A robust Model Control Protocol server that enables AI agents to access real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and other cyber-security entities.

mcp-panther

Enables AI assistants to interact with security data pipelines and map data to the Open Cybersecurity Schema Framework (OCSF) through Tenzir. Provides seamless integration for processing and analyzing cybersecurity data using natural language.

Let MCP clients like Claude and Cursor control Intruder.IO

A Model Context Protocol server that enables interaction with Infisical APIs for secret management, allowing users to create, update, delete, and list secrets through function calling.

An MCP server that provides a comprehensive interface to Semgrep, enabling users to scan code for security vulnerabilities, create custom rules, and analyze scan results through the Model Context Protocol.

A Node.js server implementing Model Context Protocol (MCP) that enables natural language interaction with Binalyze AIR's digital forensics and incident response capabilities.

CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.

Interact with Descope's Management APIs to manage users, audit, and more.

A Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.

OnSecurity MCP Server

Audits npm package dependencies for security vulnerabilities, providing detailed reports and fix recommendations with MCP integration.

A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

Nessus MCP Server

A Model Context Protocol server that enables management of Keycloak users and realms through a standardized interface, providing tools for user creation, deletion, role assignment, and group management.

Enables AI assistants to check software end-of-life dates and support status using the endoflife.date API, providing accurate information on software lifecycle, security status, and upgrade recommendations in real-time.

AWS‑IReveal‑MCP

An MCP server for interacting with Google's Chronicle Security Operations suite, enabling users to search security events, get alerts, look up entities, list security rules, and retrieve IoC matches.

A Model Context Protocol server that provides LLMs with real-time network traffic analysis capabilities, enabling tasks like threat hunting, network diagnostics, and anomaly detection through Wireshark's tshark.

An MCP server that provides deepfake detection capabilities, allowing clients to analyze images for authenticity via Proofly's API.

Integrates AI safety analysis, red-teaming, and prompt auditing directly into MCP-compatible clients like Claude Desktop and Cursor IDE, allowing real-time analysis of prompts and detection of jailbreak attempts.

A Model Context Protocol (MCP) server that provides integration with the Have I Been Pwned API to check if your accounts or passwords have been compromised in data breaches.

A simple MCP (Multimodal Conversational Plugin) server based on Joern that provides code review and security analysis capabilities through natural language interfaces.

Provides blockchain address risk scoring and asset information through the BICScan API, allowing users to assess risks for crypto addresses, domains, and dApps on a scale of 0-100.

Provides secure access to the Bugcrowd bug bounty platform API, optimized for OpenAI's Agents SDK integration to enable vulnerability management and security research.

A Model Context Protocol server providing utility tools for development and testing, offering functionalities like personalized greetings, random card drawing, and datetime formatting with an extensible architecture.

ZeroTrusted-ai PII Detection Agent

A Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.

A Model Context Protocol server that retrieves CVE information from the National Vulnerability Database, allowing AI models to access up-to-date vulnerability data.

A Model Context Protocol server that provides SD Elements API integration, enabling LLMs to interact with SD Elements security development lifecycle platform.

A Model Context Protocol server for AES encryption and decryption, supporting various modes, padding, and input/output formats for secure data handling.

An MCP server that enables Cline to analyze binaries using Binary Ninja with a Personal License through a bridge implementation.

A vulnerable MCP server implementation that demonstrates how poor coding practices can lead to security issues like Remote Code Execution, designed for educational purposes to add numbers.

Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.

Managing Keycloak identity and access management

Enables enterprise-grade authentication management with secure credential handling and support for multi-protocol auth, complete with tools for analyzing, setting up, and testing authentication systems.

Provides comprehensive Firewalla MSP firewall integration via MCP protocol with 28 tools for real-time security monitoring, network analysis, bandwidth tracking, and rule management. Supports all MCP-compatible clients for automated network security operations.

Provides tools to manage OpenAI API keys and spending through the OpenAI API. Requires an OpenAI admin API key for secure access to account management features.

Provides seamless integration with Fastly's Next-Gen Web Application Firewall API, enabling AI assistants to manage web application security through natural language interactions.

A Model Context Protocol server that integrates essential penetration testing tools (Nmap, Gobuster, Nikto, John the Ripper) into a unified natural language interface, allowing security professionals to execute and chain multiple tools through conversational commands.

A MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.

