A Node.js server implementing Model Context Protocol (MCP) that enables natural language interaction with Binalyze AIR's digital forensics and incident response capabilities.

CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.

A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.

Let MCP clients like Claude and Cursor control Intruder.IO

An MCP server that provides a comprehensive interface to Semgrep, enabling users to scan code for security vulnerabilities, create custom rules, and analyze scan results through the Model Context Protocol.

mcp-panther

Interact with Descope's Management APIs to manage users, audit, and more.

OnSecurity MCP Server

ZeroTrusted-ai PII Detection Agent

Fork of @cyanheads toolkit MCP server. Added encoding functions, removed system network functions.

Audits npm package dependencies for security vulnerabilities, providing detailed reports and fix recommendations with MCP integration.

A secure MCP server for Windows Subsystem for Linux environments, facilitating safe command execution with extensive validation and protection against vulnerabilities like shell injection and dangerous commands.

MCP Server For Garak LLM Vulnerability Scanner https://github.com/EdenYavin/Garak-MCP/blob/main/README.md

A Model Context Protocol server that enables secure interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries through a controlled interface.

Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.

A Model Control Protocol server that provides access to nmap network scanning functionality, allowing users to run customizable scans, store results, and analyze network security using AI prompts.

An MCP server that detects potential honeypot tokens on Ethereum, BNB Smart Chain (BSC), and Base.

Enterprise-grade authentication solution that provides secure credential management with encryption, multi-protocol authentication (OAuth2, SAML, LDAP), and real-time threat detection for applications.

An implementation of the Model Context Protocol server that enables AI models to communicate with Edge Security Acceleration (ESA) services, allowing models to manage routines, deployments, routes, records, and sites through standardized protocols.

A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.

MCP server for querying the ZoomEye API

An MCP server that enables Cline to analyze binaries using Binary Ninja with a Personal License through a bridge implementation.

A Model Context Protocol server that retrieves CVE information from the National Vulnerability Database, allowing AI models to access up-to-date vulnerability data.

A Model Context Protocol server that provides SD Elements API integration, enabling LLMs to interact with SD Elements security development lifecycle platform.

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.

The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.

A high-performance Model Context Protocol server that provides secure, tool-based access to the Bugcrowd API, allowing for natural language interaction with bug bounty programs through various AI agent platforms.

A Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.

Provides blockchain address risk scoring and asset information through the BICScan API, allowing users to assess risks for crypto addresses, domains, and dApps on a scale of 0-100.

A Model Context Protocol server that enables management of Keycloak users and realms through a standardized interface, providing tools for user creation, deletion, role assignment, and group management.

An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.

Enables enterprise-grade authentication management with secure credential handling and support for multi-protocol auth, complete with tools for analyzing, setting up, and testing authentication systems.

A server that provides access to Baidu Cloud's content moderation capabilities for detecting unsafe content, allowing applications like Cursor to check text for security risks.

A Model Context Protocol server providing utility tools for development and testing, offering functionalities like personalized greetings, random card drawing, and datetime formatting with an extensible architecture.

A secure server that enables AI agents to access 2FA codes and passwords from the Authenticator App, allowing them to assist with automated login processes while maintaining security.

A demonstration server that reveals security risks by accessing sensitive environment variables, illustrating how MCP tools can potentially leak user data without explicit consent.

A Model Context Protocol server that provides LLMs with real-time network traffic analysis capabilities, enabling tasks like threat hunting, network diagnostics, and anomaly detection through Wireshark's tshark.

Burpsuite MCP Server

The server provides secure OTP (One-Time Password) generation. Supports TOTP (Time-based) and HOTP (HMAC-based) algorithms

An MCP server for interacting with Google's Chronicle Security Operations suite, enabling users to search security events, get alerts, look up entities, list security rules, and retrieve IoC matches.

A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.

A server that enables scanning files for viruses using the ClamAV engine, providing a simple integration with Cursor IDE via SSE connections.

A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.

Provides tools to manage OpenAI API keys and spending through the OpenAI API. Requires an OpenAI admin API key for secure access to account management features.

A Model Context Protocol server for AES encryption and decryption, supporting various modes, padding, and input/output formats for secure data handling.

Enables AI assistants to check software end-of-life dates and support status using the endoflife.date API, providing accurate information on software lifecycle, security status, and upgrade recommendations in real-time.

Provides comprehensive Firewalla MSP firewall integration via MCP protocol with 28 tools for real-time security monitoring, network analysis, bandwidth tracking, and rule management. Supports all MCP-compatible clients for automated network security operations.

