Nessus MCP Server

A Model Context Protocol (MCP) server for interacting with the Tenable Nessus vulnerability scanner. This server allows AI assistants to perform vulnerability scanning and analysis through the MCP protocol.

Features

Vulnerability Scanning: Start and monitor vulnerability scans against specified targets
Scan Management: List, track, and retrieve results from vulnerability scans
Vulnerability Analysis: Search for and get detailed information about specific vulnerabilities
Mock Mode: Fully functional mock mode for testing without a Nessus API key

Tools

The server provides the following tools:

Tool Name	Description
`list_scan_templates`	List available Nessus scan templates
`start_scan`	Start a new vulnerability scan against a target
`get_scan_status`	Check the status of a running scan
`get_scan_results`	Get the results of a completed scan
`list_scans`	List all scans and their status
`get_vulnerability_details`	Get detailed information about a specific vulnerability
`search_vulnerabilities`	Search for vulnerabilities by keyword

Installation

Prerequisites

Node.js 16 or higher
TypeScript (for development)

Building from Source

Clone the repository:
git clone https://github.com/Cyreslab-AI/nessus-mcp-server.git cd nessus-mcp-server
Install dependencies:
npm install
Build the server:
npm run build

Usage

Running in Mock Mode

By default, the server runs in mock mode, which doesn't require a Nessus API key:

node build/index.js

Running with Nessus API

To connect to a real Nessus instance, set the following environment variables:

NESSUS_URL=https://your-nessus-instance:8834
NESSUS_ACCESS_KEY=your-access-key
NESSUS_SECRET_KEY=your-secret-key

Then run the server:

node build/index.js

Using with Claude for Desktop

To use this server with Claude for Desktop:

Edit your Claude for Desktop configuration file:
- macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
- Windows: %APPDATA%\Claude\claude_desktop_config.json
Add the server configuration:

{
  "mcpServers": {
    "nessus": {
      "command": "node",
      "args": ["/path/to/nessus-mcp-server/build/index.js"],
      "env": {
        "NESSUS_URL": "https://your-nessus-instance:8834",
        "NESSUS_ACCESS_KEY": "your-access-key",
        "NESSUS_SECRET_KEY": "your-secret-key"
      }
    }
  }
}

For mock mode, you can omit the env section.

Example Interactions

Starting a Scan

start_scan:
  target: 192.168.1.1
  scan_type: basic-network-scan

Getting Scan Results

get_scan_results:
  scan_id: scan-1234567890

Searching for Vulnerabilities

search_vulnerabilities:
  keyword: log4j

Development

Project Structure

src/index.ts: Main server entry point
src/nessus-api.ts: Nessus API client with mock fallback
src/mock-data.ts: Mock vulnerability data for testing
src/tools/: Tool implementations
src/utils/: Utility functions

Adding New Tools

Define the tool schema and handler in the appropriate file in src/tools/
Import and register the tool in src/index.ts

License

MIT

Disclaimer

This server is not affiliated with or endorsed by Tenable. Nessus is a trademark of Tenable, Inc.

Integrations