Security

Access your team's 2FA codes from AI agents without sharing secrets. List accounts, generate TOTP codes, and maintain full audit trails. Built for DevOps, CI/CD pipelines, and automated workflows that need to authenticate to protected services.

Provides a bridge for scripts and AI agents to interact with a self-hosted Vaultwarden instance.

This is an enhanced MCP (Model Context Protocol) server that provides xray vulnerability scanning capabilities for ModelScope hosting.

Connects AI agents with the CrowdStrike Falcon platform for intelligent security analysis, providing programmatic access to detections, incidents, behaviors, threat intelligence, hosts, vulnerabilities, and identity protection capabilities.

Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming less resources than similar tools. As of version 0.11.0, Legba supports being used by an AI as an MCP server, refer to the documentation on how to configure it.

高精度内容安全风控产品 一款基于 Agentic AI 技术构建的高精度内容安全风控产品，让开发者在 10 分钟内保护您的 AI 应用程序。

A reference implementation of the SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.

AlienVault/USM Anywhere MCP Server - Threat intelligence and security monitoring

Desktop app that automatically scans and blocks malicious MCP traffic in AI apps like Cursor, Claude, VS Code and Windsurf.

Create an MCP server for any command

Conversational cloud security compliance auditing. MCP server enabling natural language queries about AWS security posture via Claude and other AI assistants.

A Model Context Protocol (MCP) server that generates random passwords with different character sets.

MCP server for grype

Mirror of

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations.

MCP Server for Panther

Research project by

All-in-one offensive security toolbox with AI agent and MCP architecture. Integrates tools like Nmap, Metasploit, FFUF, SQLMap. Enables pentesting, bug bounty hunting, threat hunting, and reporting. RAG-based responses with local knowledge base support.

Servidor MCP para ciberseguridad en Windows. Expone herramientas defensivas como APIs HTTP listas para ser usadas por agentes IA, Claude Desktop o scripts personalizados. Fácil de integrar, extensible y listo para automatizar tu defensa digital.

Protect any MCP server from malicious entities and confidential PII.

Repository for creating an automatic pentesting agent using MCP servers.

MCP servers for automated penetration testing and OSINT.

Mirror of

A standardized security evaluation framework for MCP servers, including assessment templates and an automated vulnerability scanner. This registry helps developers identify secure implementations for AI applications and promotes best practices across the MCP ecosystem.

vulnerable MCP server example

This is curated list of Security tools' MCP server

Anthropic MCP servers to enable AI agent integration and autonomous defense for Check Point firewalls, endpoint, and more.

A comprehensive, intelligent, easy-to-use, and lightweight AI Infrastructure Vulnerability Assessment and MCP Server Security Analysis Tool.

MCP-security-scan: Security scanner for Model Context Protocol servers and tools

An exploration of common MCP server vulnerabilities, along with a deep dive into MCP server prompt injection (+demonstrations for each!).

A secure MCP (Model Context Protocol) server that enables AI agents to interact with the Authenticator App.

A deliberately vulnerable MCP server demonstrating command injection flaws. This Python implementation shows how lack of input sanitization in file paths leads to critical security vulnerabilities allowing attackers to execute arbitrary commands. For educational purposes only - demonstrates both the vulnerability and proper security practices.

A Model Context Protocol (MCP) server designed to connect to a CCTV recording program (VMS) to retrieve recorded and live video streams. It also provides tools to control the VMS software, such as showing live or playback dialogs for specific channels at specified times.

Damn Vulnerable MCP Server

A Model Context Protocol (MCP) server for scanning IP addresses for vulnerabilities. This server provides tools to perform security scanning on individual IPs or multiple IPs at once.

A Nuclei security scanning server based on MCP (Model Control Protocol), providing convenient vulnerability scanning services.一个基于 MCP (Model Control Protocol) 的 Nuclei 安全扫描服务器，提供便捷的漏洞扫描服务。

Security scanner for MCP servers

This repository demonstrates a security vulnerability in MCP (Model Context Protocol ) servers that allows for remote code execution and data exfiltration through tool poisoning.

ClamAV MCP Server to scan files for viruses

A web3 security mcp server for users

A security scanner for your LLM agentic workflows

A Python toolkit providing security checks for domains, URLs, IPs, and more. Integrate easily into any Python application, use via terminal CLI, or run as an MCP server to enrich LLM context with real-time threat insights.

MySSL MCP Server

Mcp services by marshal

MCP Server for using Garak LLM vulnerability scanner

Security scanner for MCP servers

Vulnerable MCP Server

Windows Hardening MCP Server

Secure Ssh Mcp - Allow AI Agent to perform Server Ops without exposing your Keys

Model Context Protocol (MCP) Server for HashiCorp Vault secret management

Arcjet Model Context Protocol (MCP) server. Help your AI agents implement bot detection, rate limiting, email validation, attack protection, data redaction.

A security scanning tool for MCP servers

MCP Security Playground - Hack with MCP Servers, MCP Clients. Try out different vulnerabilities and abuse LLMs and agents in a UI friendly experimentation lab

🔥🔒 Awesome MCP (Model Context Protocol) Security 🖥️

All-in-one security testing toolbox that brings together popular open source tools through a single MCP interface. Connected to an AI agent, it enables tasks like pentesting, bug bounty hunting, threat hunting, and more.

NOT for educational purposes: An MCP server for professional penetration testers including nmap, go/dirbuster, nikto, JtR, wordlist building, and more.

A shield for logging, deep debug and sanitization for MCP servers at development stage

🔒 Reference MCP servers that demo how authentication works with the current Model Context Protocol spec.

NOT for educational purposes: An MCP server for professional penetration testers including nmap, go/dirbuster, nikto, JtR, wordlist building, and more.

Rad Security MCP Server

Authentication and Authorization Proxy for MCP Servers

This MCP server uses mobsf api's to scan and analyze the apk and ipa files.

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

An Agentic MCP server sshclient

Asterisk Model Context Protocol (MCP) server.

Metasploit MCP Server

GUARDRAIL - MCP Security - Gateway for Unified Access, Resource Delegation, and Risk-Attenuating Information Limits

MCP Server for Snyk Security Scanning

A powerful MCP (Model Context Protocol) Server that audits npm package dependencies for security vulnerabilities. Built with remote npm registry integration for real-time security checks.

Mirror of

A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface.

A standalone Snyk server for Model Context Protocol (MCP)