Security MCP Repositories

推理算法助手 is a tool designed for cryptanalysis that quickly identifies and infers the types of encryption algorithms used in encrypted data, attempting to decrypt plaintext. It supports various encryption modes and provides an intuitive interface for security research and data recovery.

Access Shodan and VirusTotal APIs to perform network intelligence tasks, including host lookups, vulnerability analysis, and network scanning. Utilize a collection of integrated tools and prompt templates aimed at enhancing cybersecurity operations.

Processes secure payments during voice calls using the Twilio API, capturing payment information while ensuring PCI compliance. Features include asynchronous callbacks, guided workflows, and secure credential handling.

CyberMCP tests backend APIs for security vulnerabilities using specialized tools. It identifies common security issues such as injection flaws, data leakage, and authentication vulnerabilities, while providing resources for comprehensive security assessments.

NmapMCP is a tool that allows users to perform various types of network scans, helping to identify open ports and discover associated subdomains. It is integrated with the Model Context Protocol for easy use in different applications.

MCP Server for managing & interacting with Open Source NGFW OPNSense via Natural Language

Execute system commands securely with a focus on user confirmation, input validation, and audit logging to ensure safe command usage. Integration with LLM applications enables controlled command execution with a whitelist approach.

Provides real-time security diagnostics and code analysis by integrating vulnerability scanning for open source dependencies, infrastructure as code, and code quality/security issues. It enhances development workflows with authentication, progress reporting, and trusted folder management for effective vulnerability management.

Connect to the Dynatrace observability platform to retrieve real-time observability data, including production problems, security vulnerabilities, logs, and events. Utilize natural language queries to automate notifications and integrate monitoring within development workflows.

Facilitates interaction with Metasploit Framework capabilities for AI agents, enabling listing of exploits, generation of payloads, and session management. Aids in automating security testing processes through command execution.

Interact with product security findings using natural language to query SAST issues, secrets, and patches directly in AI-assisted tools, streamlining security context management without the need for dashboards or manual ticket triage.

Provides real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and techniques. Connects agents to a comprehensive source of cyber-relevant entities and content.

Access Shodan's network intelligence and security services to query detailed information about IP addresses, perform DNS lookups, and track vulnerabilities.

Generates cryptographic keys, derives shared secrets, and encrypts or decrypts messages. Facilitates secure communication for applications requiring cryptographic capabilities.

Expose multiple AI tools over an SSE transport with secure JWT-based authentication, enabling dynamic tool registration and session management.

A Rust-based MCP server to integrate TheHive, facilitating collaborative security incident response and case management via AI.

Solvitor MCP server provides tools to access reverse engineering tools that help developers extract IDL files from closed-source Solana smart contracts and decompile them.

Provides AI-powered security insights focused on Kubernetes and cloud environments, enabling monitoring, analysis, and securing of infrastructure with detailed visibility and actionable findings.

Manage Microsoft 365 services, including distribution lists, security groups, and user settings while automating offboarding processes to ensure security and compliance. The server enhances Entra ID management with tools for roles, application registrations, devices, and service principals, along with improved HTTP streaming capabilities.

Demonstrates security vulnerabilities in MCP servers by exposing insecure tools for educational purposes. Showcases common attack vectors like SQL injection and arbitrary SQL execution, facilitating an understanding of risks and mitigation strategies.

Execute Unix/macOS terminal commands through a secure interface with interactive permission management and comprehensive command filtering. Ensures safe operations by classifying commands based on their impact and required approvals.

This utility refines configuration directives for proxy clients, focusing on enhancing connection performance and simplifying management. It supplies pre-sorted rule sets, notably incorporating specific directives tailored for services such as Microsoft products. Security, in this context, involves safeguarding connection integrity and resilience against unauthorized access or performance degradation, mirroring the broader concept of protection from hostile digital forces.

Check and revoke ERC-20 token allowances, manage token approvals across multiple chains, and monitor token permissions for enhanced wallet security.

Query the Shodan API and Shodan CVEDB for network intelligence, including IP reconnaissance, DNS operations, vulnerability tracking, and device discovery. Outputs are structured and formatted for easy analysis and integration.

Store API keys securely in the macOS Keychain and access them through a consistent interface. Provides a centralized solution for managing sensitive credentials across projects, enabling retrieval using natural language commands.

Execute controlled command-line operations with features for command whitelisting, path validation, and execution controls to ensure secure operation.

Automatically approves specified MCP tools in Claude Desktop by injecting JavaScript, enabling granular control of tool access without altering the app itself. Provides options for permanent approvals and per-chat tool decisions while maintaining security measures.

Tracks historical changes of Twitter usernames to identify potential scam risks from frequent changes. Retrieve username change histories by providing a current Twitter handle.

A privacy-preserving server that simplifies AI model interactions with filesystems through an intuitive API, ensuring sensitive paths remain concealed while providing efficient file operations. Supports streamlined directory listings and complex file searches with minimized functions.

Integrate with the Rhombus API to access and manage security data and services through conversational agents. Enable features like monitoring smart cameras, controlling access systems, and managing IoT sensors via chat interfaces.