MCP Server For Garak LLM Vulnerability Scanner https://github.com/EdenYavin/Garak-MCP/blob/main/README.md

A demonstration server that reveals security risks by accessing sensitive environment variables, illustrating how MCP tools can potentially leak user data without explicit consent.

Fork of @cyanheads toolkit MCP server. Added encoding functions, removed system network functions.

A server that enables scanning files for viruses using the ClamAV engine, providing a simple integration with Cursor IDE via SSE connections.

A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.

A secure server that enables AI agents to access 2FA codes and passwords from the Authenticator App, allowing them to assist with automated login processes while maintaining security.

A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.

A Model Context Protocol server that provides LLM Agents with a comprehensive toolset for IP geolocation, network diagnostics, system monitoring, cryptographic operations, and QR code generation.

An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.

Burpsuite MCP Server

Advanced Keycloak MCP server

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

A secure MCP server for Windows Subsystem for Linux environments, facilitating safe command execution with extensive validation and protection against vulnerabilities like shell injection and dangerous commands.

The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.

A Model Context Protocol (MCP) server that provides AI-powered security analysis and safety instruction tools. This server helps protect AI agents by providing security guidelines, content analysis, and cautionary instructions when interacting with various MCPs and external services.

The server provides secure OTP (One-Time Password) generation. Supports TOTP (Time-based) and HOTP (HMAC-based) algorithms

An implementation of the Model Context Protocol server that enables AI models to communicate with Edge Security Acceleration (ESA) services, allowing models to manage routines, deployments, routes, records, and sites through standardized protocols.

A secure terminal execution server that enables controlled command execution with security features and resource limits via the Model Context Protocol (MCP).

A high-performance Model Context Protocol server that provides secure, tool-based access to the Bugcrowd API, allowing for natural language interaction with bug bounty programs through various AI agent platforms.

A Model Context Protocol server that enables AI-powered analysis of NPM packages through multiple tools for security vulnerability scanning, dependency analysis, package comparison, and quality assessment.

An MCP server that detects potential honeypot tokens on Ethereum, BNB Smart Chain (BSC), and Base.

MCP server for querying the ZoomEye API

A server that provides access to Baidu Cloud's content moderation capabilities for detecting unsafe content, allowing applications like Cursor to check text for security risks.

A server that enables managing OPNSense firewalls through natural language interactions with Claude Desktop, supporting VLAN management, firewall rules configuration, and network interface queries.

Enterprise-grade authentication solution that provides secure credential management with encryption, multi-protocol authentication (OAuth2, SAML, LDAP), and real-time threat detection for applications.

Enables Claude to interact with Okta's user management system, providing capabilities to retrieve user details, list users with filtering options, and manage user groups.

A Model Control Protocol server that provides access to nmap network scanning functionality, allowing users to run customizable scans, store results, and analyze network security using AI prompts.

A Model Context Protocol server that provides secure access to Doppler's secret management platform, allowing AI assistants to manage secrets, environment variables, and configurations through Doppler's API.

A Model Context Protocol server that enables secure interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries through a controlled interface.

This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language. For instance, you could simply ask Claude to "Create a new Auth0 app and get the domain and client ID"

A Model Context Protocol server that enables conversational AI interaction with Illumio PCE for security policy management, workload operations, traffic flow analysis, and compliance assessment.

Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning

Enables monitoring of domain registration information via WHOIS lookup and SSL certificate validity checking. Provides domain expiration dates, registrar details, certificate validity periods, and issuer information for website security monitoring.

Implements a Model Context Protocol server using Server-Sent Events for real-time communication with OAuth 2.1 integration via Ory Network, enabling secure AI model communication with authentication and client management.

A specialized MCP server for Claude Desktop that allows executing terminal commands for malware analysis with support for common analysis tools like file, strings, hexdump, objdump, and xxd.

A self-hostable OAuth 2.0 server designed for the Model-Context-Protocol (MCP) that enables you to secure your MCP applications with a robust implementation you control.

Exposes Nmap network scanning capabilities through a Model Context Protocol (MCP) server, allowing users to perform various types of network scans including vulnerability assessment, service detection, and OS fingerprinting.

A Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.

