Skip to main content
Glama
operantlabs

operant-mcp

Official
by operantlabs
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

recon_quick

Perform quick reconnaissance on web targets to identify robots.txt, security.txt, common directories, and response headers for security assessment and penetration testing.

Instructions

Quick reconnaissance: robots.txt, security.txt, common dirs, response headers. Returns robots_txt, security_txt, response_headers, accessible_directories, and error_page_snippet. Read-only, sends ~10 GET requests.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
targetYesTarget domain or URL, e.g. example.com or https://example.com

Implementation Reference

  • src/tools/recon.ts:14-77 (handler)
    Handler implementation and registration for 'recon_quick' tool in 'src/tools/recon.ts'
    export function register(server: McpServer): void {
  server.tool(
    "recon_quick",
    "Quick reconnaissance: robots.txt, security.txt, common dirs, response headers. Returns robots_txt, security_txt, response_headers, accessible_directories, and error_page_snippet. Read-only, sends ~10 GET requests.",
    {
      target: z
        .string()
        .describe("Target domain or URL, e.g. example.com or https://example.com"),
    },
    async ({ target }) => {
      requireTool("curl");

      // Normalize target
      const base = (target.startsWith("http") ? target : `https://${target}`).replace(/\/$/, "");

      // robots.txt
      const robots = await runCmd("curl", ["-sk", "-m", "10", `${base}/robots.txt`]);

      // security.txt
      const security = await runCmd("curl", ["-sk", "-m", "10", `${base}/.well-known/security.txt`]);

      // Response headers
      const headers = await runCmd("curl", [
        "-sk", "-D", "-", "-o", "/dev/null", "-m", "10", base,
      ]);

      // Common directories
      const commonDirs = [
        "/admin/", "/login/", "/api/", "/dashboard/",
        "/wp-admin/", "/.git/", "/.env", "/backup/",
        "/config/", "/images/", "/uploads/", "/swagger/",
      ];
      const dirResults: Array<{ path: string; status: number }> = [];
      for (const d of commonDirs) {
        const res = await runCmd("curl", [
          "-sk", "-o", "/dev/null", "-w", "%{http_code}",
          "-m", "5", `${base}${d}`,
        ]);
        const status = /^\d+$/.test(res.stdout) ? parseInt(res.stdout, 10) : 0;
        if (status !== 404) {
          dirResults.push({ path: d, status });
        }
      }

      // 404 page analysis
      const errorPage = await runCmd("curl", ["-sk", "-m", "10", `${base}/nonexistent_path_12345`]);

      const result = {
        robots_txt:
          robots.success && robots.stdout.includes("User-agent")
            ? robots.stdout.slice(0, 2000)
            : "Not found or empty",
        security_txt:
          security.success && security.stdout.length > 10
            ? security.stdout.slice(0, 2000)
            : "Not found or empty",
        response_headers: headers.stdout.slice(0, 2000),
        accessible_directories: dirResults,
        error_page_snippet: errorPage.stdout.slice(0, 1000),
      };

      return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
    }
  );
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/operantlabs/operant-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server