How do I use mcp-noctua?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@mcp-noctua scan example.com for vulnerabilities" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

mcp-noctua

by NeveuGregor

Overview Schema Related Servers Score Discussions

Python

Local

mcp-noctua

🇬🇧 English · 🇫🇷 Français

An MCP server (stdio) that exposes a pentest toolbox to a strong LLM orchestrator (Claude Code, interactive), to run authorized security audits.

A clean rewrite inspired by the Darkmoon MCP (GPL v3) with no code copied → CeCILL-B license, zero GPL debt. What's reused is the toolbox (sqlmap, nuclei, ffuf, httpx, naabu, katana, whatweb…); the fragile orchestration (opencode + local model) is dropped and replaced by a strong brain that verifies.

Architecture

[Claude Code] --stdio--> [mcp-noctua (host)] --docker.sock--> [darkmoon container = toolbox]
   (the brain)             (controlled gateway)               (sqlmap, nuclei, ffuf…)

mcp-noctua reuses the darkmoon container (ascit/darkmoon:latest) as its toolbox, invoking it via docker.sock. Invoking tools inside a container is not a derivative work → no license concern. The container is kept alive; noctua starts it if it's stopped before a run.

Related MCP server: Kali MCP Server

Exposed MCP tools

Tool	Role
`run_tool(command, timeout?)`	Run a whitelisted tool in the toolbox.
`web_crawl(url, depth?, timeout?)`	Bounded crawl (katana).
`port_scan(target, ...)`	naabu + httpx, bounded.
`vuln_scan(url, tags?)`	nuclei, bounded.
`list_tools()`	Tools available in the toolbox.
`health()`	Toolbox container state (running / started / not found).

Guard-rails

Strict allow-list of tools; dangerous patterns blocked (rm -rf, fork bomb, exfil…).
A timeout that actually kills the process inside the toolbox (fixes the Darkmoon flaw).
Authorized testing only; the operator validates every target.

Configuration (`.env`)

See .env.example. Keys: DOCKER_CONTAINER_NAME, NOCTUA_TIMEOUT, NOCTUA_REPORTS_DIR, NOCTUA_COMPOSE_DIR, DEBUG.

Install

git clone https://github.com/NeveuGregor/mcp-noctua.git
cd mcp-noctua
python3 -m venv venv && source venv/bin/activate
pip install -e ".[dev]"
cp .env.example .env   # adjust as needed
pytest

License

CeCILL-B — see LICENSE.

This server cannot be installed

license - not found

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

1Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
OpenAI
open source
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/NeveuGregor/mcp-noctua'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

mcp-noctua

Architecture

Exposed MCP tools

Guard-rails

Configuration (.env)

Install

License

Maintenance

Resources

Looking for Admin?

Latest Blog Posts

MCP directory API

Configuration (`.env`)