A vulnerable MCP server implementation that demonstrates how poor coding practices can lead to security issues like Remote Code Execution, designed for educational purposes to add numbers.

Nessus MCP Server

An MCP server that provides deepfake detection capabilities, allowing clients to analyze images for authenticity via Proofly's API.

AWS‑IReveal‑MCP

A Model Context Protocol server that provides LLM Agents with a comprehensive toolset for IP geolocation, network diagnostics, system monitoring, cryptographic operations, and QR code generation.

A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

A server that enables managing OPNSense firewalls through natural language interactions with Claude Desktop, supporting VLAN management, firewall rules configuration, and network interface queries.

A Model Context Protocol server that enables AI-powered analysis of NPM packages through multiple tools for security vulnerability scanning, dependency analysis, package comparison, and quality assessment.

Enables Claude to interact with Okta's user management system, providing capabilities to retrieve user details, list users with filtering options, and manage user groups.

Advanced Keycloak MCP server

Managing Keycloak identity and access management

A Model Context Protocol server that provides secure access to Doppler's secret management platform, allowing AI assistants to manage secrets, environment variables, and configurations through Doppler's API.

A secure terminal execution server that enables controlled command execution with security features and resource limits via the Model Context Protocol (MCP).

Provides secure access to the Bugcrowd bug bounty platform API, optimized for OpenAI's Agents SDK integration to enable vulnerability management and security research.

Integrates AI safety analysis, red-teaming, and prompt auditing directly into MCP-compatible clients like Claude Desktop and Cursor IDE, allowing real-time analysis of prompts and detection of jailbreak attempts.

Provides seamless integration with Fastly's Next-Gen Web Application Firewall API, enabling AI assistants to manage web application security through natural language interactions.

A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.

A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.

A MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

A Model Context Protocol (MCP) server that provides AI-powered security analysis and safety instruction tools. This server helps protect AI agents by providing security guidelines, content analysis, and cautionary instructions when interacting with various MCPs and external services.

A Model Context Protocol server that enables querying and analyzing Wazuh security logs stored in OpenSearch, with features for searching alerts, getting detailed information, generating statistics, and visualizing trends.

Trivy

A Model Context Protocol server that provides tools to manage Keycloak users and realms, allowing you to create and delete users, list available realms, and view users in specific realms.

缔零法则MCP是基于LLM和RAG技术搭建的实现完全替代人力的全自动化风险识别的内容安全审查平台，致力于通过代理AI技术减少人力成本，高效高精度为用户提供分钟级接入的内容风控解决方案，破解安全威胁，提供从风险感知到主动拦截策略执行的全链路闭环与一体化解决方案。This MCP tool is an AI-powered content security review platform built on LLM and RAG technologies, designed to achieve fully automated risk identification that completel

Implements a Model Context Protocol server using Server-Sent Events for real-time communication with OAuth 2.1 integration via Ory Network, enabling secure AI model communication with authentication and client management.

A Model Context Protocol server that performs Trivy scans to generate Software Bill of Materials (SBOM) in CycloneDX format.

Provides tools for managing Netskope infrastructure, policies, and steering configurations via the Model Context Protocol.

A Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.

A Model Context Protocol server that enables conversational AI interaction with Illumio PCE for security policy management, workload operations, traffic flow analysis, and compliance assessment.

Kaspersky OpenTIP Model Context Protocol Server. This server gives access to Kaspersky OpenTIP API to agentic applications.

A Model Context Protocol server that enables AI agents to interact with Netwrix Access Analyzer through standardized interfaces, allowing visibility into data access risks, data classification, and user access patterns to help organizations better secure their most sensitive data.

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language. For instance, you could simply ask Claude to "Create a new Auth0 app and get the domain and client ID"

Enables security-focused LLM agents like GPT-4.1 and Claude 3 to interact with the urlDNA threat intelligence platform, providing tools for URL scanning, threat detection, and malicious content analysis.

Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning

IMCP - Insecure Model Context Protocol The DVWA for AI Security! Welcome to IMCP – a deliberately vulnerable framework that exposes 16 critical security weaknesses in AI/ML systems. Whether you're a security researcher, developer, or educator, IMCP is your playground for hands-on learning about real

A Model Context Protocol server that provides Claude with access to Pangea's security services, including AI Guard, Domain Intel, Embargo checks, IP Intelligence, Redaction, Secure Audit Log, URL Intelligence, and Vault services.

A specialized MCP server for Claude Desktop that allows executing terminal commands for malware analysis with support for common analysis tools like file, strings, hexdump, objdump, and xxd.

