Skip to main content
Glama
255,062 tools. Last updated 2026-07-02 11:35

"Capture The Flag (CTF) cybersecurity competitions and challenges" matching MCP tools:

  • Looks up the Personal Year theme for the current calendar cycle from a name and birth date using only month and day inputs server-side. SECTION: WHAT THIS TOOL COVERS Endpoint returns Personal Year data derived from birth month/day against the running calendar year on the server — there is no extra year argument in the tool schema. Expected response keys (pending live confirmation): personal_year_number (int), theme (string), interpretation (string), advice (string), favorable_actions[] (string array), challenges[] (string array). asterwise_get_numerology_profile leaves personal_year null; use this tool when Personal Year detail is required. SECTION: WORKFLOW BEFORE: RECOMMENDED — asterwise_get_numerology_profile — see other core numbers first. AFTER: None. SECTION: INPUT CONTRACT Only name and date are submitted; the active calendar year is chosen upstream automatically. SECTION: OUTPUT CONTRACT personal_year_number (int) — expected theme (string) — expected interpretation (string) — expected advice (string) — expected favorable_actions[] (string array) — expected challenges[] (string array) — expected (Schema not yet confirmed from live response; fields above reflect tool design.) SECTION: RESPONSE FORMAT response_format=json serialises the complete response as indented JSON — use this for programmatic parsing, typed clients, and downstream tool chaining. response_format=markdown renders the same data as a human-readable report. Both modes return identical underlying data — no fields are added, removed, or filtered by either mode. SECTION: COMPUTE CLASS FAST_LOOKUP SECTION: ERROR CONTRACT INVALID_PARAMS (local — caught before upstream call): None — all validation is upstream. INVALID_PARAMS (upstream): — None — upstream rejection surfaces as MCP INTERNAL_ERROR at the tool layer. INTERNAL_ERROR: — Any upstream API failure or timeout → MCP INTERNAL_ERROR Edge cases: — Cannot request arbitrary calendar years via this tool — only the server-selected current year. SECTION: DO NOT CONFUSE WITH asterwise_get_numerology_profile — personal_year field there is null; this endpoint supplies the annual theme. asterwise_get_varshaphal — Vedic solar return, not Pythagorean Personal Year.
    Connector
  • Get Lenny Zeltser's cybersecurity-writing rating sheet(s) so your AI can apply the rubric. Returns the structured rubric (groups, items, scoring bands) WITHOUT computing a score. Use `rating_score_writing` if you also want a numeric score, gap analysis, or rubric-anchored feedback. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.
    Connector
  • Update an existing Blueprint's configuration in place. Only fields you pass are updated; fields you omit keep their current values. To clear a list field (e.g. remove all rules), pass an explicit empty list []. Existing API keys for this Blueprint are preserved — agents using those keys continue working after the update. Ownership stamps are also preserved; you cannot transfer Blueprint ownership. The workflow_name itself cannot be renamed. To rename, create a new Blueprint with the new name and delete the old one. Different from create_blueprint: create_blueprint creates a new Blueprint and mints a fresh API key. update_blueprint modifies an existing one and returns no new key. Args: api_key: GeodesicAI API key (starts with gai_) workflow_name: Name of the Blueprint to update (must already exist) customer_name: New customer/project name. Pass None to keep current. mode: "observe" or "enforce". Pass None to keep current. extracted_fields: New list of agent-extracted fields. Pass None to keep current; pass [] to clear. derived_fields: New list of platform-derived fields. None or []. derivation_rules: New list of derivation rules. See blueprint_guide prompt for schema. None or []. formal_constraints: New list of constraints. See blueprint_guide prompt for schema. None or []. semantic_checks: New list of semantic checks. None or []. require_math: Override math validation flag. None to keep current. require_consistency: Override consistency flag. None to keep. require_coherence: Override coherence flag. None to keep. require_provenance: Override provenance flag. None to keep. require_high_assurance: Override high-assurance flag. None to keep. enable_anomaly_detection: Override anomaly flag. None to keep. enable_drift_tracking: Override drift flag. None to keep. Returns: status: "ok" | "ERROR" blueprint: workflow_name that was updated fields_changed: list of config keys that were modified field_count: new total of extracted + derived fields rule_count: new total of derivation rules constraint_count: new total of formal constraints
    Connector
  • Search government contract awards by keyword, agency, and date range. keyword: Contract scope e.g. "cybersecurity software". agency: Awarding agency e.g. "Department of Defense". Optional. date_from: Earliest award date ISO 8601 e.g. "2024-01-31". Optional. jurisdiction: "US", "EU", or "UK". Default "US". Returns: award amounts, recipient vendors, NAICS codes, award dates. Use govcon_fetch_vendor_contract_history for all contracts by a specific vendor. Use govcon_fetch_open_solicitations for active bids, not past awards. Source: USASpending.gov + SAM.gov. 4-hour cache. Example: search_contract_awards(keyword="cybersecurity software", agency="Department of Defense")
    Connector
  • Finalize and issue a certificate order in one call: validates the DNS challenges, waits for Let's Encrypt, and returns the issued cert. Step 3 of issuance - call after check_certificate_propagation reports all_found. STRONGLY PREFER passing csr_pem (generate the key + CSR locally with openssl so the private key never leaves the machine). Returns leaf_pem/chain_pem/fullchain_pem. If you must, pass a passphrase instead to get a PKCS#12 bundle - but a CSR is safer. If it replies "still validating", DNS hasn't fully propagated: re-check check_certificate_propagation and call again. Needs a locally-generated CSR (csr_pem) - requires a local shell with openssl. On a surface without one (e.g. a Claude.ai custom connector) this can't complete; it returns guidance to finish in Claude Code/Cowork or the web form. Scanning and monitoring work everywhere. On success the structuredContent carries a `handoff` object - relay `handoff.message` to the user and do NOT separately call add_monitor; the cert→monitoring handoff is automatic and server-side.
    Connector
  • Front-run protection for any sensitive tx (a puzzle/CTF/bounty claim, a large approval revoke, a first-touch interaction, an NFT mint): submit a LOCALLY-signed raw transaction and we forward it only to private block builders (Flashbots, Titan) + our own rbuilder — NEVER the public mempool. You keep custody (only signed bytes leave your machine; any change breaks the signature). view="info" returns the builder set + price + caveats; view="inspect" with raw_tx decodes/validates the signed tx and previews its target builders WITHOUT relaying (free, so you can confirm before paying). The paid relay itself is POST /v1/premium/private-relay via x402.
    Connector