IMCP - Insecure Model Context Protocol The DVWA for AI Security! Welcome to IMCP – a deliberately vulnerable framework that exposes 16 critical security weaknesses in AI/ML systems. Whether you're a security researcher, developer, or educator, IMCP is your playground for hands-on learning about real

缔零法则MCP是基于LLM和RAG技术搭建的实现完全替代人力的全自动化风险识别的内容安全审查平台，致力于通过代理AI技术减少人力成本，高效高精度为用户提供分钟级接入的内容风控解决方案，破解安全威胁，提供从风险感知到主动拦截策略执行的全链路闭环与一体化解决方案。This MCP tool is an AI-powered content security review platform built on LLM and RAG technologies, designed to achieve fully automated risk identification that completel

Kaspersky OpenTIP Model Context Protocol Server. This server gives access to Kaspersky OpenTIP API to agentic applications.

A proof-of-concept attack that exploits Model Context Protocol (MCP) tool registration to achieve persistent agent poisoning in AI assistants like Cursor, embedding malicious instructions that persist across chat contexts without requiring tool execution.

A Model Context Protocol server that provides tools to manage Keycloak users and realms, allowing you to create and delete users, list available realms, and view users in specific realms.

Connects Nuclei vulnerability scanner with MCP-compatible applications, enabling AI assistants to perform security testing through natural language interactions.

A Model Context Protocol server that enables AI agents to interact with Netwrix Access Analyzer through standardized interfaces, allowing visibility into data access risks, data classification, and user access patterns to help organizations better secure their most sensitive data.

A proxy server that sits between MCP clients and servers, providing authentication, tool discovery, caching, and guardrail enforcement to protect MCP servers from malicious inputs.

Enables security-focused LLM agents like GPT-4.1 and Claude 3 to interact with the urlDNA threat intelligence platform, providing tools for URL scanning, threat detection, and malicious content analysis.

A Model Context Protocol (MCP) server for interacting with Joe Sandbox Cloud. This server exposes rich analysis and IOC extraction capabilities from Joe Sandbox and integrates cleanly into any MCP-compatible application (e.g. Claude Desktop, Glama, or custom LLM agents).

A Model Context Protocol server implementation that provides endpoints for wallet-based authentication, cluster management, and name registration services.

Trivy

A Model Context Protocol server that enables querying and analyzing Wazuh security logs stored in OpenSearch, with features for searching alerts, getting detailed information, generating statistics, and visualizing trends.

Connects AI agents with the CrowdStrike Falcon platform to enable intelligent security analysis, providing programmatic access to detections, incidents, threat intelligence, vulnerabilities, and other security capabilities for advanced security operations and automation.

Provides tools for managing Netskope infrastructure, policies, and steering configurations via the Model Context Protocol.

A Model Context Protocol server that allows AI assistants to connect to and manage Israeli bank accounts, fetch transactions, and handle authentication for all major Israeli banks and credit card companies.

viso-mcp-server

A Model Context Protocol server that performs Trivy scans to generate Software Bill of Materials (SBOM) in CycloneDX format.

A bridge that connects Waybackurls with the Model Context Protocol ecosystem, enabling AI assistants to fetch historical URLs from the Wayback Machine to discover forgotten endpoints and potentially vulnerable URLs.

A Model Context Protocol server that provides Claude with access to Pangea's security services, including AI Guard, Domain Intel, Embargo checks, IP Intelligence, Redaction, Secure Audit Log, URL Intelligence, and Vault services.

vet-mcp

A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.

Provides comprehensive security analysis tools for querying the VirusTotal API, enabling detailed security reports on URLs, files, IP addresses, and domains with automatic relationship data fetching.

Creates and manages encoded messages using zero-width characters and advanced Unicode steganography techniques, enabling quantum-themed puzzle generation with hidden secrets.

An enterprise-grade AI processing platform that provides advanced code analysis, automated documentation generation, security scanning, and knowledge extraction capabilities through a scalable MCP architecture. Features iterative neural processing, support for 100+ programming languages, and real-time streaming updates.

Node.js server implementing Model Context Protocol for secure read-only filesystem operations, allowing Claude to read files, list directories, search files, and get file metadata within specified directories.

A Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.

Enables fast, scriptable access to Windows .evtx event logs for incident response and digital forensics. Supports filtering events by time windows, Event IDs, and keywords with field projection to reduce output size.

A server that retrieves CVE details from the NVD API and fetches EPSS scores to provide comprehensive vulnerability information, including descriptions, CWEs, CVSS scores, and exploitation likelihood percentiles.

