Integrations
Uses Node.js as runtime environment for the Nuclei vulnerability scanner bridge
Nuclei MCP
Nuclei MCP is a bridge that connects Nuclei, the powerful vulnerability scanner, with the Model Context Protocol (MCP) ecosystem.
Overview
Nuclei MCP enables seamless integration of Nuclei's template-based vulnerability scanning capabilities into MCP-compatible applications and AI-powered workflow systems. This bridge allows you to leverage Nuclei functionality through a standardized protocol, making it easier to incorporate into automated security testing pipelines or AI assistant capabilities.
Features
- Simple configuration and setup
- Easy integration with other MCP-compatible tools and systems
- Standardized input/output handling
- Access to Nuclei's extensive template library
Installation
Prerequisites
- Node.js (v16 or higher)
- Nuclei installed on your system
Installation
Configuration
This server requires the path to the Nuclei executable to be set via the NUCLEI_PATH
environment variable.
Example:
Usage
Command Line
With Claude Desktop
Add to your claude_desktop_config.json
:
With Other MCP Clients
For other MCP clients, you can configure them to use this server with:
Running Nuclei Scans
Once configured, you can run Nuclei scans through the MCP interface using the do-nuclei
tool:
Getting Available Tags
You can retrieve all available Nuclei template tags using the get-nuclei-tags
tool:
Parameters
Nuclei MCP currently supports the following parameters:
url
: The target URL to scan (required)tags
: Comma-separated list of template tags to filter which checks to run (optional)
Examples
Basic Vulnerability Scan
Targeted Scan with Specific Tags
Integration with AI Assistants
Nuclei MCP is designed to work seamlessly with AI assistants that support the Model Context Protocol, enabling natural language interactions for security testing tasks.
Example conversation with an AI assistant:
Security Considerations
- Always obtain proper authorization before scanning websites for vulnerabilities
- Use responsibly and ethically
- Consider the potential impact of active scanning on production systems
- Some templates may generate significant traffic or potentially disruptive tests
Troubleshooting
If you encounter issues:
- Verify Nuclei is properly installed and accessible
- Check the path to the Nuclei executable in your configuration
- Ensure proper permissions are set for execution
- Review server logs for detailed error messages
License
Apache-2.0
Acknowledgments
- Nuclei Project: https://github.com/projectdiscovery/nuclei
- Model Context Protocol: https://github.com/modelcontextprotocol
You must be authenticated.
Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.
Related MCP Servers
- -securityAlicense-qualityAn MCP server that analyzes codebases and generates contextual prompts, making it easier for AI assistants to understand and work with code repositories.Last updated -2PythonMIT License
- AsecurityAlicenseAqualityAn MCP server that supercharges AI assistants with powerful tools for software development, enabling research, planning, code generation, and project scaffolding through natural language interaction.Last updated -116TypeScriptMIT License
- -securityFlicense-qualityAllows developers to query security findings (SAST issues, secrets, patches) using natural language within AI-assisted tools like Claude Desktop, Cursor, and other MCP-compatible environments.Last updated -1Python
- -securityAlicense-qualityA lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.Last updated -3PythonMIT License