Skip to main content
Glama
telmon95

VulneraMCP

by telmon95
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

training.import

Import training data from HTB or PortSwigger labs to enhance vulnerability detection capabilities by defining target patterns, payloads, and success indicators for security testing.

Instructions

Import training data from HTB or PortSwigger labs

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
sourceYesSource of training data
sourceIdNoID from source (e.g., lab name)
vulnerabilityTypeYesType of vulnerability (XSS, SQLi, IDOR, etc.)
targetPatternYesPattern to match target URLs
payloadPatternYesPattern for successful payloads
successPatternNoPattern indicating success in response
failurePatternNoPattern indicating failure in response
contextDataNoAdditional context data
scoreNoScore for this training example (0-10)

Implementation Reference

  • src/tools/training.ts:101-131 (handler)
    Handler function that imports training data by saving it to the PostgreSQL database using saveTrainingData and teaching the PatternMatcher instance.
    async (params: any): Promise<ToolResult> => { try { const id = await saveTrainingData( params.source, params.sourceId || '', params.vulnerabilityType, params.targetPattern, params.payloadPattern, params.successPattern || '', params.failurePattern || '', params.contextData, params.score || 5 ); // Learn the pattern patternMatcher.learnPattern( params.vulnerabilityType, params.targetPattern, params.payloadPattern, params.successPattern || '', params.failurePattern || '' ); return formatToolResult(true, { id, message: 'Training data imported successfully', }); } catch (error: any) { return formatToolResult(false, null, error.message); } }
  • src/tools/training.ts:78-99 (schema)
    Input schema defining the parameters for importing training data, including source, vulnerability type, patterns, and optional fields.
    inputSchema: { type: 'object', properties: { source: { type: 'string', enum: ['htb', 'portswigger', 'custom'], description: 'Source of training data', }, sourceId: { type: 'string', description: 'ID from source (e.g., lab name)' }, vulnerabilityType: { type: 'string', description: 'Type of vulnerability (XSS, SQLi, IDOR, etc.)', }, targetPattern: { type: 'string', description: 'Pattern to match target URLs' }, payloadPattern: { type: 'string', description: 'Pattern for successful payloads' }, successPattern: { type: 'string', description: 'Pattern indicating success in response' }, failurePattern: { type: 'string', description: 'Pattern indicating failure in response' }, contextData: { type: 'object', description: 'Additional context data' }, score: { type: 'number', description: 'Score for this training example (0-10)' }, }, required: ['source', 'vulnerabilityType', 'targetPattern', 'payloadPattern'], },
  • src/tools/training.ts:75-132 (registration)
    Direct registration of the 'training.import' tool using server.tool(), including description, input schema, and handler function.
    'training.import', { description: 'Import training data from HTB or PortSwigger labs', inputSchema: { type: 'object', properties: { source: { type: 'string', enum: ['htb', 'portswigger', 'custom'], description: 'Source of training data', }, sourceId: { type: 'string', description: 'ID from source (e.g., lab name)' }, vulnerabilityType: { type: 'string', description: 'Type of vulnerability (XSS, SQLi, IDOR, etc.)', }, targetPattern: { type: 'string', description: 'Pattern to match target URLs' }, payloadPattern: { type: 'string', description: 'Pattern for successful payloads' }, successPattern: { type: 'string', description: 'Pattern indicating success in response' }, failurePattern: { type: 'string', description: 'Pattern indicating failure in response' }, contextData: { type: 'object', description: 'Additional context data' }, score: { type: 'number', description: 'Score for this training example (0-10)' }, }, required: ['source', 'vulnerabilityType', 'targetPattern', 'payloadPattern'], }, }, async (params: any): Promise<ToolResult> => { try { const id = await saveTrainingData( params.source, params.sourceId || '', params.vulnerabilityType, params.targetPattern, params.payloadPattern, params.successPattern || '', params.failurePattern || '', params.contextData, params.score || 5 ); // Learn the pattern patternMatcher.learnPattern( params.vulnerabilityType, params.targetPattern, params.payloadPattern, params.successPattern || '', params.failurePattern || '' ); return formatToolResult(true, { id, message: 'Training data imported successfully', }); } catch (error: any) { return formatToolResult(false, null, error.message); } } );
  • src/index.ts:47-47 (registration)
    Invocation of registerTrainingTools(server) in the main server initialization, which registers all training tools including 'training.import'.
    registerTrainingTools(server);

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/telmon95/VulneraMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server