mcp-security-hub

概述

mcp-security-hub 项目提供了一个精心组织的 MCP 服务器集合，专门用于安全测试和渗透测试。每个服务器都经过容器化处理，并实施了安全加固措施，包括非root执行、最小基础镜像和资源限制。该集合涵盖从侦察到二进制分析的广泛安全领域，通过 Claude 等自然语言界面可访问 300 多种工具。项目包含带安全扫描的健康检查和全面文档的 CI/CD 流水线。

试试问 AI

装完之后，这里有 3 个你可以让 AI 做的事：

• nmap_scan

  Port scanning, service detection, OS fingerprinting, NSE scripts

  试试:Scan 192.168.1.0/24 for web servers试试:Identify services on port 8080
• nuclei_scan

  Template-based vulnerability scanning with 8000+ templates

  试试:Check example.com for SQL injection vulnerabilities试试:Scan for exposed AWS keys
• sqlmap_scan

  SQL injection detection and exploitation

  试试:Test login form for SQL injection试试:Extract database from vulnerable endpoint
• disassemble

  Disassembly and decompilation of binary files

  试试:Decompile this Windows executable试试:Analyze the assembly code of this firmware
• yara_scan

  Pattern matching for malware classification

  试试:Scan this file for known malware patterns试试:Create YARA rule for this suspicious binary
• analyze_capabilities

  Detect capabilities in executables

  试试:What capabilities does this executable have?试试:Identify network features in this binary
• fuzz_contract

  Smart contract fuzzing for Solidity vulnerabilities

  试试:Fuzz this DeFi contract for reentrancy试试:Test this token contract for overflow
• trivy_scan

  Container, filesystem, and IaC vulnerability scanning

  试试:Scan this Docker image for vulnerabilities试试:Analyze Terraform code for security issues
• secrets_scan

  Find secrets and credentials in git repos and files

  试试:Scan this repository for exposed API keys试试:Find hardcoded credentials in this codebase
• search_exploit

  Search and retrieve exploits from Exploit-DB

  试试:Find exploits for this software version试试:Retrieve public exploits for this CVE
• analyze_ad

  Active Directory attack path analysis

  试试:Map attack paths in this Active Directory试试:Identify high-value targets in AD
• crack_hash

  Crack hashes using various algorithms

  试试:Crack this MD5 hash试试:Identify the algorithm for this hash

说明：Tool names were inferred from server descriptions and usage examples since the README doesn't provide explicit tool lists with signatures. Many servers are described as 'wrappers' for other MCP servers.

可对比工具

安装

git clone https://github.com/FuzzingLabs/mcp-security-hub
cd mcp-security-hub

docker-compose build

docker-compose up nmap-mcp nuclei-mcp -d

{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    }
  }
}

mcp-security-hub 对比