A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.

mcp-panther

Let MCP clients like Claude and Cursor control Intruder.IO

Interact with Descope's Management APIs to manage users, audit, and more.

A Node.js server implementing Model Context Protocol (MCP) that enables natural language interaction with Binalyze AIR's digital forensics and incident response capabilities.

An MCP server that provides a comprehensive interface to Semgrep, enabling users to scan code for security vulnerabilities, create custom rules, and analyze scan results through the Model Context Protocol.

CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.

A Model Context Protocol server that provides LLMs with real-time network traffic analysis capabilities, enabling tasks like threat hunting, network diagnostics, and anomaly detection through Wireshark's tshark.

The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.

A secure server that enables AI agents to access 2FA codes and passwords from the Authenticator App, allowing them to assist with automated login processes while maintaining security.

MCP server for querying the ZoomEye API

A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.

ZeroTrusted-ai PII Detection Agent

A Model Context Protocol server that enables management of Keycloak users and realms through a standardized interface, providing tools for user creation, deletion, role assignment, and group management.

A Model Context Protocol server that provides SD Elements API integration, enabling LLMs to interact with SD Elements security development lifecycle platform.

MCP Server For Garak LLM Vulnerability Scanner https://github.com/EdenYavin/Garak-MCP/blob/main/README.md

Burpsuite MCP Server

The server provides secure OTP (One-Time Password) generation. Supports TOTP (Time-based) and HOTP (HMAC-based) algorithms

Enterprise-grade authentication solution that provides secure credential management with encryption, multi-protocol authentication (OAuth2, SAML, LDAP), and real-time threat detection for applications.

An MCP server that enables Cline to analyze binaries using Binary Ninja with a Personal License through a bridge implementation.

A Model Context Protocol server that enables AI-powered analysis of NPM packages through multiple tools for security vulnerability scanning, dependency analysis, package comparison, and quality assessment.

A server that provides access to Baidu Cloud's content moderation capabilities for detecting unsafe content, allowing applications like Cursor to check text for security risks.

An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.

Provides comprehensive Firewalla MSP firewall integration via MCP protocol with 28 tools for real-time security monitoring, network analysis, bandwidth tracking, and rule management. Supports all MCP-compatible clients for automated network security operations.

A Model Control Protocol server that provides access to nmap network scanning functionality, allowing users to run customizable scans, store results, and analyze network security using AI prompts.

A Model Context Protocol server for AES encryption and decryption, supporting various modes, padding, and input/output formats for secure data handling.

Nessus MCP Server

A secure terminal execution server that enables controlled command execution with security features and resource limits via the Model Context Protocol (MCP).

Enables enterprise-grade authentication management with secure credential handling and support for multi-protocol auth, complete with tools for analyzing, setting up, and testing authentication systems.

A demonstration server that reveals security risks by accessing sensitive environment variables, illustrating how MCP tools can potentially leak user data without explicit consent.

A vulnerable MCP server implementation that demonstrates how poor coding practices can lead to security issues like Remote Code Execution, designed for educational purposes to add numbers.

An MCP server that provides deepfake detection capabilities, allowing clients to analyze images for authenticity via Proofly's API.

A Model Context Protocol server that provides secure access to Doppler's secret management platform, allowing AI assistants to manage secrets, environment variables, and configurations through Doppler's API.

AWS‑IReveal‑MCP

Audits npm package dependencies for security vulnerabilities, providing detailed reports and fix recommendations with MCP integration.

An MCP server that detects potential honeypot tokens on Ethereum, BNB Smart Chain (BSC), and Base.

A Model Context Protocol server that provides LLM Agents with a comprehensive toolset for IP geolocation, network diagnostics, system monitoring, cryptographic operations, and QR code generation.

A Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.

Enables AI assistants to check software end-of-life dates and support status using the endoflife.date API, providing accurate information on software lifecycle, security status, and upgrade recommendations in real-time.

Fork of @cyanheads toolkit MCP server. Added encoding functions, removed system network functions.

A Model Context Protocol (MCP) server that provides AI-powered security analysis and safety instruction tools. This server helps protect AI agents by providing security guidelines, content analysis, and cautionary instructions when interacting with various MCPs and external services.

A high-performance Model Context Protocol server that provides secure, tool-based access to the Bugcrowd API, allowing for natural language interaction with bug bounty programs through various AI agent platforms.

Enables Claude to interact with Okta's user management system, providing capabilities to retrieve user details, list users with filtering options, and manage user groups.

A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.

Provides seamless integration with Fastly's Next-Gen Web Application Firewall API, enabling AI assistants to manage web application security through natural language interactions.

