A Model Context Protocol (MCP) server for interacting with Joe Sandbox Cloud. This server exposes rich analysis and IOC extraction capabilities from Joe Sandbox and integrates cleanly into any MCP-compatible application (e.g. Claude Desktop, Glama, or custom LLM agents).

A Node.js server implementing Model Context Protocol (MCP) that enables natural language interaction with Binalyze AIR's digital forensics and incident response capabilities.

Let MCP clients like Claude and Cursor control Intruder.IO

Kaspersky OpenTIP Model Context Protocol Server. This server gives access to Kaspersky OpenTIP API to agentic applications.

A robust Model Control Protocol server that enables AI agents to access real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and other cyber-security entities.

Interact with Descope's Management APIs to manage users, audit, and more.

CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.

Enables security-focused LLM agents like GPT-4.1 and Claude 3 to interact with the urlDNA threat intelligence platform, providing tools for URL scanning, threat detection, and malicious content analysis.

A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.

mcp-panther

An MCP server that provides a comprehensive interface to Semgrep, enabling users to scan code for security vulnerabilities, create custom rules, and analyze scan results through the Model Context Protocol.

Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.

A Model Context Protocol (MCP) server that provides AI-powered security analysis and safety instruction tools. This server helps protect AI agents by providing security guidelines, content analysis, and cautionary instructions when interacting with various MCPs and external services.

AWS‑IReveal‑MCP

A secure server that enables AI agents to access 2FA codes and passwords from the Authenticator App, allowing them to assist with automated login processes while maintaining security.

Enables AI assistants to check software end-of-life dates and support status using the endoflife.date API, providing accurate information on software lifecycle, security status, and upgrade recommendations in real-time.

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.

Nessus MCP Server

A Model Context Protocol server for AES encryption and decryption, supporting various modes, padding, and input/output formats for secure data handling.

OnSecurity MCP Server

MCP Server For Garak LLM Vulnerability Scanner https://github.com/EdenYavin/Garak-MCP/blob/main/README.md

Enables enterprise-grade authentication management with secure credential handling and support for multi-protocol auth, complete with tools for analyzing, setting up, and testing authentication systems.

Burpsuite MCP Server

A Model Context Protocol server that enables secure interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries through a controlled interface.

A Model Context Protocol server that provides LLMs with real-time network traffic analysis capabilities, enabling tasks like threat hunting, network diagnostics, and anomaly detection through Wireshark's tshark.

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

Enables out-of-band interaction testing by integrating ProjectDiscovery's interactsh service as an MCP server. Allows AI agents to create callback domains, send probes, and capture DNS/HTTP interactions for security testing and verification workflows.

Managing Keycloak identity and access management

A Model Context Protocol server that provides SD Elements API integration, enabling LLMs to interact with SD Elements security development lifecycle platform.

Provides comprehensive HIPAA compliance guidance for developers building healthcare applications. Offers tools to identify PHI, understand encryption requirements, navigate business associate rules, and ensure compliance with HIPAA Security and Privacy Rules.

Enables comprehensive IP address intelligence and geolocation lookups through IPInfo's API. Provides 25+ tools for IP geolocation, ASN information, privacy detection, WHOIS lookups, and network analysis with strongly-typed responses.

A Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.

An implementation of the Model Context Protocol server that enables AI models to communicate with Edge Security Acceleration (ESA) services, allowing models to manage routines, deployments, routes, records, and sites through standardized protocols.

A Model Control Protocol server that provides access to nmap network scanning functionality, allowing users to run customizable scans, store results, and analyze network security using AI prompts.

A Model Context Protocol server that enables management of Keycloak users and realms through a standardized interface, providing tools for user creation, deletion, role assignment, and group management.

Enables interaction with SpiderFoot OSINT reconnaissance tools through MCP, allowing users to manage scans, retrieve modules and event types, access scan data, and export results. Supports both starting new scans and analyzing existing reconnaissance data through natural language.