Matching MCP Servers

  • A
    license
    A
    quality
    C
    maintenance
    Enables human-in-the-loop interaction for AI coding workflows through native desktop dialogs that present route choices, text input, and image annotation capabilities when AI assistants encounter decision points.
    Last updated
    1
    2
    MIT
  • A
    license
    -
    quality
    -
    maintenance
    Exposes common CTF and cybersecurity tools (crypto, forensics, malware analysis, steganography, reverse engineering, pwn, OSINT) so LLMs can help solve capture-the-flag challenges in a controlled lab environment.
    Last updated

Matching MCP Connectors

  • Fetch one citation record by its Open Citation Identifier (OCI — a compound ID of the form citing-DOI__cited-DOI). Returns citing/cited DOI pair, creation date, and journal self-citation flag. Use `citations` or `references` instead when you only have a DOI.
    Connector
  • List all CV versions for the authenticated user. Returns an array of version objects with id, filename, created_at, and main_version flag. Use the version id as cv_version_id in ceevee_analyze_positioning, ceevee_full_review, ceevee_confirm_lens, and ceevee_chat. Free.
    Connector
  • Fetches condensed lucky-number guidance for a name and birth date including primary and secondary picks, power number, interpretation, and a date_specific flag. SECTION: WHAT THIS TOOL COVERS Thin numerology endpoint mirroring lucky_numbers[] from the full profile but omitting pinnacles, challenges, and long interpretations. data.date_specific is always false (profile-derived). Use when payload size matters. It is not the full profile (asterwise_get_numerology_profile) nor Lo Shu counts (asterwise_get_lo_shu_grid). SECTION: WORKFLOW BEFORE: None — standalone. AFTER: asterwise_get_numerology_profile — if deeper context is required. SECTION: INPUT CONTRACT name and date forwarded upstream without local checks. SECTION: OUTPUT CONTRACT data.lucky_numbers[] (int array — primary and secondary values) data.power_number (int — Life Path anchor) data.date_specific (bool — always false; derived from profile) data.interpretation (string) SECTION: RESPONSE FORMAT response_format=json serialises the complete response as indented JSON — use this for programmatic parsing, typed clients, and downstream tool chaining. response_format=markdown renders the same data as a human-readable report. Both modes return identical underlying data — no fields are added, removed, or filtered by either mode. SECTION: COMPUTE CLASS FAST_LOOKUP SECTION: ERROR CONTRACT INVALID_PARAMS (local — caught before upstream call): None — all validation is upstream. INVALID_PARAMS (upstream): — None — upstream rejection surfaces as MCP INTERNAL_ERROR at the tool layer. INTERNAL_ERROR: — Any upstream API failure or timeout → MCP INTERNAL_ERROR Edge cases: — Duplicates asterwise_get_numerology_profile lucky list — choose this tool for smaller JSON only. SECTION: DO NOT CONFUSE WITH asterwise_get_numerology_profile — full multi-section profile, not lucky-number-only payload. asterwise_get_number_meaning — dictionary entry for one integer, not personalised lucky sets.
    Connector
  • [BROWSE] List open design briefs, creative challenges and collaboration requests posted by brands seeking designers and creators. These are NOT products for sale. Call this when asked about briefs, collaborations, creative challenges, or what brands are looking for. Returns brief title, brand name, description, and brief ID. Use a brief ID with submit_design to respond. To see products for sale, use list_drops instead.
    Connector
  • [BROWSE] List open design briefs, creative challenges and collaboration requests posted by brands seeking designers and creators. These are NOT products for sale. Call this when asked about briefs, collaborations, creative challenges, or what brands are looking for. Returns brief title, brand name, description, and brief ID. Use a brief ID with submit_design to respond. To see products for sale, use list_drops instead.
    Connector