Integrates AI safety analysis, red-teaming, and prompt auditing directly into MCP-compatible clients like Claude Desktop and Cursor IDE, allowing real-time analysis of prompts and detection of jailbreak attempts.

A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.

A Model Context Protocol server that retrieves CVE information from the National Vulnerability Database, allowing AI models to access up-to-date vulnerability data.

A secure MCP server for Windows Subsystem for Linux environments, facilitating safe command execution with extensive validation and protection against vulnerabilities like shell injection and dangerous commands.

A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.

A MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.

OnSecurity MCP Server

A server that enables scanning files for viruses using the ClamAV engine, providing a simple integration with Cursor IDE via SSE connections.

Advanced Keycloak MCP server

An implementation of the Model Context Protocol server that enables AI models to communicate with Edge Security Acceleration (ESA) services, allowing models to manage routines, deployments, routes, records, and sites through standardized protocols.

A server that enables managing OPNSense firewalls through natural language interactions with Claude Desktop, supporting VLAN management, firewall rules configuration, and network interface queries.

A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.

Provides blockchain address risk scoring and asset information through the BICScan API, allowing users to assess risks for crypto addresses, domains, and dApps on a scale of 0-100.

Provides secure access to the Bugcrowd bug bounty platform API, optimized for OpenAI's Agents SDK integration to enable vulnerability management and security research.

A Model Context Protocol server that enables secure interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries through a controlled interface.

A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.

A Model Context Protocol server providing utility tools for development and testing, offering functionalities like personalized greetings, random card drawing, and datetime formatting with an extensible architecture.

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.

A proxy server that sits between MCP clients and servers, providing authentication, tool discovery, caching, and guardrail enforcement to protect MCP servers from malicious inputs.

A Model Context Protocol server that enables AI agents to interact with Netwrix Access Analyzer through standardized interfaces, allowing visibility into data access risks, data classification, and user access patterns to help organizations better secure their most sensitive data.

A specialized MCP server for Claude Desktop that allows executing terminal commands for malware analysis with support for common analysis tools like file, strings, hexdump, objdump, and xxd.

A proof-of-concept attack that exploits Model Context Protocol (MCP) tool registration to achieve persistent agent poisoning in AI assistants like Cursor, embedding malicious instructions that persist across chat contexts without requiring tool execution.

A Model Context Protocol server that provides tools to manage Keycloak users and realms, allowing you to create and delete users, list available realms, and view users in specific realms.

This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts

A Model Context Protocol server that provides Claude with access to Pangea's security services, including AI Guard, Domain Intel, Embargo checks, IP Intelligence, Redaction, Secure Audit Log, URL Intelligence, and Vault services.

A Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.

A self-hostable OAuth 2.0 server designed for the Model-Context-Protocol (MCP) that enables you to secure your MCP applications with a robust implementation you control.

Enables security-focused LLM agents like GPT-4.1 and Claude 3 to interact with the urlDNA threat intelligence platform, providing tools for URL scanning, threat detection, and malicious content analysis.

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language. For instance, you could simply ask Claude to "Create a new Auth0 app and get the domain and client ID"

缔零法则MCP是基于LLM和RAG技术搭建的实现完全替代人力的全自动化风险识别的内容安全审查平台，致力于通过代理AI技术减少人力成本，高效高精度为用户提供分钟级接入的内容风控解决方案，破解安全威胁，提供从风险感知到主动拦截策略执行的全链路闭环与一体化解决方案。This MCP tool is an AI-powered content security review platform built on LLM and RAG technologies, designed to achieve fully automated risk identification that completel

Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning

Implements a Model Context Protocol server using Server-Sent Events for real-time communication with OAuth 2.1 integration via Ory Network, enabling secure AI model communication with authentication and client management.

A Model Context Protocol server that enables conversational AI interaction with Illumio PCE for security policy management, workload operations, traffic flow analysis, and compliance assessment.

IMCP - Insecure Model Context Protocol The DVWA for AI Security! Welcome to IMCP – a deliberately vulnerable framework that exposes 16 critical security weaknesses in AI/ML systems. Whether you're a security researcher, developer, or educator, IMCP is your playground for hands-on learning about real

A Model Context Protocol (MCP) server for interacting with Joe Sandbox Cloud. This server exposes rich analysis and IOC extraction capabilities from Joe Sandbox and integrates cleanly into any MCP-compatible application (e.g. Claude Desktop, Glama, or custom LLM agents).

A Model Context Protocol server that allows AI assistants to connect to and manage Israeli bank accounts, fetch transactions, and handle authentication for all major Israeli banks and credit card companies.