A production-grade server that enables natural language interaction with pfSense firewalls through Claude Desktop and other GenAI applications, supporting multiple access levels and functional categories.

BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.

An MCP server that enables AI agents to analyze executable files using Detect It Easy (DIE), providing capabilities to examine file structures, detect packers, compilers, and gather other forensic information.

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

A FastMCP-based interface for Metasploit Framework, enabling AI agents to interact with Metasploit capabilities for exploitation, payload generation, target scanning, and session management.

A production-ready template for building Model Context Protocol servers with Clerk authentication on Cloudflare Workers, allowing AI assistants to securely access user data and business logic in Clerk-authenticated applications.

Provides AI assistants with direct access to Wireshark network analysis capabilities, enabling AI-powered network troubleshooting, packet analysis, and network monitoring through a secure interface.

Enables secure MCP server functionality with Clerk authentication and user-specific API key management. Provides Next.js documentation tools through protected endpoints with multiple authentication methods including OAuth 2.1 with PKCE.

mcp-server-wazuh

Enables intelligent analysis of SonicWall firewall logs through natural language queries. Provides real-time threat detection, network security monitoring, and log analysis with support for both SonicOS 7.x and 8.x versions.

A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.

A Model Context Protocol server that enables programmatic interaction with Cisco Identity Services Engine APIs through standardized, discoverable tools.

A Model Context Protocol (MCP) server for Socket integration, allowing AI assistants to efficiently check dependency vulnerability scores and security information.

A module that enables AI assistants to access and utilize common penetration testing and security tools like Nmap and Metasploit through a simple interface.

Allows developers to query security findings (SAST issues, secrets, patches) using natural language within AI-assisted tools like Claude Desktop, Cursor, and other MCP-compatible environments.

Authentik MCP provides seamless integration with Authentik's API, supporting both full-featured and diagnostic modes. These enable secure, automated user, group, and system management through MCP-compatible tools.

Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.

Enables integration of Semgrep in development environments via the MCP protocol, supporting static code analysis, rule management, and scan result operations.

An MCP server that allows LLMs to autonomously reverse engineer applications by exposing Ghidra's functionality, including decompiling binaries, analyzing code, and renaming methods and data.

Enables access to BitSight security rating data through company search and rating retrieval functionality. Automatically manages BitSight subscriptions for one-time rating requests and provides structured security assessments for companies.

Enables timelock encryption using the Shutter Network, allowing users to encrypt messages that can only be decrypted after a specified future time. Supports natural language time parsing and provides trustless time-delayed communications.

A collection of MCP servers for Kali Linux that empower AI Agents in reverse engineering and security testing, providing network analysis, target sniffing, traffic analysis, binary understanding, and automation capabilities.

Exposes popular OSINT and reconnaissance tools like Sherlock, SpiderFoot, and Holehe through MCP and HTTP APIs for AI assistants. Runs security research tools in sandboxed environments and returns normalized JSON results for investigation and analysis.

Validates URLs and checks their reputation to help identify AI hallucinations and verify web page authenticity.

A Model Context Protocol server that enables Large Language Models to interact with Binary Ninja for reverse engineering tasks like viewing assembly code, decompiled code, renaming functions, and adding comments.

Enables interaction with SpiderFoot's OSINT scanning capabilities through Claude and other MCP-compatible tools. Supports comprehensive scan management, real-time monitoring, result retrieval, and export functionality for reconnaissance and investigation workflows.

Enables secure chat-based interaction with PostgreSQL databases through Claude Desktop. Features GitHub OAuth authentication, role-based access control, and enterprise-grade security for database queries and operations.

Enables users to run and manage BBOT security scans through the MCP interface. Provides comprehensive tools for executing reconnaissance scans, monitoring progress, and retrieving results with support for concurrent scanning operations.

ms-sentinel-mcp-server

A Python-based MCP server that enables integration with Microsoft Security Copilot and Microsoft Sentinel, allowing users to run KQL queries, manage skillsets/plugins, and execute prompts in Security Copilot.

A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.

A comprehensive Model Context Protocol server template that implements HTTP-based transport with OAuth proxy for third-party authorization servers like Auth0, enabling AI tools to securely connect while supporting Dynamic Application Registration.

