Skip to main content
Glama
enesjakozh
ricauts

CyberMCP

by ricauts
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

šŸ”’ CyberMCP

AI-powered Cybersecurity API Testing with Model Context Protocol (MCP)

License: MIT Node.js TypeScript

CyberMCP is a Model Context Protocol (MCP) server that enables AI agents to perform comprehensive security testing on backend APIs. It provides 14 specialized security tools and 10 resources for identifying vulnerabilities like authentication bypass, injection attacks, data leakage, and security misconfigurations.

šŸš€ Quick Start

# Clone and setup git clone https://github.com/your-username/CyberMCP.git cd CyberMCP npm install npm run build # Test the server npm run test-server # Start interactive testing npm run test-interactive

Related MCP server: Mutmut MCP

āœØ Features

  • šŸ” Authentication Testing - JWT analysis, bypass detection, OAuth2 flows

  • šŸ’‰ Injection Testing - SQL injection, XSS vulnerability detection

  • šŸ“Š Data Protection - Sensitive data exposure, path traversal checks

  • ā±ļø Rate Limiting - DoS vulnerability assessment

  • šŸ›”ļø Security Headers - OWASP security header validation

  • šŸ“š Comprehensive Resources - Security checklists and testing guides

šŸ› ļø Security Tools (14 Total)

Category

Tools

Authentication

basic_auth, token_auth, oauth2_auth, api_login, auth_status, clear_auth, jwt_vulnerability_check, auth_bypass_check

Injection Testing

sql_injection_check, xss_check

Data Protection

sensitive_data_check, path_traversal_check

Infrastructure

rate_limit_check, security_headers_check

šŸŽÆ IDE Integration

CyberMCP works with all major AI-powered IDEs:

  • Claude Desktop - Direct MCP integration

  • Cursor IDE - Built-in MCP support

  • Windsurf (Codeium) - Native MCP protocol

  • VS Code + Cline - Extension-based integration

šŸ“– Complete Setup Guide - Detailed configuration for each IDE

šŸ“‹ Usage Example

"Use basic_auth with username 'admin' and password 'secret123' then use auth_bypass_check on https://api.example.com/users to test for authentication bypass vulnerabilities"

The AI agent will:

  1. Configure authentication credentials

  2. Test the protected endpoint for bypass vulnerabilities

  3. Provide detailed security analysis and recommendations

šŸ“Š Testing & Validation

# Comprehensive tool testing npm run test-tools # Manual interactive testing npm run test-interactive # Quick setup verification npm run quick-start # MCP Inspector (GUI) npm run inspector

šŸ“ Project Structure

CyberMCP/ ā”œā”€ā”€ src/ # TypeScript source code ā”‚ ā”œā”€ā”€ tools/ # 14 security testing tools ā”‚ ā”œā”€ā”€ resources/ # Security checklists & guides ā”‚ ā””ā”€ā”€ utils/ # Authentication & utilities ā”œā”€ā”€ docs/ # Documentation ā”œā”€ā”€ scripts/ # Testing & utility scripts ā”œā”€ā”€ examples/ # Configuration examples ā”œā”€ā”€ dist/ # Built JavaScript (generated) ā””ā”€ā”€ README.md # This file

šŸ”§ Development

# Development mode with hot reload npm run dev # Build TypeScript npm run build # Start server (stdio mode) npm start # Start HTTP server TRANSPORT=http PORT=3000 npm start

šŸ“– Documentation

šŸ¤ Contributing

  1. Fork the repository

  2. Create a feature branch: git checkout -b feature/new-security-tool

  3. Make your changes and add tests

  4. Submit a pull request

šŸ“„ License

This project is licensed under the MIT License - see the LICENSE file for details.

šŸ”— Resources

šŸ”’ Secure your APIs with AI-powered testing!

For support and questions, please

Install Server
A
security ā€“ no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

How are these scores calculated?

Resources

Tools

View all tools

Appeared in Searches

New MCP Servers

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ricauts/CyberMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server