Enables interaction with Metasploit Framework for authorized security testing, including exploit searches, payload management, network scanning with nmap, and database operations for penetration testing workflows.

Integrates AI safety analysis, red-teaming, and prompt auditing directly into MCP-compatible clients like Claude Desktop and Cursor IDE, allowing real-time analysis of prompts and detection of jailbreak attempts.

A Model Context Protocol server providing utility tools for development and testing, offering functionalities like personalized greetings, random card drawing, and datetime formatting with an extensible architecture.

ZeroTrusted-ai PII Detection Agent

Enables secure database operations on SQL Server instances through a three-tier safety system, supporting schema exploration, query execution, performance analysis, and data export with configurable security levels from read-only to full development access.

A Model Context Protocol server that provides LLM Agents with a comprehensive toolset for IP geolocation, network diagnostics, system monitoring, cryptographic operations, and QR code generation.

Provides comprehensive Firewalla MSP firewall integration via MCP protocol with 28 tools for real-time security monitoring, network analysis, bandwidth tracking, and rule management. Supports all MCP-compatible clients for automated network security operations.

The server provides secure OTP (One-Time Password) generation. Supports TOTP (Time-based) and HOTP (HMAC-based) algorithms

A vulnerable MCP server implementation that demonstrates how poor coding practices can lead to security issues like Remote Code Execution, designed for educational purposes to add numbers.

A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.

An MCP server that detects potential honeypot tokens on Ethereum, BNB Smart Chain (BSC), and Base.

A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.

MCP server for querying the ZoomEye API

A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.

A demonstration server that reveals security risks by accessing sensitive environment variables, illustrating how MCP tools can potentially leak user data without explicit consent.

A server that enables managing OPNSense firewalls through natural language interactions with Claude Desktop, supporting VLAN management, firewall rules configuration, and network interface queries.

An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.

A server that provides access to Baidu Cloud's content moderation capabilities for detecting unsafe content, allowing applications like Cursor to check text for security risks.

Advanced Keycloak MCP server

An MCP server that enables Cline to analyze binaries using Binary Ninja with a Personal License through a bridge implementation.

A Model Context Protocol server that retrieves CVE information from the National Vulnerability Database, allowing AI models to access up-to-date vulnerability data.

Fork of @cyanheads toolkit MCP server. Added encoding functions, removed system network functions.

A secure terminal execution server that enables controlled command execution with security features and resource limits via the Model Context Protocol (MCP).

Enables AI assistants to interact with security data pipelines and map data to the Open Cybersecurity Schema Framework (OCSF) through Tenzir. Provides seamless integration for processing and analyzing cybersecurity data using natural language.

Enables interaction with Descope's Management APIs to search audit logs and users, create new users, and invite users to your Descope project through natural language.

Enables interaction with HashiCorp Vault to read, write, list, and delete secrets through a containerized MCP server with secure token-based authentication.

Enables Claude to interact with Okta's user management system, providing capabilities to retrieve user details, list users with filtering options, and manage user groups.

Provides tools to manage OpenAI API keys and spending through the OpenAI API. Requires an OpenAI admin API key for secure access to account management features.

Provides seamless integration with Fastly's Next-Gen Web Application Firewall API, enabling AI assistants to manage web application security through natural language interactions.

A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.

Enterprise-grade authentication solution that provides secure credential management with encryption, multi-protocol authentication (OAuth2, SAML, LDAP), and real-time threat detection for applications.

Enables complete user management for Clerk authentication service through MCP. Supports listing, deleting, locking, and unlocking users with secure API integration.

A simple MCP (Multimodal Conversational Plugin) server based on Joern that provides code review and security analysis capabilities through natural language interfaces.

A server that enables scanning files for viruses using the ClamAV engine, providing a simple integration with Cursor IDE via SSE connections.

A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.

The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.

Audits npm package dependencies for security vulnerabilities, providing detailed reports and fix recommendations with MCP integration.

A MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

Provides blockchain address risk scoring and asset information through the BICScan API, allowing users to assess risks for crypto addresses, domains, and dApps on a scale of 0-100.

