Skip to main content
Glama

OWASP Cheatsheets MCP Server

by santosomar

owasp_cheatsheets_mcp_server

A minimal Model Context Protocol (MCP) compatible server providing the OWASP Cheat Sheets.

The server uses FastAPI to expose a simple HTTP API that returns the contents of the cheat sheets from the OWASP Cheat Sheet Series.

Prerequisites

  • Python 3.8 or newer
  • Git (for cloning the cheat sheet repository on first run)

Usage

  1. Install requirements:
    pip install -r requirements.txt
  2. (Optional) Set CHEATSHEETS_DIR if you already have a local copy of the cheat sheets:
    export CHEATSHEETS_DIR=/path/to/CheatSheetSeries/cheatsheets
  3. Run the server with uvicorn:
    uvicorn server.app:app --reload
  4. If CHEATSHEETS_DIR is not set the server will clone the cheat sheet repository on first start (requires network access).

Endpoints

  • GET /health – Basic health check.
  • GET /cheatsheets – List available cheat sheet files.
  • GET /cheatsheets/{name} – Retrieve a specific cheat sheet.
  • GET /search?q=term – Search cheat sheets for a term and return matching file names.

Running in production

Use uvicorn with explicit host and port when deploying:

uvicorn server.app:app --host 0.0.0.0 --port 8000

For a real deployment consider a process manager such as systemd or running behind a reverse proxy.

Contributing

Pull requests are welcome. Tests can be added under a tests/ directory using pytest.

This implementation is a simplified example of an MCP server and may not cover the entire specification.

-
security - not tested
A
license - permissive license
-
quality - not tested

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

  1. Prerequisites
    1. Usage
      1. Endpoints
      2. Running in production
      3. Contributing

    Related MCP Servers

    • -
      security
      A
      license
      -
      quality
      An MCP server that exposes HTTP methods defined in an OpenAPI specification as tools, enabling interaction with APIs via the Model Context Protocol.
      Last updated -
      8
      Python
      MIT License
    • A
      security
      F
      license
      A
      quality
      A Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.
      Last updated -
      1
      Python
      • Apple
    • A
      security
      A
      license
      A
      quality
      A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
      Last updated -
      8
      4
      Python
      MIT License
    • A
      security
      A
      license
      A
      quality
      A Model Context Protocol (MCP) server that provides AI-powered security analysis and safety instruction tools. This server helps protect AI agents by providing security guidelines, content analysis, and cautionary instructions when interacting with various MCPs and external services.
      Last updated -
      3
      2
      3
      JavaScript
      ISC License

    View all related MCP servers

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/santosomar/owasp_cheatsheets_mcp_server'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server