Skip to main content
Glama
Sign In
enesjakozh

HydraΜCP

by HappyHackingSpace
Verified
GitHub
Python
MIT License
3
RedditDiscord
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Integrations

  • Used to package and run HydraMCP in an isolated environment with necessary security tools bundled together

  • Referenced for source code repository hosting and cloning the HydraMCP toolkit

  • Listed as a planned integration for technology stack detection and enumeration of websites

HydraMCP — 模型上下文协议 (MCP) 渗透测试工具包

⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠿⠿⠿⠿⠿⢿⣿⣿⣿⣿⣿ ⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠿⣿⣿⠟⠙⠻⠿⠋⠙⠻⠷⠄⠀⠀⠀⠀⠀⠀⢸⣿ ⣿⣿⣿⣿⣿⣿⠿⢿⠿⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⣿⣿⣿ ⣿⣿⣿⣿⣿⡿⠀⠀⠀⠀⠀⢀⣀⣤⣴⣶⣾⣿⣿⣿⣿⣿⣇⡀⠀⠈⠻⠿⣿⣿ ⣿⣿⣿⠉⠉⠀⠀⠀⠀⣠⣶⣿⣿⣿⣿⣿⣿⣿⣿⢿⣿⣿⣿⣿⣿⣷⣶⣶⣿⣿ ⣿⠿⠟⠀⠀⠀⢀⣠⣾⣿⡿⠻⠿⠟⠙⠿⠟⠻⣿⡆⠈⠻⣿⣿⣿⣿⣿⣿⣿⣿ ⣿⠀⠀⠀⠀⢀⣾⠏⠈⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠁⠀⠀⠈⠻⣿⣿⣿⣿⣿⣿ ⣿⠀⠀⠀⠀⠈⠁⠀⠀⠀⠀⣠⣤⣶⣶⣶⣶⣦⡄⠀⠀⠀⠀⠀⠈⠻⣿⣿⣿⣿ ⣿⠀⠀⠀⠀⠀⠀⠀⠀⣠⣾⣿⣿⣿⣿⣿⣿⣿⣦⡀⠀⣾⣿⣿⣆⣤⣾⣿⣿⣿ ⣿⠀h⠀⠀⠀⠀⠀⠀⠘⠛⠛⠻⣿⣿⣿⣿⣿⣿⣿⣿⣦⠈⣻⣿⣿⣿⣿⣿⣿⣿ ⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⢻⣿⣿⡿⠿⠿⠿⢿⣿⣿⣿⣿⣿⣿⣿⣿ ⣿⠀⠀⠀⠀⢀⣠⣤⣤⣤⣄⣀⠀⠀⠈⠛⠹⣿⠷⣄⠀⠀⠀⠀⠉⠉⠉⣹⣿⣿ ⣿⠀⠀⢀⣾⣿⣿⣿⣿⣿⣿⣿⣷⣤⣀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⣶⣶⣿⣿⣿ ⣿⠀⢀⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⣶⣶⣶⣶⣆⡀⠀⠈⠻⠿⣿⣿⣿ ⣿⣤⣼⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⣶⣿⣿⣿

轻量级、可扩展的网络安全工具包,通过模型上下文协议 (MCP) 将 AI 助手连接到安全工具,实现 AI 辅助的安全研究、扫描和分析。

演示 - Sqlmap

https://github.com/user-attachments/assets/8f7f4185-ca32-4204-a98d-7596e0dedc41

安装

构建 Docker 镜像

git clone https://github.com/happyhackingspace/mcp-hydra.git cd mcp-hydra docker build -t hydramcp .

用法

编辑你的claude_desktop_config.json

{ "mcpServers": { "HydraMCP": { "command": "docker", "args": ["run", "--rm", "-i","--name","hydramcp", "hydramcp"] } } }

或者 vscode 中的 Copilot

mkdir -p .vscode cd .vscode touch mcp.json ```json { "servers": { "HydraMCP": { "command": "docker", "args": [ "run", "--rm", "-i", "--net=host", "--privileged", "--name", "hydramcp", "hydramcp" ] } } }

您可以使用以下提示来测试工具:

Sublist3r > Use Sublist3rScanner to find all subdomains for example.com and save results to the "recon" folder. -- DNSRecon > Run a DNS reconnaissance scan on example.com using DNSReconScanner with standard scan type. -- Holehe > Use HoleheScanner to check if the email address user@example.com is registered on various websites. -- Nmap > Scan 192.168.1.1 with NmapScanner to check for open ports in the range 1-1000. -- Ocr2Text > Use OcrScanner to extract text from the screenshot at /path/to/image.png. -- Sqlmap > Run SqlmapScanner on http://testphp.vulnweb.com/listproducts.php?cat=1 to check for SQL injection vulnerabilities. -- WPScan > Use WPScanScanner to scan the WordPress site at https://example.com for vulnerabilities. -- Zmap > Scan the subnet 192.168.1.0/24 for systems with port 80 open using ZmapScanner with 1M bandwidth.

变更日志

已实施的工具

  • [x] Sublist3r - 域名枚举工具
  • [x] DNSRecon - DNS侦察工具
  • [x] Holehe - 电子邮件注册检查器
  • [x] Nmap - 网络扫描仪
  • [x] OCR - 光学字符识别
  • [x] Sqlmap - SQL注入扫描器
  • [x] WPScan - WordPress 安全扫描器
  • [x] Zmap - 互联网扫描仪

计划工具

  • [ ] 戈布斯特
  • [ ] 收割者
  • [ ] GitRecon
  • [ ] 手机运营商查询
  • [ ] 网络工艺
  • [ ] Cloudunflare(claudflare 绕过)
  • [ ] Censys
  • [ ] 可编程搜索引擎
  • [ ] 时光机
  • [ ] 初段
  • [ ] Wappalyzer
  • [ ] 猎人
  • [ ] 原子核
  • [ ] 聚集
  • [ ] GitSecrets - @awslabs/git-secrets 或 @trufflesecurity/trufflehog
  • [ ] 去像素化 - https://github.com/spipm/Depixelization\_poc
  • [ ] Exif工具
  • [ ] Sudomy https://github.com/screetsec/Sudomy

贡献

如果您想为该项目做出贡献,请按照以下步骤操作:

  1. 分叉存储库。
  2. 创建一个新分支( git checkout -b feature-branch )。
  3. 进行更改并提交它们( git commit -m 'Add some feature' )。
  4. 推送到分支( git push origin feature-branch )。

免责声明

本项目仅用于教育目的。使用风险自负。作者对因使用本软件而产生的任何损害或法律问题概不负责。

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

轻量级、可扩展的网络安全工具包,通过模型上下文协议 (MCP) 将 AI 助手连接到安全工具,实现 AI 辅助的安全研究、扫描和分析。

  1. Demo - Sqlmap
    1. Installation
      1. Usage
    2. You can use the following prompts to test the tools:
      1. Changelog
        1. Implemented Tools
        2. Planned Tools
      2. Contributing
        1. Disclaimer
          ID: tdfan6lxaj