Offers security analysis for JavaScript code, detecting vulnerabilities like DOM-based XSS, code injection, and prototype pollution through AST parsing.
Optional integration for enhanced exploit generation, allowing the MCP server to use OpenAI GPT models to create more sophisticated educational security exploit examples.
Integrates OWASP security guidelines and references for vulnerability classifications and remediation advice, mapping detected issues to OWASP Top 10 categories.
Provides vulnerability detection and analysis for Python code, including AST-based parsing to identify SQL injection, command injection, unsafe deserialization, and other Python-specific security issues.
Detects SQL injection vulnerabilities specific to SQLite database interactions in application code.
Enables security scanning of TypeScript code to identify vulnerabilities like DOM-based XSS, code injection, and other TypeScript-specific security concerns.
Adversary MCP Server
Enterprise-grade security analysis with dynamic rule management and hot-reload capabilities
Installation • Quick Start • MCP Integration • Rule Management • CLI Reference
Installation
Prerequisites
- Python 3.10+ (3.11+ recommended)
- Cursor IDE with MCP support
- OpenAI API key (optional, for enhanced exploit generation)
Quick Install
Verify Installation
Quick Start
1. Initial Setup
2. Cursor IDE Integration
Create .cursor/mcp.json
in your project or ~/.cursor/mcp.json
globally:
3. Start Using in Cursor
Once configured, you can use these MCP tools in Cursor:
adv_scan_code
- Scan code snippets for vulnerabilitiesadv_scan_file
- Scan individual filesadv_scan_directory
- Scan entire directoriesadv_list_rules
- List all security rulesadv_get_rule_details
- Get details about specific rulesadv_generate_exploit
- Generate educational exploitsadv_configure_settings
- Configure server settingsadv_get_status
- Check server statusadv_get_version
- Get version information
4. Enable Hot-Reload (Optional)
For real-time rule updates during development:
MCP Integration
Available Tools
Tool | Description | Usage |
---|---|---|
adv_scan_code | Scan source code for security vulnerabilities | Pass code content and language |
adv_scan_file | Scan a file for security vulnerabilities | Pass file path |
adv_scan_directory | Scan a directory for security vulnerabilities | Pass directory path |
adv_generate_exploit | Generate exploit for a specific vulnerability | Pass vulnerability type and code context |
adv_list_rules | List all available threat detection rules | Optional filters by category/severity/language |
adv_get_rule_details | Get detailed information about a specific rule | Pass rule ID |
adv_configure_settings | Configure server settings | Pass configuration options |
adv_get_status | Get server status and configuration | No parameters required |
adv_get_version | Get version information of the adversary MCP server | No parameters required |
Example Usage in Cursor
Rule Management
Rule Directory Structure
Rules are automatically organized in your user directory:
Quick Rule Management
Creating Custom Rules
- Copy template:
- Edit the rule:
- Reload rules:
Hot-Reload Service
Enable real-time rule updates without server restart:
Start Hot-Reload
Monitor Status
Development Workflow
CLI Reference
Core Commands
Command | Description |
---|---|
adversary-mcp-cli configure | Initial setup and configuration |
adversary-mcp-cli status | Show server status and configuration |
adversary-mcp-cli scan <target> | Scan files/directories for vulnerabilities |
adversary-mcp-cli server | Start MCP server (used by Cursor) |
Rule Management Commands
Command | Description |
---|---|
adversary-mcp-cli list-rules | List all rules with source files |
adversary-mcp-cli rule-details <id> | Get detailed rule information |
adversary-mcp-cli rules stats | Show comprehensive rule statistics |
adversary-mcp-cli rules export <file> | Export rules to YAML/JSON |
adversary-mcp-cli rules import-rules <file> | Import external rules |
adversary-mcp-cli rules validate | Validate all loaded rules |
adversary-mcp-cli rules reload | Reload rules from files |
Hot-Reload Commands
Command | Description |
---|---|
adversary-mcp-cli watch start | Start hot-reload service |
adversary-mcp-cli watch status | Show service status |
adversary-mcp-cli watch test | Test hot-reload functionality |
Utility Commands
Command | Description |
---|---|
adversary-mcp-cli show-rules-dir | Show rules directory location |
adversary-mcp-cli demo | Run interactive demo |
adversary-mcp-cli reset | Reset all configuration |
Security Coverage
Comprehensive Rule Database (109 Rules)
- Python (20 rules): SQL injection, command injection, deserialization, path traversal
- JavaScript/TypeScript (28 rules): XSS, prototype pollution, eval injection, CORS issues
- Web Security (16 rules): CSRF, clickjacking, security headers, session management
- API Security (15 rules): Authentication bypass, parameter pollution, mass assignment
- Cryptography (15 rules): Weak algorithms, hardcoded keys, poor randomness
- Configuration (15 rules): Debug mode, default credentials, insecure settings
Standards Compliance
- OWASP Top 10 2021 - Complete coverage
- CWE - Common Weakness Enumeration mappings
- NIST - Security framework alignment
- Industry best practices - SANS, CERT guidelines
Languages Supported
- Python - AST-based analysis with deep pattern matching
- JavaScript - Modern ES6+ and Node.js patterns
- TypeScript - Type safety and framework-specific vulnerabilities
Architecture
The system uses a modular architecture with external rule management:
Advanced Usage
CI/CD Integration
Environment Configuration
Development
Development Setup
Project Structure
License
MIT License - see LICENSE file for details.
Contributing
- Fork the repository
- Create a feature branch:
git checkout -b feature-name
- Make your changes and add tests
- Run the test suite:
make test
- Submit a pull request
Support
- Documentation: GitHub Wiki
- Issues: GitHub Issues
- Discussions: GitHub Discussions
Built with ❤️ for secure development
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A security-focused server that integrates with Cursor IDE to provide real-time vulnerability detection, exploit generation, and security insights during software development.
Related MCP Servers
- -securityAlicense-qualityAn AI-powered development toolkit for Cursor providing intelligent coding assistance through advanced reasoning, UI screenshot analysis, and code review tools.Last updated -560240TypeScriptMIT License
- -securityAlicense-qualityA collection of Laravel helper tools for integration with Cursor IDE, providing features like log viewing, error searching, artisan command execution, and model information display directly within the editor.Last updated -1PythonMIT License
- -securityFlicense-qualityA TypeScript-based server project that can be integrated with Cursor IDE as an MCP (Model Control Protocol) server, enabling enhanced development capabilities.Last updated -4TypeScript
- AsecurityAlicenseAqualityA security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.Last updated -123275JavaScriptMIT License