MCP Catalogs
Home

mcp-security-hub

by FuzzingLabs·548·Score 54

A comprehensive collection of 38 production-ready MCP servers for offensive security tools including Nmap, Nuclei, SQLMap, and more.

securitydeveloper-toolsops-infra
76
Forks
6
Open issues
1 mo ago
Last commit
2d ago
Indexed

Overview

The mcp-security-hub project provides a well-organized collection of MCP (Model Context Protocol) servers specifically designed for security testing and penetration testing. Each server is Dockerized with security hardening measures including non-root execution, minimal base images, and resource constraints. The collection covers a wide range of security domains from reconnaissance to binary analysis, with 300+ tools accessible through natural language interfaces like Claude. The project features CI/CD pipelines with security scanning, health checks, and comprehensive documentation.

Try asking AI

After installing, here are 3 things you can ask your AI assistant:

you:AI assistants performing vulnerability scans on target systems
you:Automated security assessments through natural language commands
you:Binary analysis and reverse engineering for malware research

When to choose this

Choose this collection when you need access to a comprehensive suite of offensive security tools through AI assistants, particularly for penetration testing, vulnerability assessment, and security research.

When NOT to choose this

Don't choose this if you're looking for defensive security tools, or if your use case requires tools not covered by the current 38 MCP servers in the collection.

Tools this server exposes

12 tools extracted from the README
  • nmap_scan

    Port scanning, service detection, OS fingerprinting, NSE scripts

  • nuclei_scan

    Template-based vulnerability scanning with 8000+ templates

  • sqlmap_scan

    SQL injection detection and exploitation

  • disassemble

    Disassembly and decompilation of binary files

  • yara_scan

    Pattern matching for malware classification

  • analyze_capabilities

    Detect capabilities in executables

  • fuzz_contract

    Smart contract fuzzing for Solidity vulnerabilities

  • trivy_scan

    Container, filesystem, and IaC vulnerability scanning

  • secrets_scan

    Find secrets and credentials in git repos and files

  • search_exploit

    Search and retrieve exploits from Exploit-DB

  • analyze_ad

    Active Directory attack path analysis

  • crack_hash

    Crack hashes using various algorithms

Note: Tool names were inferred from server descriptions and usage examples since the README doesn't provide explicit tool lists with signatures. Many servers are described as 'wrappers' for other MCP servers.

Comparable tools

mcp-dnsmcp-networknmap-mcpnuclei-mcp

Installation

Installation

  1. Clone the repository:
git clone https://github.com/FuzzingLabs/mcp-security-hub
cd mcp-security-hub
  1. Build all MCP servers:
docker-compose build
  1. Start specific servers:
docker-compose up nmap-mcp nuclei-mcp -d
  1. For Claude Desktop, add to your config:
{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    }
  }
}

Compare mcp-security-hub with

mcp-security-hub vs mcp-server-chartmcp-security-hub vs everythingmcp-security-hub vs filesystemmcp-security-hub vs timemcp-security-hub vs sequentialthinking
GitHub →

Last updated · Auto-generated from public README + GitHub signals.