A Model Context Protocol (MCP) server for interacting with Joe Sandbox Cloud. This server exposes rich analysis and IOC extraction capabilities from Joe Sandbox and integrates cleanly into any MCP-compatible application (e.g. Claude Desktop, Glama, or custom LLM agents).

Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.

viso-mcp-server

A Model Context Protocol server that allows AI assistants to connect to and manage Israeli bank accounts, fetch transactions, and handle authentication for all major Israeli banks and credit card companies.

A proxy server that sits between MCP clients and servers, providing authentication, tool discovery, caching, and guardrail enforcement to protect MCP servers from malicious inputs.

Enables monitoring of domain registration information via WHOIS lookup and SSL certificate validity checking. Provides domain expiration dates, registrar details, certificate validity periods, and issuer information for website security monitoring.

This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts

A bridge that connects Waybackurls with the Model Context Protocol ecosystem, enabling AI assistants to fetch historical URLs from the Wayback Machine to discover forgotten endpoints and potentially vulnerable URLs.

A self-hostable OAuth 2.0 server designed for the Model-Context-Protocol (MCP) that enables you to secure your MCP applications with a robust implementation you control.

A proof-of-concept attack that exploits Model Context Protocol (MCP) tool registration to achieve persistent agent poisoning in AI assistants like Cursor, embedding malicious instructions that persist across chat contexts without requiring tool execution.

A Model Context Protocol server implementation that provides endpoints for wallet-based authentication, cluster management, and name registration services.

An open-source implementation of the Model Context Protocol (MCP) that bridges AI agents with enterprise systems, enabling secure access to real-world data and capabilities.

A Model Context Protocol server that enables Large Language Models to interact with Binary Ninja for reverse engineering tasks like viewing assembly code, decompiled code, renaming functions, and adding comments.

A prompt-validation service that checks incoming prompts against security rules, blocking those matching high-severity security or jailbreak patterns while authorizing safe prompts.

Description: Introduce Beelzebub, an MCP‑based honeypot framework that enables creating decoy tools to detect prompt injection and malicious agent behavior. Motivation: Strengthen the security of LLM workflows by adding a non‑intrusive detection mechanism.

Enables integration of Semgrep in development environments via the MCP protocol, supporting static code analysis, rule management, and scan result operations.

A production-ready template for building Model Context Protocol servers with Clerk authentication on Cloudflare Workers, allowing AI assistants to securely access user data and business logic in Clerk-authenticated applications.

A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.

A Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.

A Model Context Protocol server that enforces policies on user inputs by checking against defined rules and rude words, helping ensure AI interactions remain appropriate and compliant.

Provides AI assistants with direct access to Wireshark network analysis capabilities, enabling AI-powered network troubleshooting, packet analysis, and network monitoring through a secure interface.

Cortex MCP Server

ms-sentinel-mcp-server

OPNsense MCP Server

Provides programmatic access to ingest and query Windows event logs (especially Sysmon logs), enabling security monitoring, incident response, and log analysis automation.

Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.

A Model Context Protocol server that enables programmatic interaction with Cisco Identity Services Engine APIs through standardized, discoverable tools.

A secure MCP server using FastMCP and Eunomia Authorization, providing granular access control with dynamic JSON policies.

A collection of MCP servers for Kali Linux that empower AI Agents in reverse engineering and security testing, providing network analysis, target sniffing, traffic analysis, binary understanding, and automation capabilities.

BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.

fluidattacks-mcp

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

Securely integrates Wazuh security data with LLMs (such as Claude Desktop) by retrieving alerts from Elasticsearch indices and transforming them into MCP-compliant format, enabling real-time security context in LLM applications.

mcp-server-wazuh

A comprehensive Model Context Protocol server template that implements HTTP-based transport with OAuth proxy for third-party authorization servers like Auth0, enabling AI tools to securely connect while supporting Dynamic Application Registration.

Creates and manages encoded messages using zero-width characters and advanced Unicode steganography techniques, enabling quantum-themed puzzle generation with hidden secrets.

An intelligent layered port scanning service based on MCP protocol, designed for AI assistants and development tools to perform network security analysis with real-time feedback.

vet-mcp

A demonstration tool that showcases potential security attack vectors against Model Control Protocol, illustrating how malicious plugins can exploit weaknesses in MCP architecture.

An MCP server that enables AI agents to analyze executable files using Detect It Easy (DIE), providing capabilities to examine file structures, detect packers, compilers, and gather other forensic information.

A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.

