mcp-vanguard
Checks for exposed Docker daemon sockets.
Checks for exposed Firebase projects and configurations.
Generates GitHub dork queries to find sensitive data in public repositories.
Checks for publicly accessible Google Cloud Storage buckets.
Audits Helm charts for security misconfigurations.
Checks for unauthenticated access to Kubernetes APIs.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcp-vanguardscan subdomains for example.com"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mcp-vanguard
A security pentesting MCP Server with 89 tools across 10 categories for Claude integration. Features native Windows/WSL bridge for using Kali Linux tools from any terminal — zero new npm dependencies.
Features
89 Security Tools across 10 categories: recon, web, OSINT, network, exploit, crypto, cloud, container, analysis, and utilities
Registry Architecture: Auto-discoverable tools with self-describing schemas, permissions, and execution modes
WSL Bridge: Transparently execute Kali Linux tools (nmap, john, enum4linux, etc.) from Windows
Hybrid Execution: Native Node.js, external APIs, WSL subprocesses, or automatic fallback
Scope Management: Prevent scanning outside authorized targets
Permission Tiers: SAFE (passive) / DANGEROUS (active, scope required) / BLOCKED (unknown)
Report Generation: Markdown and JSON reports, diff comparisons, risk scoring
Attack Chain Detection: Correlate findings across tools to identify multi-step attack paths
Security Hardening: Input sanitization, command allowlists, audit logging, safe error handling
Caching & Rate Limiting: Built-in controls for efficient and safe scanning
Quick Start
git clone https://github.com/skyvanguard/mcp-vanguard.git
cd mcp-vanguard
npm install
npm run build
npm testConfiguration
Add to your Claude MCP configuration:
Claude Desktop (~/.claude/claude_desktop_config.json):
{
"mcpServers": {
"vanguard": {
"command": "node",
"args": ["/path/to/mcp-vanguard/dist/index.js"]
}
}
}Claude Code (.mcp.json in project root):
{
"mcpServers": {
"vanguard": {
"command": "node",
"args": ["C:/path/to/mcp-vanguard/dist/index.js"]
}
}
}Tools (89 total)
Reconnaissance (4 tools)
Tool | Description | Permission |
| Enumerate subdomains via crt.sh and DNS bruteforce | DANGEROUS |
| Port scanning with nmap or TCP connect fallback | DANGEROUS |
| WHOIS lookup for domains and IPs | SAFE |
| Query DNS records (A, AAAA, MX, NS, TXT, etc.) | SAFE |
Web Security (10 tools)
Tool | Description | Permission |
| Web fuzzing with ffuf (FUZZ keyword) | DANGEROUS |
| Vulnerability scanning with nuclei templates | DANGEROUS |
| Discover hidden HTTP parameters | DANGEROUS |
| Analyze security headers (HSTS, CSP, X-Frame-Options) | SAFE |
| Technology fingerprinting (CMS, frameworks, CDN) | SAFE |
| Wayback Machine URL history | SAFE |
| SSL/TLS certificate and configuration analysis | SAFE |
| CORS misconfiguration detection | SAFE |
| Parse robots.txt and sitemap.xml | SAFE |
| Extract endpoints and secrets from JavaScript | SAFE |
Network & Infrastructure (15 tools)
Tool | Description | Permission |
| Trace network path to target | DANGEROUS |
| Discover live hosts in a network range | DANGEROUS |
| Detect services/versions with nmap -sV | DANGEROUS |
| OS fingerprinting with nmap | DANGEROUS |
| Grab service banners via TCP | DANGEROUS |
| Enumerate SNMP data (WSL) | DANGEROUS |
| Enumerate SMB shares and users (WSL) | DANGEROUS |
| Enumerate LDAP directory (WSL) | DANGEROUS |
| Attempt DNS zone transfer (AXFR) | DANGEROUS |
| ARP discovery on local network (WSL) | DANGEROUS |
| Check FTP for anonymous access | SAFE |
| Audit SSH algorithms and configuration | SAFE |
| Reverse DNS (PTR) lookup | SAFE |
| CIDR calculator and subnet operations | SAFE |
| Test allowed HTTP methods on a URL | SAFE |
OSINT (15 tools)
Tool | Description | Permission |
| Generate GitHub dork queries for sensitive data | DANGEROUS |
| Certificate transparency log search | SAFE |
| CVE database search (NVD) | SAFE |
| Find email addresses for a domain | SAFE |
| Check username across social platforms | SAFE |
| Domain/IP reputation check | SAFE |
| IP geolocation (country, city, ISP, ASN) | SAFE |
| ASN lookup by number, IP, or organization | SAFE |
