Provides authentication capabilities via OAuth2 for testing secured GitHub API endpoints to identify security vulnerabilities in authentication flows, token handling, and data access controls.
Supports the installation and dependency management through package.json, allowing the MCP server to be installed and run for cybersecurity API testing purposes.
Provides TypeScript integration for implementing strongly-typed security testing tools and utilities, with configuration through tsconfig.json to support the MCP server development.
CyberMCP - Cybersecurity API Testing with MCP
CyberMCP is a Model Context Protocol (MCP) server designed for testing backend APIs for security vulnerabilities. It provides a set of specialized tools and resources that can be used by LLMs to identify common security issues in APIs.
Features
- Authentication Vulnerability Testing: Check for JWT vulnerabilities, authentication bypass, and weak authentication mechanisms
- Injection Testing: Test for SQL injection, XSS, and other injection vulnerabilities
- Data Leakage Testing: Identify sensitive data exposure issues
- Rate Limiting Testing: Test for rate limiting bypass and DDoS vulnerabilities
- Security Headers Testing: Check for missing or misconfigured security headers
- Comprehensive Resources: Access checklists and guides for API security testing
- Authentication Support: Multiple authentication methods to test secured endpoints
Project Structure
Installation
- Clone the repository:
- Install dependencies:
- Build the project:
Usage
Running the MCP Server
You can run the server using either the stdio transport (default) or HTTP transport:
Using stdio transport (for integration with LLM platforms):
Using HTTP transport (for local development and testing):
Connecting to the Server
The MCP server can be connected to any MCP client, including LLM platforms that support the Model Context Protocol.
Security Tools
Authentication
CyberMCP supports several authentication methods to test secured APIs:
- Basic Authentication: Set up HTTP Basic Auth with username and password
- Token Authentication: Use bearer tokens, JWT, or custom token formats
- OAuth2 Authentication: Full OAuth2 flow support with different grant types
- Custom API Login: Authenticate against any login API endpoint
Authentication Tools:
basic_auth
: Authenticate with username/passwordtoken_auth
: Set up token-based authenticationoauth2_auth
: Perform OAuth2 authenticationapi_login
: Login using a custom API endpointauth_status
: Check current authentication statusclear_auth
: Clear the current authentication state
Authentication Testing
- JWT Vulnerability Check: Analyzes JWT tokens for security issues
- Authentication Bypass Check: Tests endpoints for authentication bypass vulnerabilities
Injection Testing
- SQL Injection Check: Tests parameters for SQL injection vulnerabilities
- XSS Check: Tests for Cross-Site Scripting vulnerabilities
Data Leakage Testing
- Sensitive Data Check: Identifies leaked PII, credentials, and sensitive information
- Path Traversal Check: Tests for directory traversal vulnerabilities
Security Headers Testing
- Security Headers Check: Analyzes HTTP headers for security best practices
Resources
Checklists
Access security checklists via cybersecurity://checklists/{category}
where category can be:
authentication
injection
data_leakage
rate_limiting
general
Guides
Access detailed testing guides via guides://api-testing/{topic}
where topic can be:
jwt-testing
auth-bypass
sql-injection
xss
rate-limiting
Required Information for API Testing
To effectively test an API for security vulnerabilities, you'll need:
- API Endpoints: URLs of the endpoints to test
- Authentication Information: Credentials or tokens for accessing secured endpoints
- Parameter Names: Names of the parameters that accept user input
- Test Data: Sample valid data for parameters
- Expected Behavior: What the normal response should look like
- Authentication Flow: How authentication works in the target API
Authentication Examples
Basic Authentication
Token Authentication
OAuth2 Authentication
Custom API Login
License
MIT
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Tools
A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
Related MCP Servers
- AsecurityFlicenseAqualityA Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.Last updated -11Python
- -securityAlicense-qualityA Model Context Protocol server that provides programmatic APIs for running mutation tests with mutmut, analyzing results, and improving test coverage in Python projects.Last updated -PythonMIT License
- AsecurityAlicenseAqualityA Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.Last updated -84PythonMIT License
MockLoop MCP Serverofficial
-securityAlicense-qualityA Model Context Protocol server that generates and runs mock API servers from API documentation like OpenAPI/Swagger specs, enabling developers and AI assistants to quickly spin up mock backends for development and testing.Last updated -8PythonMIT License