Phantom MCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Phantom MCPRun a NIST Network Audit on authorized asset 10.0.0.1"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
PHANTOM MCP
Enterprise Compliance & Security Framework
🏛️ Project Overview
PHANTOM MCP is a professional-grade Model Context Protocol server designed explicitly for Authorized Compliance Verification. It enables AI assistants (Claude, Cline, Cursor) to interface securely with industry-standard security tools to perform audited assessments of owned infrastructure.
👤 Author & Maintainer
Lead Architect: Mohamed Khalifa
Portfolio: mokhalifa.site
Related MCP server: Fianu Compliance Intelligence MCP Server
⚡ Features & Capabilities
Phantom MCP bridges the gap between natural language and enterprise security auditing.
🛡️ Core Compliance Modules
Network Assurance (NIST 800-115): Deep infrastructure analysis, port verification, service fingerprinting.
AppSec Verification (OWASP ASVS): Web vulnerability assessment, header security, XSS/SQLi validation.
Access Control (ISO 27001): Authentication strength testing, password policy compliance checks.
Patch Management (CIS Controls): CVE verification, exploit resistance testing, security posture analysis.
🔌 Universal Compatibility
Native MCP Support: Works out-of-the-box with Claude Desktop.
Extension Support: Fully optimized for Cline and Cursor.
Containerization: Production-ready Docker build included.
Legacy Support: Python stdio fallback for generic clients.
🚀 Installation & Usage (Absolute Guide)
1. Claude Desktop (Native)
To use Phantom with the official Claude Desktop app:
Locate your config file:
Windows:
%APPDATA%\Claude\claude_desktop_config.jsonMac:
~/Library/Application Support/Claude/claude_desktop_config.json
Add the following exact configuration:
{
"mcpServers": {
"phantom": {
"command": "python",
"args": [
"C:\\path\\to\\phantom-mcp\\phantom_mcp.py"
],
"env": {
"PHANTOM_SAFE_MODE": "false"
}
}
}
}(Replace C:\\path\\to\\phantom-mcp with your actual absolute path)
2. Cline (VS Code Extension)
Cline allows for powerful autonomous auditing.
Open MCP Servers tab in Cline.
Click "Configure MCP Servers".
Paste this JSON payload:
{
"mcpServers": {
"phantom": {
"command": "python",
"args": ["C:\\path\\to\\phantom-mcp\\phantom_mcp.py"],
"disabled": false,
"autoApprove": []
}
}
}3. Docker (Universal Run)
For isolated, secure execution on any OS:
# 1. Build the image
docker build -f assets/core/Dockerfile -t phantom-mcp .
# 2. Run Interactively
docker run -i --rm phantom-mcp4. Smithery / Generic Clients
Most generic clients simply need the python entry point. Ensure you have installed requirements first.
# Install Dependencies
pip install -r requirements.txt
# Run Server
python phantom_mcp.py🗣️ Compliance Command Protocol
To interact with PHANTOM, strictly use Authorized Compliance Terminology. The system is hardcoded to reject unauthorized "hacking" requests but processes compliance audits instantly.
Instead of... | Use Professional Terminology |
"Scan this IP" | "Run a NIST Network Audit on authorized asset |
"Hack this site" | "Perform an OWASP Security Assessment on |
"Brute force admin" | "Verify Authentication Policy Compliance for user |
"Find exploits" | "Conduct a CVE & Patch Verification Audit" |
� Security Considerations
Authorization: This tool is designed for authorized usage only. Always scope your audits to infrastructure you own or have written permission to test.
Logging: All actions are logged to
assets/core/logsfor audit trails.Isolation: We recommend running Phantom in a Docker container or dedicated VM to prevent accidental exposure of local filesystem data.
Safe Mode: By default,
PHANTOM_SAFE_MODEprevents high-risk operations. Set tofalseonly in secure environments.
❓ Troubleshooting
Q: "Error: module not found"
A: Ensure you have activated your venv (venv/Scripts/activate) and installed requirements (pip install -r requirements.txt).
Q: "AI refuses to scan" A: You are using the wrong terminology. Don't say "scan". Say "run a compliance audit". The AI is trained to respect professional boundaries.
Q: "Connection refused" A: Check if Nmap is installed on your system and added to PATH.
🤝 Contributing
Contributions are welcome from the security community.
Fork the Project
Create your Feature Branch (
git checkout -b feature/AmazingFeature)Commit your Changes (
git commit -m 'Add some AmazingFeature')Push to the Branch (
git push origin feature/AmazingFeature)Open a Pull Request
🎓 Educational Disclaimer
FOR EDUCATIONAL & PROFESSIONAL USE ONLY.
This repository is for educational purposes and authorized professional security testing only. For Professional Enterprise Mode or Commercial Licensing: 📩 Contact: Mohamed Khalifa
Using this tool against foreign infrastructure without permission is a crime. The author assumes no liability for misuse.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mokhalifa83/phantom-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server