  • Return a curated snapshot of currently-live audit competitions and bug-bounty programs across Code4rena, Cantina, Sherlock, and direct-protocol channels. Useful for solo wardens triaging which contests to enter. Snapshot updates with each cipher-x402-mcp release; treat the data as a hint, always cross-check the platform before submitting. Free, no payment required.
    Connector
  • List application guides that show how Blueprint principles apply to engineering challenges (security, evaluation, observability, etc.). Use this to discover which guides exist before drilling in. Prefer guides.search when the user describes a topic or failure mode in natural language. Prefer guides.get when you already know the guide slug and need full detail.
    Connector
  • USE WHEN you have a specific operatorId + capability and want the full machine-readable profile (inputs, outputs, pricing, approval-required flag, endpoint). Pre-flight check before chieflab_create_work_request.
    Connector
  • Compare two periods of journal-entry data (QBO or Xero — source auto-detected from headers) and flag accounts whose movement deviates materially between periods. Aggregates lines per account into a net total for each period, then surfaces accounts where the period-over-period change crosses a materiality threshold (≥5% relative AND ≥$100 absolute; severity high at ≥50%, medium at ≥20%, low at ≥5%). Inputs are two CSV exports — periodACsv (earlier period) and periodBCsv (later period). Optional periodALabel / periodBLabel for human-readable flag messages (e.g. "Q1 FY2024" vs "Q2 FY2024"). Max 5,000 rows per period; max 5 MB each. Use this when a user pastes two periods and asks "what changed?", "show me variances", "what jumped period-over-period". Returns a flag list ordered by largest delta, a roll-up, and a shareable URL. Both periods must be the same source — mixing QBO + Xero in one call returns an error.
    Connector
  • Read community check-ins and comments for one Open Charge Map station — the real-world reliability signal beyond the operator-reported registry status. Returns user comments and fault reports with ratings and dates, alongside the station's current registry status and last-verified date so you can flag mismatches like "listed operational, but the last few check-ins report a fault." Obtain a station ID from openchargemap_find_stations.
    Connector
  • Quick-capture a task or improvement idea into a project. Creates a backlog task with priority 4 (low) and auto-adds the "suggestion" tag. Resolves project by slug (falls back to the default project). Lightweight alternative to goal-create when you need minimal ceremony.
    Connector
  • Use this tool when you need to decide whether a token contract is safe before executing a trade or listing it. Input the contract address and chain. Returns a SAFE/CAUTION/AVOID verdict, risk score (0–100), deployer wallet age, LP lock status, and top-10 holder concentration — so you can reject dangerous tokens before committing funds. For Pump.fun tokens use check_pump_token (faster). For sub-3s bulk screening use check_token_safety_lite. Example input: {"contractAddress":"0x4ed4e862860bed51a9570b96d89af5e1b0efefed","chainId":"base"} Example output shape: {"riskScore":12,"recommendation":"SAFE","confidence":"HIGH","checks":{"deployer":{"walletAgeDays":421,"flag":"OK"},"liquidity":{"lpLocked":true,"flag":"OK"},"holders":{"top10Concentration":18.4,"flag":"OK"}},"processingMs":840}
    Connector
  • Get Lenny Zeltser's scoring playbook so your AI can score a draft locally against a cybersecurity-writing rating sheet. THIS IS THE ONLY TOOL THAT PRODUCES NUMERIC SCORES — the writing-coach tools (`get_security_writing_guidelines`, `ir_*`, `product_*`) never score. Returns the rubric plus step-by-step instructions for applying it. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.
    Connector
  • Load Lenny Zeltser's complete cybersecurity-writing rating toolkit: all 7 sheets, scoring policy, scoring playbook, and cross-references to the writing guidelines. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.
    Connector