MCP.so
ログイン

Digital Infrastructure Exposure

@apifyforge

Digital Infrastructure Exposure について

**Digital infrastructure exposure reconnaissance** delivered as an MCP server — query it from Claude, Cursor, or any AI agent to assess any domain's attack surface in seconds.

基本情報

カテゴリ

クラウドとインフラ

ライセンス

MIT

公開者

apifyforge

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "digital-infrastructure-exposure-mcp": {
      "url": "https://ryanclinton--digital-infrastructure-exposure-mcp.apify.actor/mcp"
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Digital Infrastructure Exposure?

Digital Infrastructure Exposure is an MCP server that delivers passive reconnaissance on any domain's attack surface by orchestrating 8 data sources in parallel: WHOIS, DNS, certificate transparency logs, IP geolocation, technology stack detection, Censys, NVD CVEs, and the CISA Known Exploited Vulnerabilities catalog. It produces a composite Digital Exposure Score (0-100) with remediation recommendations for security teams, pentesters, and AI agents.

How to use Digital Infrastructure Exposure?

Add the server URL to any MCP-compatible client (Claude Desktop, Cursor, Windsurf) using the JSON configuration provided. Then ask your agent to audit a domain (e.g., full_exposure_audit for acmecorp.com), and the server returns a structured report in 30-90 seconds. Requires an Apify account and API token.

Key features of Digital Infrastructure Exposure

  • 8 passive data sources queried in parallel with Promise.all.
  • Composite Digital Exposure Score (0-100) with 5-level verdict labels.
  • Infrastructure Sprawl Index, Misconfiguration Detection, and HHI-based geographic scoring.
  • Technology-to-CVE pipeline cross-referenced with CISA KEV catalog.
  • Dangling CNAME detection for S3, Heroku, GitHub, Azure, and CloudFront.
  • NS redundancy check and domain expiry flagging within 60 days.
  • 8 MCP tools including full_exposure_audit, subdomain_discovery, and compare_org_exposure.

Use cases of Digital Infrastructure Exposure

  • Vendor and third-party risk management with quantified exposure scores.
  • Penetration testing OSINT phase with zero footprint and passive subdomain enumeration.
  • Cyber insurance underwriting and renewal with evidence of security posture.
  • Internal IT asset discovery and shadow IT detection via certificate transparency logs.
  • DNS and email security compliance auditing (SPF, DKIM, DMARC).
  • Mergers, acquisitions, and investment due diligence with structured exposure profiles.

FAQ from Digital Infrastructure Exposure

What data sources does Digital Infrastructure Exposure use?

It uses WHOIS, DNS records, crt.sh certificate transparency, IP geolocation, website tech stack detection, Censys internet-wide scanning, NVD CVE search, and CISA Known Exploited Vulnerabilities catalog.

Does this server actively scan target infrastructure?

No. All data is gathered from public registries, internet-wide scan indexes, and certificate transparency logs. No packets are sent to the target.

What runtime or dependencies are required?

You need an Apify account and API token. The server runs on Apify's platform and is accessed via an MCP-compatible client (e.g., Claude Desktop, Cursor, Windsurf).

How long does a full exposure audit take?

Most single-tool calls complete in under 45 seconds; full_exposure_audit typically returns in 60-90 seconds due to parallel queries across all 8 sources.

What transport and authentication are used?

The server exposes an MCP endpoint via HTTPS URL (https://ryanclinton--digital-infrastructure-exposure-mcp.apify.actor/mcp), requiring an Apify API token for access. It uses standard MCP protocol communication.

コメント

「クラウドとインフラ」の他のコンテンツ