| Generate Google dork queries for a target | SAFE |
| Search Shodan for exposed services (API key required) | SAFE |
| Check email/domain in known data breaches | SAFE |
| Extract metadata from web pages | SAFE |
| Historical DNS record lookup | SAFE |
| Favicon hash for Shodan fingerprinting | SAFE |
| Wayback Machine snapshot analysis | SAFE |
Exploitation (10 tools)
Tool | Description | Permission |
| Search exploits by product/CVE (searchsploit + APIs) | DANGEROUS |
| Generate reverse shell payloads (bash, python, php, etc.) | DANGEROUS |
| SQL injection testing (error, boolean, time, union) | DANGEROUS |
| Reflected XSS testing with multiple payloads | DANGEROUS |
| SSRF testing (localhost, cloud metadata, file://) | DANGEROUS |
| Local File Inclusion (path traversal, PHP wrappers) | DANGEROUS |
| OS command injection testing | DANGEROUS |
| Open redirect with bypass techniques | DANGEROUS |
| CRLF / HTTP header injection testing | DANGEROUS |
| Insecure deserialization detection (Java, PHP, .NET, Python) | DANGEROUS |
Password & Crypto (8 tools)
Tool | Description | Permission |
| Crack hashes with John the Ripper (WSL) | DANGEROUS |
| JWT vulnerabilities: none alg, weak secrets, alg confusion | DANGEROUS |
| Secure random passwords or CeWL-based wordlists | DANGEROUS |
| Identify hash type (MD5, SHA, bcrypt, NTLM, etc.) | SAFE |
| Password strength analysis with entropy and crack time | SAFE |
| Decode JWT tokens with security checks | SAFE |
| HTTPS/TLS security headers and cookie audit | SAFE |
| Multi-format encode/decode (Base64, hex, URL, HTML, Unicode) | SAFE |
Cloud Security (8 tools)
Tool | Description | Permission |
| SSRF test for cloud metadata endpoints (AWS, GCP, Azure) | DANGEROUS |
| Dangling CNAME subdomain takeover detection | DANGEROUS |
| Check for exposed .env, .git, config files | DANGEROUS |
| AWS S3 bucket public access check | SAFE |
| Azure Blob Storage access check | SAFE |
| Google Cloud Storage access check | SAFE |
| Firebase project exposure check | SAFE |
| Enumerate cloud resources by keyword permutations | SAFE |
Container Security (5 tools)
Tool | Description | Permission |
| Check for exposed Docker daemon (TCP 2375/2376) | DANGEROUS |
| Kubernetes API/Kubelet unauthenticated access check | DANGEROUS |
| Container escape vector detection (socket, caps, mounts) | DANGEROUS |
| Docker Registry v2 repository/tag enumeration | DANGEROUS |
| Helm chart security audit (privileged, capabilities, secrets) | SAFE |
Analysis & Reporting (9 tools)
Tool | Description | Permission |
| Cross-tool finding correlation and attack chain detection | SAFE |
| Attack surface mapping from ports, techs, and subdomains | SAFE |
| Risk scoring with context multipliers | SAFE |
| Prioritized remediation plan generation | SAFE |
| Multi-layer encoding detection and decoding | SAFE |
| Before/after scan comparison (new, fixed, upgraded) | SAFE |
| Pentest event timeline with phase analysis | SAFE |
| Target scope management (set, add, remove, check) | SAFE |
| Security assessment reports in Markdown or JSON | SAFE |
Utilities (5 tools)
Tool | Description | Permission |
| Define authorized target scope | SAFE |
| Verify if target is in scope | SAFE |
| Generate markdown security report | SAFE |
| Convert report to styled HTML | SAFE |
| View audit log and security events | SAFE |
Summary
Category | Tools | SAFE | DANGEROUS |
Reconnaissance | 4 | 2 | 2 |
Web Security | 10 | 7 | 3 |
Network | 15 | 5 | 10 |
OSINT | 15 | 14 | 1 |
Exploitation | 10 | 0 | 10 |
Crypto | 8 | 5 | 3 |
Cloud | 8 | 5 | 3 |
Container | 5 | 1 | 4 |
Analysis | 9 | 9 | 0 |
Utilities | 5 | 5 | 0 |
Total | 89 | 53 | 36 |
Permission Tiers
Tier | Description | Example |
SAFE | Passive operations, no direct target interaction | DNS lookups, hash identification, report generation |
DANGEROUS | Active scanning, requires target authorization | Port scans, injection testing, fuzzing |
BLOCKED | Unregistered/unknown tools (rejected automatically) | — |
Usage Examples
1. Set Scope
vanguard_set_scope with targets: ["example.com", "*.example.com"]2. Passive Reconnaissance
vanguard_dns_records for example.com
vanguard_cert_search for example.com
vanguard_wayback for example.com
