representation

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, and more. Integrate security testing into AI workflows.

Host: GitHub
URL: https://github.com/cyproxio/mcp-for-security
Owner: cyproxio
Created: 2025-04-03T14:36:20.000Z (6 months ago)
Default Branch: main
Last Pushed: 2025-04-03T15:04:17.000Z (6 months ago)
Last Synced: 2025-04-03T15:39:17.708Z (6 months ago)
Topics: ai-assistants, ai-security, cybersecurity, hacking-tools, mcp, model-context-protocol, pentesting, security-automation, security-integrations, security-testing, security-tools, web-security
Language: JavaScript
Homepage:
Size: 19.5 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: readme.md

Awesome Lists containing this project

awesome-ai-security - mcp-for-security - _A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows._ (Offensive tools and frameworks / AI for offensive cyber)
awesome-mcp-servers - **mcp-for-security** - MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows. `javascript` `ai` `ai-tools` `claude` `fastmcp` `npm install stanleyj03/mcp-for-security` (AI/ML)
awesome-mcp-servers - **mcp-for-security** - MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows. `javascript` `ai` `ai-tools` `claude` `fastmcp` `npm install stanleyj03/mcp-for-security` (AI/ML)
awesome-starts - cyproxio/mcp-for-security - MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workfl (security-tools)

README

# MCP for Security Tools

This repository contains Model Context Protocol (MCP) server implementations for various security testing tools, making them accessible through a standardized interface.

## Tools

### FFUF MCP Server
A server implementation that wraps the FFUF fuzzing tool, allowing it to be used through the MCP interface.

#### Features
- URL-based fuzzing
- Support for all FFUF command line arguments

#### Parameters
- `url`: Target URL to fuzz
- `ffuf_args`: Array of additional FFUF arguments

#### Usage
```bash
ffuf-mcp
```

#### Claude Configuration

```json
"ffuf": {
"command": "node",
"args": [
"/path/to/build/index.js",
"ffuf"
]
}
```

### SQLmap MCP Server
A server implementation that wraps the SQLmap SQL injection testing tool, allowing it to be used through the MCP interface.

#### Features
- URL-based SQL injection testing
- Support for all SQLmap command line arguments
- Error handling and status reporting
- Comprehensive SQL injection testing capabilities

#### Parameters
- `url`: Target URL to test for SQL injection
- `sqlmap_args`: Array of additional SQLmap arguments

#### Usage
```bash
sqlmap-mcp
```

#### Claude Configuration

```json
"sqlmap": {
"command": "node",
"args": [
"/path/to/build/index.js",
"sqlmap"
]
}
```

### Masscan MCP Server
A server implementation that wraps the Masscan tool, allowing it to be used through the MCP interface.

#### Features
- Target based Port Scanning
- Support for all Masscan command line arguments
- Error handling and status reporting

#### Parameters
- `target`: Target ip to scanning ports
- `port`: Port nubmers to target ip
- `masscan_args`: Array of additional masscan arguments

#### Usage
```bash
masscan-mcp
```

#### Claude Configuration

```json
"masscan": {
"command": "node",
"args": [
"/path/to/build/index.js",
"masscan"
]
}
```

### nmap MCP Server
A server implementation that wraps the nmap scanning tool, allowing it to be used through the MCP interface.

#### Features
- Target based port scanning
- Support for all nmap command line arguments

#### Parameters
- `target`: Target ìp to fuzz
- `nmap_args`: Array of additional nmap arguments

#### Usage
```bash
nmap-mcp
```

#### Claude Configuration

```json
"nmap": {
"command": "node",
"args": [
"/path/to/build/index.js",
"nmap"
]
}
```

### Mobsf MCP Server
A server implementation that wraps the Mobsf tool, allowing it to be used through the MCP interface.

#### Features
- MobSF functionality exposed through MCP
- Simple configuration and setup
- Easy integration with other MCP-compatible tools and systems
- Standardized input/output handling
- Support for Android (APK), iOS (IPA), and Windows (APPX) mobile applications

#### Parameters
- `base_url`: The MobSF server URL (e.g., `http://localhost:8000`)
- `api_key `: Your MobSF API key

#### Usage
```bash
mobsf-mcp
```

#### Claude Configuration

```json
"mobsf": {
"command": "node",
"args": [
"/path/to/build/index.js",
"http://127.0.0.1:8000",
""
]
}
```

### Nuclei MCP Server
A server implementation that wraps the nuclei tool, allowing it to be used through the MCP interface.

#### Features
- Simple configuration and setup
- Easy integration with other MCP-compatible tools and systems
- Standardized input/output handling
- Access to Nuclei's extensive template library

#### Parameters
- `url`: The target URL to scan (required)
- `tags`: Comma-separated list of template tags to filter which checks to run (optional)

#### Usage
```bash
nuclei-mcp
```

#### Claude Configuration

```json
"nuclei": {
"command": "node",
"args": [
"/path/to/build/index.js",
""
]
}
```

### Sslcan MCP Server
A server implementation that wraps the sslscan tool, allowing it to be used through the MCP interface.

#### Features
- Full SSLScan functionality exposed through MCP
- Simple configuration and setup
- Easy integration with other MCP-compatible tools and systems
- Standardized input/output handling
- Support for all SSLScan options and configurations

#### Parameters
- `target`: The target URL to scan (required)
- `sslscan_args`: Array of additional sslscan arguments

#### Usage
```bash
sslscan-mcp
```

#### Claude Configuration

```json
"sslscan": {
"command": "node",
"args": [
"/path/to/build/index.js",
""
]
}
```

### HTTP Headers Security MCP
A server implementation that wraps the http security headers , allowing it to be used through the MCP interface.

#### Features
- Analysis of HTTP response headers against OWASP security standards
- Identification of security headers that should be removed
- Recommendations for missing security headers that should be added
- Simple configuration and setup
- Easy integration with other MCP-compatible tools and systems
- Standardized input/output handling

#### Parameters
- `target`: The target URL to analyze http headers (required)

#### Usage
```bash
http-headers-security-mcp
```

#### Claude Configuration

```json
"http_header_analyze": {
"command": "node",
"args": [
"/path/to/build/index.js"
]
}
```

## TO-DO Tools
- amass
- massdns
- gowitness
- httpx
- ...

## Development

The project uses TypeScript and the Model Context Protocol SDK. To contribute:

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Submit a pull request

## License

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/cyproxio/mcp-for-security

Awesome Lists containing this project

README