Skip to main content
Glama
Sign In
deenesjakoruzh

OWASP Cheatsheets MCP Server

by santosomar
GitHub
Python
GPL 3.0
  • Linux
  • Apple
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue
Integrations

  • Provides access to OWASP Cheat Sheets content, enabling search capabilities and retrieval of security best practices from the OWASP Cheat Sheet Series repository.

owasp_cheatsheets_mcp_server

A minimal Model Context Protocol (MCP) compatible server providing the OWASP Cheat Sheets.

The server uses FastAPI to expose a simple HTTP API that returns the contents of the cheat sheets from the OWASP Cheat Sheet Series.

Prerequisites

  • Python 3.8 or newer
  • Git (for cloning the cheat sheet repository on first run)

Usage

  1. Install requirements:
    pip install -r requirements.txt
  2. (Optional) Set CHEATSHEETS_DIR if you already have a local copy of the cheat sheets:
    export CHEATSHEETS_DIR=/path/to/CheatSheetSeries/cheatsheets
  3. Run the server with uvicorn:
    uvicorn server.app:app --reload
  4. If CHEATSHEETS_DIR is not set the server will clone the cheat sheet repository on first start (requires network access).

Endpoints

  • GET /health – Basic health check.
  • GET /cheatsheets – List available cheat sheet files.
  • GET /cheatsheets/{name} – Retrieve a specific cheat sheet.
  • GET /search?q=term – Search cheat sheets for a term and return matching file names.

Running in production

Use uvicorn with explicit host and port when deploying:

uvicorn server.app:app --host 0.0.0.0 --port 8000

For a real deployment consider a process manager such as systemd or running behind a reverse proxy.

Contributing

Pull requests are welcome. Tests can be added under a tests/ directory using pytest.

This implementation is a simplified example of an MCP server and may not cover the entire specification.

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

  1. Prerequisites
    1. Usage
      1. Endpoints
      2. Running in production
      3. Contributing

    Related MCP Servers

    • MCP-OpenAPI

      rmasters
      -
      security
      A
      license
      -
      quality
      An MCP server that exposes HTTP methods defined in an OpenAPI specification as tools, enabling interaction with APIs via the Model Context Protocol.
      Last updated -
      2
      Python
      MIT License

    • Nash MCP Server

      nash-app
      -
      security
      A
      license
      -
      quality
      A Model Context Protocol server that enables seamless execution of commands, Python code, web content fetching, and reusable task management with secure credentials handling.
      Last updated -
      2
      Python
      MIT License
      • Apple

    • CyberMCP

      ricauts
      -
      security
      A
      license
      -
      quality
      A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
      Last updated -
      1
      TypeScript
      MIT License

    • Infisical MCP Serverofficial

      Infisical
      A
      security
      A
      license
      A
      quality
      A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.
      Last updated -
      9
      33
      16
      JavaScript
      Apache 2.0

    View all related MCP servers

    New MCP Servers

    ID: p5jr7fcygh