Authentik MCP provides seamless integration with Authentik's API, supporting both full-featured and diagnostic modes. These enable secure, automated user, group, and system management through MCP-compatible tools.

Validates URLs and checks their reputation to help identify AI hallucinations and verify web page authenticity.

Enables AI assistants to perform network scanning operations using NMAP, offering a standardized interface for network analysis and security assessments through AI conversations.

A server that retrieves CVE details from the NVD API and fetches EPSS scores to provide comprehensive vulnerability information, including descriptions, CWEs, CVSS scores, and exploitation likelihood percentiles.

Integrates with the AbuseIPDB API to check IP addresses for abuse reports and report abusive IP addresses.

Provides Python code security analysis through the Model Context Protocol, enabling AI tools to detect potential vulnerabilities like SQL injection and XSS by identifying tainted data flows from untrusted sources to sensitive operations.

A proof-of-concept tool that integrates AI into security operations, allowing users to perform offensive security tasks like network scanning and reconnaissance through natural language commands to GitHub Copilot.

Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.

A Model Context Protocol (MCP) server for Socket integration, allowing AI assistants to efficiently check dependency vulnerability scores and security information.

MCP server for Huntress API integration

TheHive MCP Server

Enables AI assistants to interact with Metasploit Framework through 28 comprehensive tools for penetration testing and security analysis. Provides secure, structured access to MSF modules, database operations, session management, and payload generation capabilities.

Provides comprehensive security analysis tools for querying the VirusTotal API, enabling detailed security reports on URLs, files, IP addresses, and domains with automatic relationship data fetching.

Enables secure integration with Metasploit Framework for AI assistants, providing comprehensive access to penetration testing tools, module management, payload generation, and database operations. Designed for authorized security testing and defensive analysis with 28 specialized tools covering complete MSF functionality.

An MCP proxy that pseudo-anonymizes PII before data reaches external AI providers like Claude, ChatGPT, or Gemini.

An MCP server that allows LLMs to autonomously reverse engineer applications by exposing Ghidra's functionality, including decompiling binaries, analyzing code, and renaming methods and data.

A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.

Node.js server implementing Model Context Protocol for secure read-only filesystem operations, allowing Claude to read files, list directories, search files, and get file metadata within specified directories.

A robust Model Control Protocol server that enables AI agents to access real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and other cyber-security entities.

An MCP server that detects potential risks in Solana meme tokens, helping AI agents avoid rug pulls and unsafe projects.

A Model Context Protocol server that enables AI assistants to perform YARA rule-based threat analysis on files and URLs, supporting comprehensive rule management and detailed scanning results.

A Model Context Protocol server that integrates Zeek network analysis capabilities with LLM chatbots, allowing them to analyze PCAP files and parse network logs through natural language interactions.

A Model Context Protocol server implementation to query the NIST National Vulnerability Database (NVD) via its API.

Allows developers to query security findings (SAST issues, secrets, patches) using natural language within AI-assisted tools like Claude Desktop, Cursor, and other MCP-compatible environments.

A Python-based MCP server that enables integration with Microsoft Security Copilot and Microsoft Sentinel, allowing users to run KQL queries, manage skillsets/plugins, and execute prompts in Security Copilot.

An MCP server for checking and revoking ERC-20 token allowances across multiple blockchains.

MCP server to work with okta entities

A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.

A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.

A production-grade server that enables natural language interaction with pfSense firewalls through Claude Desktop and other GenAI applications, supporting multiple access levels and functional categories.

A Model Context Protocol server that enables natural language control of Ludus cybersecurity training environments, allowing users to deploy, manage, and configure virtualized security training ranges.

An experimental Model Context Protocol server that enables Large Language Models to read, search, and manipulate OpenFGA authorization stores, unlocking fine-grained access control for agentic AI and natural language interactions.

An MCP server for Google's Certificate Authority API that enables management of private certificate authorities through natural language interactions.

A Cloudflare Workers-based MCP server implementation that supports OAuth login and bearer token authentication, allowing secure connection from MCP clients like Claude Desktop and the MCP Inspector.

Provides secure access to Microsoft Entra ID (Azure AD) resources including users, devices, and applications through Microsoft Graph API. Enables querying organizational data with comprehensive audit logging to Azure Blob Storage.

Enables users to run and manage BBOT security scans through the MCP interface. Provides comprehensive tools for executing reconnaissance scans, monitoring progress, and retrieving results with support for concurrent scanning operations.

This server implements the Multi-Agent Conversation Protocol for AWS SecurityHub, enabling interaction with AWS SecurityHub API through natural language commands.

BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.