MCP.so
ログイン

ROADrecon MCP Server

@atomicchonk

ROADrecon MCP Server について

Claude MCP server to perform analysis on ROADrecon data

基本情報

カテゴリ

その他

ライセンス

MIT

ランタイム

python

トランスポート

stdio

公開者

atomicchonk

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "roadrecon-mcp-server": {
      "command": "python",
      "args": [
        "roadrecon_mcp_server.py"
      ]
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is ROADrecon MCP Server?

An MCP server that provides AI assistants like Claude with access to ROADRecon Azure AD data for security analysis. It acts as a bridge between an MCP-compatible client and a running ROADRecon web GUI instance.

How to use ROADrecon MCP Server?

Run the ROADRecon GUI (default at http://localhost:5000), then start the server with python roadrecon_mcp_server.py (optionally set ROADRECON_URL for a different address). Connect with Claude Desktop via Settings → Servers → Add Server → Add from running server.

Key features of ROADrecon MCP Server

  • Provides resources to access Azure AD data from a ROADRecon instance.
  • Offers tools for running security analysis on the data.
  • Includes pre‑built prompts for common security tasks.

Use cases of ROADrecon MCP Server

  • Analyze MFA status of users in an Azure AD tenant.
  • Find all users with privileged roles.
  • Check for applications with secrets or certificates.
  • Assess the overall security posture of an Azure AD environment.

FAQ from ROADrecon MCP Server

What does the server need to run?

Python 3.8+ and a running ROADRecon instance with the web GUI accessible. An MCP-compatible client (e.g., Claude Desktop) is required to use the server.

How do I specify a different ROADRecon URL?

Set the ROADRECON_URL environment variable before starting the server, for example: ROADRECON_URL=http://localhost:8080 python roadrecon_mcp_server.py.

What data does the server expose?

It exposes resources such as users, groups, applications, service principals, devices, MFA status, directory roles, role definitions, app roles, OAuth2 permission grants, tenant details, and summary statistics.

What tools are available for security analysis?

Tools include find_privileged_users(), analyze_mfa_status(), find_applications_with_secrets(), analyze_groups(), identify_stale_accounts(), analyze_pim_implementation(), analyze_service_principal_credentials(), analyze_legacy_authentication(), and analyze_conditional_access_policies().

How do I use pre‑built analysis prompts?

Prompts cover security posture, privileged access, application risks, identity security, stale accounts, privileged access management, service principal security, legacy authentication risks, conditional access, and a comprehensive security review. Claude can invoke these prompts when connected.

コメント

「その他」の他のコンテンツ