mrholmes
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mrholmesSearch for username johndoe across social media"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Mr.Holmes OSINT Suite
A professional, community-friendly OSINT operator kit that turns a broad collection of OSINT, cyber-reference, and pentest-adjacent repositories into one safe command surface and one MCP tool.
This repo is built for the person who finds it after hours of searching GitHub and wants the fastest sane path from clone to understanding to controlled execution.
One entrypoint:
mrholmes_suite.pyOne MCP tool:
mrholmes88 catalogued repositories
89 safe command surfaces
Live/passive validation ledger included
Risky repos are catalogued and searchable by default, not blindly executed
Operating stance
Professional OSINT work is disciplined: verify sources, preserve context, document uncertainty, and avoid unnecessary harm. This suite is designed for authorized research, blue-team enrichment, threat intelligence, public-source investigation, and controlled lab/pentest workflows.
It does not pretend every upstream repo is safe to run. High-risk repositories are exposed through static inventory/search/status wrappers unless a non-invasive execution path was deliberately verified.
Related MCP server: Kali MCP Server
Fast start
git clone https://github.com/Reaper-Forge/mrholmes-osint-suite.git
cd mrholmes-osint-suite
python -m py_compile mrholmes_suite.py mrholmes_mcp_server.py
python mrholmes_suite.py status
python mrholmes_suite.py mrholmes dorks example --dork-type 1 --timeout 120
python mrholmes_suite.py darkus-search example --limit 5 --timeout 30
python mrholmes_mcp_server.pyIf you already maintain the upstream repos somewhere else, point the suite at that workspace:
export MRHOLMES_OSINT_ROOT=/path/to/osint-workspace
python mrholmes_suite.py statusWhat to run first
python mrholmes_suite.py status
python mrholmes_suite.py mrholmes username-profile example --timeout 300
python mrholmes_suite.py mrholmes domain example.com --timeout 180
python mrholmes_suite.py himitsu hash-type 5d41402abc4b2a76b9719d911017c592
python mrholmes_suite.py joas-blueguardian status
python mrholmes_suite.py joas-payloadsallthethings search osint --limit 10MCP install
Use the single-tool MCP server when connecting from Hermes, Claude Desktop, Cursor, or another MCP client:
{
"mcpServers": {
"mrholmes": {
"command": "python",
"args": ["/absolute/path/to/mrholmes-osint-suite/mrholmes_mcp_server.py"]
}
}
}The MCP server exposes exactly one tool:
mrholmes
Tool actions:
statuscatalogruntrackermanifestlive_testcleanupfull_report
Example MCP payload:
{
"action": "run",
"argv": ["darkus-search", "example", "--limit", "5", "--timeout", "30"],
"timeout": 60
}Repo map
mrholmes_suite.py— unified CLI/router.mrholmes_mcp_server.py— one-tool MCP stdio server.mrholmes_agent.py— non-interactive wrapper for upstream Mr.Holmes.joas-integration/— static/safe wrappers for JoasASantos repos.cscorza-integration/— wrappers for CScorza repos.MRHOLMES-SUITE-MANIFEST.json— catalogue, roles, automation posture.MRHOLMES-LIVE-TEST-LEDGER.json— passive/live validation record.docs/— operator guide, MCP guide, ethics, command catalogue, testing notes.
Install philosophy
Minimal by design. Python stdlib runs the catalogue, static wrappers, MCP server, and many safe commands. Some upstream tools have their own dependencies; install those only when you are intentionally operating that tool in a controlled environment.
Professional use
Work from explicit authorization.
Prefer passive collection before active probing.
Treat generated dorks as leads, not truth.
Corroborate important findings from primary sources.
Do not run payload, phishing, credential theft, C2, exploit, driver, or evasion code from this suite by default.
Keep notes: target, scope, timestamp, source, confidence, and chain of custody.
Quick mental model
A good OSINT suite should make the safe thing the easy thing:
Discover what a repo is.
Read its role and risk posture.
Run only the wrapper surface that has been classified as safe.
Save evidence and uncertainty.
Escalate to active testing only in a scoped lab or authorized engagement.
See docs/GETTING_STARTED.md for the operator walkthrough.
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Tools
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Reaper-Forge/mrholmes-osint-suite'
If you have feedback or need assistance with the MCP directory API, please join our Discord server