Enables comprehensive security scanning of code repositories to detect secrets, vulnerabilities, dependency issues, and configuration problems. Provides real-time security checks and best practice recommendations to help developers identify and prevent security issues.

Securely integrates Wazuh security data with LLMs (such as Claude Desktop) by retrieving alerts from Elasticsearch indices and transforming them into MCP-compliant format, enabling real-time security context in LLM applications.

Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.

An experimental Model Context Protocol server that enables Large Language Models to read, search, and manipulate OpenFGA authorization stores, unlocking fine-grained access control for agentic AI and natural language interactions.

An intelligent layered port scanning service based on MCP protocol, designed for AI assistants and development tools to perform network security analysis with real-time feedback.

An MCP server that detects potential risks in Solana meme tokens, helping AI agents avoid rug pulls and unsafe projects.

Provides Python code security analysis through the Model Context Protocol, enabling AI tools to detect potential vulnerabilities like SQL injection and XSS by identifying tainted data flows from untrusted sources to sensitive operations.

MCP server for Huntress API integration

A Model Context Protocol server that enables natural language control of Ludus cybersecurity training environments, allowing users to deploy, manage, and configure virtualized security training ranges.

A prompt-validation service that checks incoming prompts against security rules, blocking those matching high-severity security or jailbreak patterns while authorizing safe prompts.

Description: Introduce Beelzebub, an MCP‑based honeypot framework that enables creating decoy tools to detect prompt injection and malicious agent behavior. Motivation: Strengthen the security of LLM workflows by adding a non‑intrusive detection mechanism.

An MCP proxy that pseudo-anonymizes PII before data reaches external AI providers like Claude, ChatGPT, or Gemini.

A Model Context Protocol server that integrates Zeek network analysis capabilities with LLM chatbots, allowing them to analyze PCAP files and parse network logs through natural language interactions.

Enables AI assistants to interact with Metasploit Framework through 28 comprehensive tools for penetration testing and security analysis. Provides secure, structured access to MSF modules, database operations, session management, and payload generation capabilities.

Cortex MCP Server

A Model Context Protocol server that enables AI assistants to perform YARA rule-based threat analysis on files and URLs, supporting comprehensive rule management and detailed scanning results.

Provides programmatic access to ingest and query Windows event logs (especially Sysmon logs), enabling security monitoring, incident response, and log analysis automation.

OPNsense MCP Server

Integrates with the AbuseIPDB API to check IP addresses for abuse reports and report abusive IP addresses.

fluidattacks-mcp

A demonstration tool that showcases potential security attack vectors against Model Control Protocol, illustrating how malicious plugins can exploit weaknesses in MCP architecture.

Enables AI assistants to perform network scanning operations using NMAP, offering a standardized interface for network analysis and security assessments through AI conversations.

A secure MCP server using FastMCP and Eunomia Authorization, providing granular access control with dynamic JSON policies.

A proof-of-concept tool that integrates AI into security operations, allowing users to perform offensive security tasks like network scanning and reconnaissance through natural language commands to GitHub Copilot.

Enables secure integration with Metasploit Framework for AI assistants, providing comprehensive access to penetration testing tools, module management, payload generation, and database operations. Designed for authorized security testing and defensive analysis with 28 specialized tools covering complete MSF functionality.

TheHive MCP Server

A minimal Model Context Protocol server that provides access to OWASP security cheat sheets through a simple HTTP API, enabling users to list, retrieve, and search security best practices.

A Model Context Protocol server that enforces policies on user inputs by checking against defined rules and rude words, helping ensure AI interactions remain appropriate and compliant.

An open-source implementation of the Model Context Protocol (MCP) that bridges AI agents with enterprise systems, enabling secure access to real-world data and capabilities.

A Model Context Protocol server implementation to query the NIST National Vulnerability Database (NVD) via its API.

An MCP server for checking and revoking ERC-20 token allowances across multiple blockchains.

MCP server to work with okta entities

Provides access to 13+ penetration testing and security audit tools through a unified MCP interface. Enables security professionals to perform vulnerability scanning, web fuzzing, network reconnaissance, and other security assessments through containerized tools like Nuclei, Nmap, SQLMap, and FFUF.

Provides comprehensive HIPAA compliance guidance for developers building healthcare applications. Offers tools to identify PHI, understand encryption requirements, navigate business associate rules, and ensure compliance with HIPAA Security and Privacy Rules.