Security MCP Repositories

Control Windows environments via a command-line interface with unrestricted access to files, processes, and system settings. Designed for environments where SYSTEM-level privileges are appropriate and security risks are managed.

Manage Palo Alto Networks firewall policies and configurations through a standardized interface. Integrate with the Palo Alto Networks API for querying and modifying security, NAT, and QoS rules.

Validates and filters prompts in LLM workflows to prevent security risks and unauthorized inputs. It checks incoming prompts against configurable NOVA rules, blocking those that match high-severity security patterns and providing structured logging for prompt security.

Tracks and manages security vulnerabilities with user-friendly interfaces and robust tracking features. Provides tools for vulnerability tracking, user management, and an admin dashboard for effective response to security threats.

Beelzebub is a honeypot framework that lets you build honeypot tools using MCP. Its purpose is to detect prompt injection or malicious agent behavior. The underlying idea is to provide the agent with tools it would never use in its normal work.

A deliberately vulnerable implementation of the Model Context Protocol (MCP) designed for security researchers to explore and learn about common vulnerabilities in AI/ML model serving systems, including issues like unsafe model deserialization and input injection.

Interact with Windows command-line functionality, execute commands, create projects, and retrieve system information with enhanced security protocols.

A Kali Linux environment tailored for penetration testing, enabling the execution of various security tools with a focus on command-based interactions. Simplifies security assessments through seamless integration of tools like Burp Suite and Metasploit, allowing direct execution without full command line interaction.

Integrates privateGPT with MCP-compatible applications, enabling secure management of knowledge sources and user interactions while leveraging advanced AI capabilities.

Integrates red-teaming, prompt auditing, and AI safety analysis for enhanced workflows. Facilitates real-time prompt risk analysis, adversarial prompt generation, and monitoring of LLMs.

Analyze binary files and manage functions and variables remotely using IDA Pro's headless mode. Provides tools for efficient remote operations through the Multi-Client Protocol.

Query the VirusTotal API for security analysis reports on URLs, files, IPs, and domains. Provides advanced threat intelligence capabilities with automatic relationship data retrieval and detailed analysis tools.

MCP server for Thales CDSP CAKM integration, enabling secure key management, cryptographic operations, and compliance monitoring through AI assistants for Ms SQL and Oracle Databases.

A native Model Context Protocol server for Ghidra. Includes GUI configuration and logging, 31 powerful tools and no external dependencies.

Integrates with the Have I Been Pwned API to verify if email addresses or passwords have been compromised in data breaches, providing detailed breach information and listing all known breaches.

Enables natural language exploration and analysis of cloud infrastructure data across multiple platforms, including AWS, Azure, and GCP. Facilitates security and compliance checks, cost optimization, and query development through SQL queries powered by AI.

Predicts and prevents messenger phishing attacks through AI-based analysis of chat content, providing real-time alerts to users when phishing is detected, aimed at reducing financial loss and personal data breaches.

Provides secure execution of shell commands only in specified directories while supporting multiple shells across platforms. It includes timeout control for executing commands safely and effectively.

Enables seamless YARA rule-based threat analysis and management for AI assistants, focusing on file analysis and standardized interactions for enhanced security in threat detection.

Provides access to Shodan's API for querying detailed information about internet-connected devices and services, enhancing cybersecurity research and threat intelligence. Features include host information retrieval, advanced search capabilities, network scanning, SSL certificate data, and IoT device searches.

Enables secure retrieval of credentials from a 1Password vault for use in AI agent workflows. Integrates 1Password data with Agentic AI to automate authentication and manage credentials seamlessly.

Enables natural language queries to analyze Active Directory and Azure Active Directory environments, allowing users to retrieve insights through conversational commands. Leverages Large Language Models to simplify complex query executions without writing Cypher queries manually.

Query and retrieve information on various adversarial tactics and techniques used in cyber attacks, accessing a comprehensive database to enhance understanding of security risks and adversary behaviors. Tools include querying ATT&CK techniques by their ID or performing fuzzy searches on technique names.

Execute Unix shell commands securely and efficiently while listing previous command executions and configuring allowed commands to enhance security. Integrate with applications to leverage shell capabilities without compromising safety.

Integrates with AWS Cognito for secure user authentication and management, facilitating workflows such as user sign-up, sign-in, password resets, and multi-factor authentication through a standardized MCP interface.

Perform network analysis and security assessments through NMAP by interacting with an AI assistant for network scanning operations.

MCP server for querying the ORKL API. This server provides tools for fetching threat reports, analyzing threat actors, and retrieving intelligence sources.

Reveal hidden relationships and attack paths in Active Directory environments using graph theory to identify complex attack paths. Provides insights for both red and blue teams to enhance security posture.

Execute terminal commands securely, manage file systems, and navigate directories through a standardized interface with built-in safeguards and command history tracking.

Access the OSV (Open Source Vulnerabilities) database for vulnerability information. Query vulnerabilities by package version or commit, batch query multiple packages, and get detailed vulnerability information by ID.