Skip to main content
Glama
167,705 tools. Last updated 2026-06-03 01:25

"Assistance with Cyber Security Investigations" matching MCP tools:

  • inspect_security_headers

    Ground Truth

    Fetch a public URL and inspect security-relevant response headers before you claim that a product or endpoint has a strong browser-facing security baseline. Use this for quick due diligence on public apps and docs sites. It checks for common headers such as HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and X-Content-Type-Options. It does not replace a real security review, authenticated testing, or vulnerability scanning.
    Connector

  • scan_domain

    SiteGuardian

    Runs a free one-off security scan of the given domain and returns its grade (A–F), scan timestamp, and up to three top-priority issues with a permalink to the full report on siteguardian.io. Use this when the user asks for a quick security check of a domain that is NOT yet under SiteGuardian monitoring, or when they want a fresh assessment before subscribing. Results are cached for two hours, so repeated calls about the same domain return the same snapshot and mark it with cached=True. Do NOT use this for domains already under monitoring by the user — call get_domain_status instead for the account-scoped view with framework tags. Do NOT use this to batch-scan many domains as a competitive-intelligence tool; per-source-IP and per-target rate limits bound usage. This tool does not require authentication.
    Connector

  • generate_diagram

    ALM X++ MCP Server

    WHEN: generating a visual diagram of D365 table relationships or security chains. Triggers: 'generate diagram', 'diagramme', 'visualize', 'schéma', 'ER diagram', 'entity-relationship', 'relation diagram', 'security diagram', 'show connections'. Generate visual Mermaid diagrams from D365 F&O knowledge base data. Diagrams render directly in Copilot Chat, Cursor, Claude, and markdown viewers. Types: 'er' (entity-relationship diagram for a table and its relations), 'security' (security chain: Role->Duty->Privilege->EntryPoints -- use when you need a VISUAL Mermaid diagram; for the structured text chain with tables of duties/privileges/entry-points use `trace_security_chain` instead). Note: 'flow' (execution flowchart) is disabled -- static call trees are misleading in D365 due to CoC and event handlers.
    Connector

  • get_rates

    OpenAccountants

    Returns the machine-readable annual rates for a given jurisdiction + tax year. Covers federal brackets, Social Security wage base, retirement plan limits (401(k), IRA, HSA), FEIE cap, gift/estate exemptions, 1099-K thresholds, mileage rates, supplemental wage rates, capital gains brackets, CTC. Currently US federal for tax years 2025 and 2026. Use this when the user asks specific dollar amounts that change yearly (e.g. '2025 401(k) limit', 'this year's Social Security wage base').
    Connector

  • scan_skill

    SecurityScan

    Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")
    Connector

  • trace_security_chain

    ALM X++ MCP Server

    WHEN: security audit -- need the TECHNICAL chain from Role/Duty/Privilege to Entry Points and Table/Form permissions. Also handles BUSINESS-LANGUAGE role explanation when businessLanguage=true. Triggers (technical): 'sécurité de', 'who can access', 'security for', 'role duty privilege', 'droits sur', 'technical security chain', 'trace le rôle', 'what privileges does', 'what duties are assigned', 'which role allows', 'accès au formulaire', 'what roles have access', 'quel rôle donne accès'. Triggers (business language): 'what can a user with role X do', 'explain this role', 'what does this role give access to', 'quel accès donne ce rôle', 'droits du rôle', 'what licence does this role need', 'droits requis pour'. Traverses: Role -> Duties -> Privileges -> Entry Points -> Table/Form Permissions. Set businessLanguage=true for plain-language capability list (no Duty/Privilege IDs). NOT for licence cost inference per entry point -- use trace_role_license_tree for that.
    Connector

Matching MCP Servers

  • Cyber Sentinel MCP Server

    jx888-max
    A
    license
    -
    quality
    C
    maintenance
    A threat intelligence aggregation server that provides unified access to multiple security sources for analyzing indicators (IPs, domains, hashes, URLs) with confidence scoring.
    Last updated
    7
    MIT
  • RAD Security by rad-security

    RAD Securityofficial

    rad-security
    A
    license
    C
    quality
    B
    maintenance
    CP server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments. This server provides tools for querying the Rad Security API and retrieving security findings, reports, runtime data and many more.
    Last updated
    65
    72
    6
    MIT