vanguard_ssl_check for example.com
vanguard_tech_detect for https://example.com
vanguard_asn_lookup for example.com
vanguard_favicon_hash for https://example.com3. Security Analysis
vanguard_headers_check for https://example.com
vanguard_cors_check for https://api.example.com
vanguard_js_endpoints for https://example.com with deep: true
vanguard_cve_lookup for "nginx 1.20"
vanguard_crypto_audit for https://example.com4. Active Scanning (requires authorization)
vanguard_subdomain_enum for example.com
vanguard_port_scan for example.com ports 1-1000
vanguard_service_detect for example.com ports [80, 443, 8080]
vanguard_nuclei_scan for https://example.com with severity ["high","critical"]
vanguard_sqli_test for https://example.com/search?q=test
vanguard_xss_test for https://example.com/search?q=test5. Cloud & Container Checks
vanguard_s3_bucket_check for "company-backup"
vanguard_firebase_check for "my-project"
vanguard_subdomain_takeover for ["app.example.com", "api.example.com"]
vanguard_docker_socket for 10.0.0.5
vanguard_k8s_api for https://10.0.0.5:64436. Analysis & Reporting
vanguard_vuln_correlate with findings from multiple scans
vanguard_risk_score with context (public, auth, sensitive data)
vanguard_remediation_plan from findings
vanguard_diff_report comparing before/after scans
vanguard_report_gen with title "Security Assessment" and findingsDevelopment
npm install # Install dependencies
npm run build # Build TypeScript
npm run dev # Watch mode
npm test # Run 178 tests
npm run test:coverage # Coverage report
npm run format # Format codeSecurity Features
Input Sanitization
Shell metacharacter filtering
Path traversal prevention
URL validation (no credentials, no private IPs)
Domain/IP format validation
Command Execution Safety
Command Allowlist: Only permitted commands can execute via WSL or Windows
Argument Escaping: All arguments are properly escaped for shell execution
Timeout Protection: Configurable timeouts per command
Audit Logging
All tool calls are logged with timestamps and duration
Security events (blocked commands, scope violations) are tracked
Rate limit violations are recorded
View logs via
vanguard_audit_stats
Safe Error Handling
Error messages are sanitized to prevent info leakage
Paths, IPs, and sensitive data are masked in error output
Stack traces are removed from user-facing errors
Architecture
mcp-vanguard/
├── src/
│ ├── index.ts # Entry point
│ ├── server.ts # MCP server + tool registration
│ ├── registry.ts # ToolRegistry (auto-discover, permissions)
│ ├── config.ts # Configuration + scope management
│ ├── types/
│ │ └── tool.ts # ToolDefinition interface
│ ├── executor/
│ │ ├── windows.ts # Windows executor (with allowlist)
│ │ └── wsl.ts # WSL bridge (with allowlist)
│ ├── tools/
│ │ ├── recon/ # 4 reconnaissance tools
│ │ ├── web/ # 10 web security tools
│ │ ├── network/ # 15 network/infrastructure tools
│ │ ├── osint/ # 15 OSINT tools
│ │ ├── exploit/ # 10 exploitation tools
│ │ ├── crypto/ # 8 password & crypto tools
│ │ ├── cloud/ # 8 cloud security tools
│ │ ├── container/ # 5 container security tools
│ │ ├── analysis/ # 9 analysis & reporting tools
│ │ └── utils/ # 5 utility tools
│ └── utils/
│ ├── cache.ts # Response caching
│ ├── rate-limiter.ts # Rate limiting
│ ├── sanitizer.ts # Input sanitization
│ ├── audit.ts # Audit logging
│ ├── safe-error.ts # Safe error handling
│ └── zod-to-json.ts # Zod schema → JSON Schema
├── tests/ # 178 Vitest tests
├── dist/ # Compiled output
└── package.jsonRequirements
Requirement | Version |
Node.js | 18+ |
TypeScript | 5.0+ (dev) |
Optional (for active scanning via WSL):
nmap, ffuf, nuclei, dig, john, enum4linux, smbclient, ldapsearch, ssh-audit, arp-scan, snmpwalk, cewl, searchsploit
Legal Disclaimer
WARNING: Unauthorized access to computer systems is illegal. This tool is for authorized security testing only. Always obtain proper written authorization before scanning any target. The authors accept no liability for misuse.
License
MIT License — see LICENSE for details.
Author
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/skyvanguard/mcp-vanguard'
If you have feedback or need assistance with the MCP directory API, please join our Discord server