Skip to main content
Glama

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
CENSYS_API_IDNoCensys API ID for OSINT enrichment. Paired with CENSYS_API_SECRET.
SHODAN_API_KEYNoShodan API key for OSINT enrichment. Enables osint_shodan, ssh_hostkey_lookup.
CENSYS_API_SECRETNoCensys API secret for OSINT enrichment. Paired with CENSYS_API_ID.
VIRUSTOTAL_API_KEYNoVirusTotal API key for OSINT enrichment. Enables osint_virustotal.
SECURITYTRAILS_API_KEYNoSecurityTrails API key for OSINT enrichment. Enables waf_origin, enum_passive_dns.

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}

Tools

Functions exposed to the LLM to take actions

NameDescription
reconA

Full target reconnaissance. Runs HTTP headers, TLS certificate, DNS records, web technology detection, WAF/CDN, and infrastructure analysis in a single call. Use depth parameter to control scope: quick (~5 techniques, fast overview), standard (~20 techniques, balanced), deep (~50+ techniques, comprehensive).

scan_portsA

TCP port scanning with banner grabbing and automatic service detection. Probes specified ports, reads initial banners, detects protocols (SSH, MySQL, Redis, FTP, SMTP, HTTP, PostgreSQL, VNC, RDP), and runs targeted service fingerprinting on detected services.

scan_tlsB

Complete TLS/SSL analysis: handshake probe, JARM fingerprint, certificate deep inspection, JA4X generation fingerprint, cipher suite enumeration, SNI probing, certificate cross-referencing, and CT subdomain discovery. 8 techniques in a single call.

scan_dnsB

Comprehensive DNS intelligence: full record enumeration, email infrastructure (MX/SPF/DKIM/DMARC), SaaS inventory from TXT records, nameserver fingerprinting, MTA-STS/DANE analysis, subdomain takeover detection, and reverse DNS. 7 techniques in a single call.

scan_httpB

Comprehensive HTTP and web fingerprinting: header ordering, favicon hash, ETag analysis, error pages, cookies, HTTP methods, CORS, compression, caching, security headers, timing, redirect chains, web technology detection, analytics, source maps, API discovery, CMS/framework/ecommerce detection, and HTTP/2 analysis. ~29 techniques with smart skipping.

scan_pathsA

Path intelligence: sensitive file/directory probing (200+ paths across 11 categories), robots.txt/sitemap/security.txt parsing, version control and secret exposure detection, debug endpoint discovery with severity ratings, and API version probing. 5 techniques in a single call.

scan_wafB

WAF and CDN analysis: WAF identification via attack payload probing, CDN provider detection from headers/DNS, deep WAF technology fingerprinting from block pages, and origin IP discovery behind CDN. 4 techniques with conditional origin discovery.

scan_servicesA

Service-level fingerprinting for databases, caches, remote desktop, SSH, SMTP, and IoT. Supports auto-detection from port numbers or explicit service selection. Probes: MySQL, PostgreSQL, Redis, FTP, VNC/RDP, SSH (with full audit), SMTP (with TLS check), and IoT device detection.

enumerateA

Scope expansion: subdomain enumeration (SecurityTrails/HackerTarget), wildcard DNS detection, TLD/ccTLD expansion, related domain discovery via certificate transparency, ASN neighbor enumeration, passive DNS history, and attack surface summary. 8 techniques across 3 phases.

osintA

OSINT enrichment: Shodan host lookup, Censys search, reverse IP lookup, WHOIS information, Wayback Machine historical snapshots, and VirusTotal intelligence. Supports both IP and domain targets with auto-detection. 6 techniques in a single call.

analyzeA

Passive analysis of pre-collected data. No network calls. Supports three modes: headers (HTTP header fingerprinting), html (HTML source analysis), banner (service banner identification).

correlateC

Cross-layer correlation engine. Validates fingerprint consistency, detects honeypots, identifies spoofing, compares profiles, reconstructs infrastructure topology, detects C2 frameworks, and looks up fingerprint hashes.

metaA

Server info: lists all providers, tools, configuration, and known signature databases in a single response.

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/fingerprint-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server