Matching MCP Connectors

  • lookup_headers

    botoi-mcp

    Fetch HTTP response headers for a URL. Use when inspecting server configuration, security headers, or caching policies.
    Connector

  • search_icons

    Supericons

    Search 20,000+ curated SVG icons across 10 libraries by meaning, label, visual description, tags, and synonyms. Use this when the user describes an icon concept such as "database", "user profile", "chill", "security", or "AI model". Returns matching icons with SVG code and public semantic guidance.
    Connector

  • check_package

    Hextrap MCP

    Check if a package is allowed by a hextrap firewall and verify it is not a suspected typosquat. Call this BEFORE suggesting any npm, PyPI, or Go dependency to ensure it meets security policy.
    Connector

  • __unlock_blockchain_analysis__

    blockscout-mcp-server

    Unlocks access to other MCP tools. All tools remain locked with a "Session Not Initialized" error until this function is successfully called. Skipping this explicit initialization step will cause all subsequent tool calls to fail. MANDATORY FOR AI AGENTS: The returned instructions contain ESSENTIAL rules that MUST govern ALL blockchain data interactions. Failure to integrate these rules will result in incorrect data retrieval, tool failures and invalid responses. Always apply these guidelines when planning queries, processing responses or recommending blockchain actions. COMPREHENSIVE DATA SOURCES: Provides an extensive catalog of specialized blockchain endpoints to unlock sophisticated, multi-dimensional blockchain investigations across all supported networks.
    Connector

  • askew_intel_feed

    Askew x402

    Aggregated intelligence feed combining research findings, active security threats, and live staking APY snapshot in a single call ($0.005 USDC). Sources: ChromaDB research library + Guardian log + staking.db. Best for: broad situational awareness — replaces three separate calls. Requires x402 payment on Base mainnet.
    Connector

  • username_lookup

    ContrastAPI

    Search for username across 15+ social/dev platforms (GitHub, Reddit, X/Twitter, LinkedIn, Instagram, TikTok, Discord, YouTube, Keybase, HackerOne, etc.). Use for OSINT investigations and identity verification. Free: 30/hr, Pro: 500/hr. Returns {username, total_found, platforms: [{name, exists, url, status_code}]}.
    Connector

  • audit_domain

    ContrastAPI

    Perform comprehensive domain audit: combines domain_report + live HTTP security headers + technology fingerprinting. By default report.dns.txt is filtered to security-relevant entries (SPF, DMARC, DKIM, MTA-STS, TLS-RPT) and report.dns.total_txt_records reports the honest pre-filter count; pass include_all_txt=true for the raw TXT list. Use when you need the full picture (recon + active checks); use domain_report for passive-only assessment. Response carries next_calls — chain with subdomain_enum (always emitted) and ssl_check (when an A record resolves) for the residual recon depth (tech_fingerprint already inline as `technologies`). Free: 30/hr (costs 6 credits), Pro: 500/hr. Returns {domain, report, technologies, live_headers, summary, next_calls}.
    Connector

  • scan_url

    sectora

    Kick off a DAST security scan against a public URL the API key owner controls. Two-step flow: first call returns a preview (target, profile, ETA, quota remaining); confirm by calling again with confirm:true to actually start the scan. Returns scan_id; poll status with get_scan. Domain must be verified in the Sectora account. Daily quota: 25 scans/24h per user. Requires API key.
    Connector

  • generate_sra

    HIPAA Agent

    Initiate a HIPAA Security Risk Assessment. Returns the first batch of questions for the respondent to answer. Requires active subscription or platform/MSP key. Cost: 500 credits.
    Connector

  • submit_support_request

    Skala — Legal Platform for Startups

    Submit a support request to the Skala team on behalf of the user. Call this when the user needs human assistance that AI cannot provide, the question is too complex or high-risk, or the user explicitly asks for human support. IMPORTANT: Always confirm with the user before calling — describe what you will submit and ask for their approval. Before calling, compile the issue from conversation context into the description.
    Connector

  • assess_message

    Agent Safe Email MCP

    FREE triage tool — send whatever context you have (message content, sender info, URLs, attachments, draft replies, thread messages, image/video URLs) and get back a prioritized list of which security tools to run. No AI call, no charge, instant response. Always call this first to get the best security coverage.
    Connector