Skip to main content
Glama
Sign In
deenesjakoruzh

OWASP Cheatsheets MCP Server

by santosomar
GitHub
Python
GPL 3.0
1
  • Linux
  • Apple
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

owasp_cheatsheets_mcp_server

A minimal Model Context Protocol (MCP) compatible server providing the OWASP Cheat Sheets.

The server uses FastAPI to expose a simple HTTP API that returns the contents of the cheat sheets from the OWASP Cheat Sheet Series.

Prerequisites

  • Python 3.8 or newer
  • Git (for cloning the cheat sheet repository on first run)

Usage

  1. Install requirements:
    pip install -r requirements.txt
  2. (Optional) Set CHEATSHEETS_DIR if you already have a local copy of the cheat sheets:
    export CHEATSHEETS_DIR=/path/to/CheatSheetSeries/cheatsheets
  3. Run the server with uvicorn:
    uvicorn server.app:app --reload
  4. If CHEATSHEETS_DIR is not set the server will clone the cheat sheet repository on first start (requires network access).

Endpoints

  • GET /health – Basic health check.
  • GET /cheatsheets – List available cheat sheet files.
  • GET /cheatsheets/{name} – Retrieve a specific cheat sheet.
  • GET /search?q=term – Search cheat sheets for a term and return matching file names.

Running in production

Use uvicorn with explicit host and port when deploying:

uvicorn server.app:app --host 0.0.0.0 --port 8000

For a real deployment consider a process manager such as systemd or running behind a reverse proxy.

Contributing

Pull requests are welcome. Tests can be added under a tests/ directory using pytest.

This implementation is a simplified example of an MCP server and may not cover the entire specification.

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

  1. Prerequisites
    1. Usage
      1. Endpoints
      2. Running in production
      3. Contributing

    Related MCP Servers

    • MCP-OpenAPI

      rmasters
      -
      security
      A
      license
      -
      quality
      An MCP server that exposes HTTP methods defined in an OpenAPI specification as tools, enabling interaction with APIs via the Model Context Protocol.
      Last updated -
      2
      Python
      MIT License

    • Nash MCP Server

      nash-app
      -
      security
      A
      license
      -
      quality
      A Model Context Protocol server that enables seamless execution of commands, Python code, web content fetching, and reusable task management with secure credentials handling.
      Last updated -
      2
      Python
      MIT License
      • Apple

    • CyberMCP

      ricauts
      -
      security
      A
      license
      -
      quality
      A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.
      Last updated -
      5
      TypeScript
      MIT License

    • Infisical MCP Serverofficial

      Infisical
      A
      security
      A
      license
      A
      quality
      A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.
      Last updated -
      9
      73
      20
      JavaScript
      Apache 2.0

    View all related MCP servers

    Appeared in Searches

    New MCP Servers

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/santosomar/owasp_cheatsheets_mcp_server'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server