A Model Context Protocol server that performs Trivy scans to generate Software Bill of Materials (SBOM) in CycloneDX format.

A bridge that connects Waybackurls with the Model Context Protocol ecosystem, enabling AI assistants to fetch historical URLs from the Wayback Machine to discover forgotten endpoints and potentially vulnerable URLs.

A Model Context Protocol server implementation that provides endpoints for wallet-based authentication, cluster management, and name registration services.

viso-mcp-server

Provides tools for managing Netskope infrastructure, policies, and steering configurations via the Model Context Protocol.

Trivy

A prompt-validation service that checks incoming prompts against security rules, blocking those matching high-severity security or jailbreak patterns while authorizing safe prompts.

A Model Context Protocol server that enforces policies on user inputs by checking against defined rules and rude words, helping ensure AI interactions remain appropriate and compliant.

Node.js server implementing Model Context Protocol for secure read-only filesystem operations, allowing Claude to read files, list directories, search files, and get file metadata within specified directories.

A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.

A proof-of-concept tool that integrates AI into security operations, allowing users to perform offensive security tasks like network scanning and reconnaissance through natural language commands to GitHub Copilot.

Cortex MCP Server

A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.

A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.

An MCP server for interacting with Google's Chronicle Security Operations suite, enabling users to search security events, get alerts, look up entities, list security rules, and retrieve IoC matches.

A production-grade server that enables natural language interaction with pfSense firewalls through Claude Desktop and other GenAI applications, supporting multiple access levels and functional categories.

Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.

BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

A Model Context Protocol server that enables natural language control of Ludus cybersecurity training environments, allowing users to deploy, manage, and configure virtualized security training ranges.

An open-source implementation of the Model Context Protocol (MCP) that bridges AI agents with enterprise systems, enabling secure access to real-world data and capabilities.

ms-sentinel-mcp-server

An MCP server that detects potential risks in Solana meme tokens, helping AI agents avoid rug pulls and unsafe projects.

A server that retrieves CVE details from the NVD API and fetches EPSS scores to provide comprehensive vulnerability information, including descriptions, CWEs, CVSS scores, and exploitation likelihood percentiles.

A Model Context Protocol server that integrates Zeek network analysis capabilities with LLM chatbots, allowing them to analyze PCAP files and parse network logs through natural language interactions.

Validates URLs and checks their reputation to help identify AI hallucinations and verify web page authenticity.

A Model Context Protocol server that enables programmatic interaction with Cisco Identity Services Engine APIs through standardized, discoverable tools.

TheHive MCP Server

MCP server for Huntress API integration

A Model Context Protocol server that enables AI assistants to perform YARA rule-based threat analysis on files and URLs, supporting comprehensive rule management and detailed scanning results.

Enables integration of Semgrep in development environments via the MCP protocol, supporting static code analysis, rule management, and scan result operations.

Authentik MCP provides seamless integration with Authentik's API, supporting both full-featured and diagnostic modes. These enable secure, automated user, group, and system management through MCP-compatible tools.

fluidattacks-mcp

A demonstration tool that showcases potential security attack vectors against Model Control Protocol, illustrating how malicious plugins can exploit weaknesses in MCP architecture.

Creates and manages encoded messages using zero-width characters and advanced Unicode steganography techniques, enabling quantum-themed puzzle generation with hidden secrets.

An MCP server that enables AI agents to analyze executable files using Detect It Easy (DIE), providing capabilities to examine file structures, detect packers, compilers, and gather other forensic information.

A Model Context Protocol server that enables Large Language Models to interact with Binary Ninja for reverse engineering tasks like viewing assembly code, decompiled code, renaming functions, and adding comments.

A Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.

vet-mcp

Description: Introduce Beelzebub, an MCP‑based honeypot framework that enables creating decoy tools to detect prompt injection and malicious agent behavior. Motivation: Strengthen the security of LLM workflows by adding a non‑intrusive detection mechanism.

mcp-server-wazuh

OPNsense MCP Server

A Model Context Protocol server implementation to query the NIST National Vulnerability Database (NVD) via its API.

Provides AI assistants with direct access to Wireshark network analysis capabilities, enabling AI-powered network troubleshooting, packet analysis, and network monitoring through a secure interface.

Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.

Enables AI assistants to perform network scanning operations using NMAP, offering a standardized interface for network analysis and security assessments through AI conversations.

An intelligent layered port scanning service based on MCP protocol, designed for AI assistants and development tools to perform network security analysis with real-time feedback.

Provides Python code security analysis through the Model Context Protocol, enabling AI tools to detect potential vulnerabilities like SQL injection and XSS by identifying tainted data flows from untrusted sources to sensitive operations.