An MCP server that provides deepfake detection capabilities, allowing clients to analyze images for authenticity via Proofly's API.

A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

A proxy server that sits between MCP clients and servers, providing authentication, tool discovery, caching, and guardrail enforcement to protect MCP servers from malicious inputs.

Enables high-precision detection, anonymization, encryption and decryption of personally identifiable information (PII) in text using GPT-4o-based detection and advanced cryptographic methods. Supports both deterministic encryption for searchable data and format-preserving encryption for structured identifiers.

Trivy

Enables checking npm packages for known security vulnerabilities using the OSV API before installation. Supports both single package checks and bulk vulnerability scanning for multiple packages at once.

Provides real-time policy enforcement for AI coding agents by intercepting and validating their actions against organizational standards like naming conventions, security policies, and compliance rules before execution. Prevents violations through immediate feedback and auto-correction suggestions.

Enables AI agents to generate and manage specialized bug bounty hunting workflows including reconnaissance, vulnerability testing, OSINT gathering, and file upload testing. Provides REST API endpoints for comprehensive security assessments with intelligence-driven vulnerability prioritization.

Implements a Model Context Protocol server using Server-Sent Events for real-time communication with OAuth 2.1 integration via Ory Network, enabling secure AI model communication with authentication and client management.

A self-hostable OAuth 2.0 server designed for the Model-Context-Protocol (MCP) that enables you to secure your MCP applications with a robust implementation you control.

A Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.

Converts natural language security requirements into validated Cerbos YAML policies with automated testing and red-team analysis, enabling AI governance with zero-trust guardrails for tool calls, data access, and compliance frameworks.

Exposes Nmap network scanning capabilities through a Model Context Protocol (MCP) server, allowing users to perform various types of network scans including vulnerability assessment, service detection, and OS fingerprinting.

Enables comprehensive security vulnerability scanning and code quality analysis for Python applications. Provides detailed reports with scoring, actionable suggestions, and comparison tracking specifically designed for backend developers working with frameworks like Django, Flask, and FastAPI.

viso-mcp-server

IMCP - Insecure Model Context Protocol The DVWA for AI Security! Welcome to IMCP – a deliberately vulnerable framework that exposes 16 critical security weaknesses in AI/ML systems. Whether you're a security researcher, developer, or educator, IMCP is your playground for hands-on learning about real

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language. For instance, you could simply ask Claude to "Create a new Auth0 app and get the domain and client ID"

Enables AI assistants to perform detailed DNS reconnaissance through natural language requests. Retrieves comprehensive DNS record information including subdomains, mail servers, and DNS infrastructure details using the DNSDumpster API.

Connects AI agents with the CrowdStrike Falcon platform to enable intelligent security analysis, providing programmatic access to detections, incidents, threat intelligence, vulnerabilities, and other security capabilities for advanced security operations and automation.

缔零法则MCP是基于LLM和RAG技术搭建的实现完全替代人力的全自动化风险识别的内容安全审查平台，致力于通过代理AI技术减少人力成本，高效高精度为用户提供分钟级接入的内容风控解决方案，破解安全威胁，提供从风险感知到主动拦截策略执行的全链路闭环与一体化解决方案。This MCP tool is an AI-powered content security review platform built on LLM and RAG technologies, designed to achieve fully automated risk identification that completel

A Model Context Protocol server that enables conversational AI interaction with Illumio PCE for security policy management, workload operations, traffic flow analysis, and compliance assessment.

Provides policy-driven, auditable SSH access to server fleets for AI assistants with zero-trust security controls, command whitelisting, and comprehensive audit logging to safely manage infrastructure.

Enables management of Palo Alto firewalls through their REST API, including system information retrieval, PAN-OS upgrades, HA firewall management via Panorama, content updates, and certificate management.

Enables AI assistants to interact with Scalekit's identity and access management platform through natural language queries. Supports managing environments, organizations, users, OIDC connections, workspace operations, and MCP server configurations with OAuth-protected access.