contrastapi
ContrastAPI is a security intelligence MCP server providing 31 tools for AI agents to perform comprehensive security assessments, threat intelligence, and vulnerability analysis — free with no API key required.
Domain Intelligence:
domain_report— Full domain audit (SSL, DNS, WHOIS, SPF/DMARC/DKIM, CT logs, tech fingerprint, security headers)dns_records— Retrieve DNS recordswhois_lookup— WHOIS registration and ownership lookupsubdomain_enum— Enumerate subdomainsct_logs— Certificate Transparency log lookupthreat_intel— Threat intelligence data for a domainscan_headers/check_headers— Scan or analyze HTTP security headers
IP Intelligence:
ip_lookup— IP reputation and threat report (Shodan + AbuseIPDB + ASN data)
CVE & Vulnerability Intelligence:
cve_lookup— Look up a specific CVE enriched with EPSS scores and CISA KEV statuscve_search— Search CVEs by product, severity, or time windowcve_recent— Fetch recently published CVEs (up to 7 days)cve_kev— List CVEs in CISA's Known Exploited Vulnerabilities catalogepss_score— Get the EPSS exploit probability score for a CVE
Code Security:
check_secrets— Scan code for hardcoded secrets, API keys, and credentialscheck_injection— Detect SQL, command, and other injection vulnerabilitiescheck_dependencies— Check packages for known vulnerabilities
API Management:
api_status— Check service operational statusapi_usage— Track credit consumption and rate limits
Accessible via MCP (for AI agents), Node.js SDK, REST API, or VS Code extension. Responses include LLM-optimized summaries and verdict metadata for multi-agent workflows. Can also be self-hosted with Python 3.12, FastAPI, and SQLite.
Offers REST API endpoints accessible via cURL for security intelligence operations including CVE lookups, domain audits, threat reports, and IOC enrichment through direct HTTP requests.
Built with FastAPI as the web framework, providing RESTful endpoints for security intelligence operations with automatic OpenAPI documentation and interactive testing capabilities.
Integrates with GitHub Security Advisories database for CVE intelligence, searches GitHub Advisory Database for exploits/PoC, and provides username lookup across GitHub and other social/dev platforms.
Provides Node.js SDK for programmatic access to security intelligence tools including domain audits, CVE lookups, threat reports, and bulk operations with zero dependencies.
Distributed as npm package for easy installation and integration, providing Node.js SDK and MCP server deployment capabilities through npx commands.
Utilizes pytest for comprehensive testing framework covering 1104 tests with 36/36 smoke-test coverage on security intelligence operations and API functionality.
Built with Python 3.12 as the primary runtime, providing security intelligence tools including source code scanning for injection vulnerabilities and secrets detection across multiple programming languages.
Available on RapidAPI platform for programmatic access to security intelligence endpoints including domain audits, CVE lookups, threat reports, and IOC enrichment.
Utilizes SQLite databases with WAL mode for API rate-limiting, CVE caching, and domain cache storage, providing persistent data storage for security intelligence operations.
ContrastAPI — 55 Security Tools + 7 MCP Resources for AI Agents
Security intelligence, built for AI agents. Give your agent grounded answers about vulnerabilities, threats, and attack surface — backed by authoritative sources (NVD, CISA KEV, FIRST EPSS, MITRE ATLAS & D3FEND), never guesswork. CVE/KEV/CWE lookup with EPSS exploit-probability and composite risk scoring, domain & IP investigation, IOC enrichment, code-security checks, and live web intelligence. 55 tools, 7 Resources, and 3 Prompts — free, no API key, no signup.
中文 · Live: api.contrastcyber.com
Documentation
API Documentation — REST reference: 60+ endpoints, authentication, rate limits, token costs, and response envelope.
MCP Documentation — MCP tool-selection guide, 7 Resources, 3 Prompts, and copy-paste agent prompts.
Related MCP server: VirusTotal MCP Server
Setup (MCP)
Any MCP client
{
"mcpServers": {
"contrastapi": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://api.contrastcyber.com/mcp/"]
}
}
}Restart your agent. Other clients (Python SDK, Node SDK, cURL, VS Code): mcp-setup · quickstart
Claude Desktop — one-click extension
Grab the .mcpb file from the latest release and double-click it (or Claude Desktop → Settings → Extensions → Install Extension…). No signup, no API key — all 55 tools ready immediately.
SDKs
pip install contrastapi # Python 3.10+ — sync + async, typed responses, shortcut helpers
npm install contrastapi # Node 14+ — concrete TypeScript types, 14 namespacesBoth SDKs cover every HTTP endpoint and MCP tool — CVE/KEV/CWE, ATLAS, D3FEND, Sigma rules, email security posture, domain, IP, IOC, code security, and web intelligence — with wire-exact response shapes and a typed exception hierarchy that mirrors the API error envelope. They also expose MCP Resources for browsing the ATLAS, D3FEND, and CWE catalogs (see docs/MCP_Documentation.md) and a conditional triage Prompt (see docs/MCP_Documentation.md#contrast-triage). Web-intelligence tools — robots_txt, redirect_chain, email_verify, brand_assets, seo_audit, geo_audit — ship with an explicit ethical floor: per-target throttling, robots.txt respected, no SMTP probing.
Links
OpenAPI: openapi.json
Smithery · npm · VS Code Marketplace · Awesome OSINT MCP · RapidAPI
Responses include a verdict block — deterministic, falsifiable_fields, data_age_seconds, sources_queried / sources_unavailable, completeness — so a verifier agent can independently re-derive specific fields from the upstream authority (NVD, RDAP, CT logs, URLhaus). Probe GET /v1/capabilities for "verdict_metadata": true.
CVE responses also embed next_calls: list[PivotHint] — {tool, input, reason} triples that suggest the next MCP tool to call (e.g. kev_detail when kev.in_kev=true, cwe_lookup when cwe_id is set). Agents chain workflows without manual prompting.
MIT
Maintenance
Appeared in Searches
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/UPinar/contrastapi'
If you have feedback or need assistance with the MCP directory API, please join our Discord server