A robust Model Control Protocol server that enables AI agents to access real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and other cyber-security entities.

A production-ready template for building Model Context Protocol servers with Clerk authentication on Cloudflare Workers, allowing AI assistants to securely access user data and business logic in Clerk-authenticated applications.

A secure MCP server using FastMCP and Eunomia Authorization, providing granular access control with dynamic JSON policies.

An experimental Model Context Protocol server that enables Large Language Models to read, search, and manipulate OpenFGA authorization stores, unlocking fine-grained access control for agentic AI and natural language interactions.

Provides programmatic access to ingest and query Windows event logs (especially Sysmon logs), enabling security monitoring, incident response, and log analysis automation.

A Model Context Protocol (MCP) server for Socket integration, allowing AI assistants to efficiently check dependency vulnerability scores and security information.

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

Provides comprehensive security analysis tools for querying the VirusTotal API, enabling detailed security reports on URLs, files, IP addresses, and domains with automatic relationship data fetching.

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

A collection of MCP servers for Kali Linux that empower AI Agents in reverse engineering and security testing, providing network analysis, target sniffing, traffic analysis, binary understanding, and automation capabilities.

An MCP proxy that pseudo-anonymizes PII before data reaches external AI providers like Claude, ChatGPT, or Gemini.

A comprehensive Model Context Protocol server template that implements HTTP-based transport with OAuth proxy for third-party authorization servers like Auth0, enabling AI tools to securely connect while supporting Dynamic Application Registration.

Allows developers to query security findings (SAST issues, secrets, patches) using natural language within AI-assisted tools like Claude Desktop, Cursor, and other MCP-compatible environments.

A Python-based MCP server that enables integration with Microsoft Security Copilot and Microsoft Sentinel, allowing users to run KQL queries, manage skillsets/plugins, and execute prompts in Security Copilot.

An MCP server for checking and revoking ERC-20 token allowances across multiple blockchains.

A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.

MCP server to work with okta entities

A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.

A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.

Securely integrates Wazuh security data with LLMs (such as Claude Desktop) by retrieving alerts from Elasticsearch indices and transforming them into MCP-compliant format, enabling real-time security context in LLM applications.

Integrates with the AbuseIPDB API to check IP addresses for abuse reports and report abusive IP addresses.

A modular server for interacting with Microsoft Graph API that enables management of users, groups, applications, sign-in logs, MFA status, and other Azure AD resources through natural language commands.

An MCP server that provides access to Google's Access Context Manager API, enabling management of service perimeters and access levels through natural language.

BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.

Enables AI assistants to securely execute shell commands on local machines through an SSH interface with session management, command execution, and sudo support.

A Model Context Protocol server that connects to Microsoft Graph API, allowing AI assistants to query and access data from Microsoft Entra ID (formerly Azure Active Directory).

A Model Context Protocol server that performs third-party threat intelligence enrichment for various observables (IP addresses, domains, URLs, emails) using services like VirusTotal, Shodan, and AbuseIPDB.

A comprehensive implementation of Model Context Protocol servers enabling natural language interactions with security platforms including Splunk SIEM, CrowdStrike EDR, and Microsoft MISP for threat intelligence querying and analysis.

An example MCP server that allows remote clients to connect and authenticate using WorkOS AuthKit, providing organization-centric authentication with permission-based access control for tools.

A secure server that allows LLM applications like Claude to execute whitelisted system commands with user confirmation and comprehensive security features.

This is a Model Context Protocol (MCP) server that provides access to the Shodan API. It allows you to programmatically query Shodan for information about devices, vulnerabilities, and more.

Provides secure execution of arbitrary JavaScript code within a sandboxed QuickJS WASM environment, allowing language models or other MCP clients to safely run JavaScript code snippets without compromising the host system.

Exposes Nmap network scanning capabilities through a Model Context Protocol (MCP) server, allowing users to perform various types of network scans including vulnerability assessment, service detection, and OS fingerprinting.

Implements a secure message communication protocol for handling exchanges between the banking chatbot and Azure OpenAI, providing message queuing, reliability, and detailed logging.

A proof-of-concept server that securely retrieves credentials from 1Password vaults and provides them to AI agents via Model Context Protocol (MCP), enabling AI assistants to use stored credentials for tasks like automated logins.

A Model Context Protocol server that enables natural language querying of the Censys Search API for domain, IP, and FQDN reconnaissance, providing information about hosts, DNS, certificates, and services in real-time.

A Model Context Protocol server that provides intelligent hashcat integration for Claude Desktop, allowing users to crack hashes, analyze passwords, and perform security assessments directly from Claude conversations.