38 #cybersecurity MCP Servers & Clients
Every MCP server and client below is tagged #cybersecurity — install one to give Claude, Cursor, VS Code, or any other MCP-compatible client access to cybersecurity tools.
すべて
Cloudsword
wgpsec
一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具
Pentest MCP: Professional Penetration Testing Toolkit
DMontgomery40
NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.
ZoomEye MCP Server
zoomeye-ai
A Model Context Protocol server that provides network asset information based on query conditions. This server allows LLMs to obtain network asset information and supports querying network asset information by zoomeye dork etc.
Panther MCP Server
panther-labs
Write detections, investigate alerts, and query logs from your favorite AI agents
ExploitDB MCP Server
Cyreslab-AI
ZAP-MCP: Model Context Protocol for OWASP ZAP
ajtazer
VIBE CODING 😈 lol
SchemaPin 🧷
ThirdKeyAI
The SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.
CyberMCP - Cybersecurity API Testing with MCP
ricauts
CyberMCP is a Model Context Protocol (MCP) server designed for testing backend APIs for security vulnerabilities. It provides a set of specialized tools and resources that can be used by LLMs to identify common security issues in APIs.
MCP Poisoning Attack - PoC
wbfoss
This repository demonstrates a variety of **MCP Poisoning Attacks** affecting real-world AI agent workflows.
NetworksDB-MCP
MorDavid
Fast MCP integration for NetworksDB API - Query IP addresses, organizations, ASNs, and DNS records using natural language through Model Context Protocol
Hejdar
ARKALDA
Hejdar MCP Server — runtime policy enforcement for AI agents
UpGuard CyberRisk MCP Server
leroylim
Node.js MCP server for UpGuard CyberRisk API integration. Provides comprehensive cybersecurity risk assessment tools with stateless HTTP transport, caching, and resilience patterns.
Winlog Mcp
XD3an
A Model Context Protocol (MCP) tool for retrieving and analyzing Windows event logs (e.g. Sysmon). WinLog-mcp provides programmatic access to ingest and query Windows event logs, making it ideal for security monitoring, incident response, and log analysis automation.
Mlab - IOC & Threat Intelligence
mlab-sh
Threat intelligence MCP server for SOC analysts, DFIR and security researchers. Scan and enrich IOCs directly from Claude, Cursor or any MCP client: IP addresses (IPv4/IPv6), domains, file hashes and blockchain addresses. Search CVEs by keyword, vendor or product, retrieve full C
Url Safety Validator Mcp
OjasKord
AI-powered URL safety checker for agents. Returns SAFE/SUSPICIOUS/DANGEROUS verdict using Google Web Risk and Google Safe Browsing before any agent fetches an untrusted URL.
Apviso MCP
apviso
MCP server for interacting with the APVISO AI-powered penetration testing platform from Claude Code, Cursor, Windsurf, Codex, and other MCP-compatible tools.
urlDNA
urldna
Scan and analyze potentially malicious URLs using the urlDNA
Kaspersky Opentip Mcp Server
KasperskyLab
Kaspersky OpenTIP Model Context Protocol Server
Zerotrusted.ai Pii Detection
www-zerotrusted-ai
A PII detection Agent which helps you detect PII entities in a given prompt.
Keyboardcrumbs Threat Intel
kbcrumbs
Live threat intelligence for Claude — check IPs, CVEs, KEV predictions, malware hashes, and pre-attack
Security Snapshot
Seiya-wasabi
An MCP server that gives Claude and other AI agents the ability to audit any public URL's HTTP security headers.
Model Context Protocol Server For Cyber Security
secmate-ai
Model Context Protocol Server For Cyber Security
CIRCL CVE SEARCH MCP Server
Cyreslab-AI
MCP server for CIRCL CVE Search API with intelligent risk assessment and comprehensive vulnerability analysis.
FalconFeeds MCP server
Technisanct
Connect real-time cybersecurity threat intelligence to your AI workflows through standardized tools and resources. Access comprehensive IOCs, CVEs, TTPs, and threat actor data from FalconFeeds.io with seamless integration across Claude Desktop, VS Code, and other MCP-enabled appl
Aynops
AynOps
A Model Context Protocol server that gives AI Clients real-time cybersecurity reconnaissance capabilities — WHOIS, DNS enumeration, port scanning, SSL inspection, CVE lookup, IP reputation, ASN lookup and more.
Kali MCP Server
cyberillo
A Python MCP Server that connects Large Language Models natively to a comprehensive suite of offensive security tools.
Contrastapi — Security Intelligence
UPinar
Security intelligence API for AI models. CVE lookup with EPSS/KEV enrichment, domain reconnaissance (DNS, WHOIS, SSL, subdomains, WAF detection), and code security checks (secrets, injection, headers). No API key required.
🙋♂️ Welcome
sivolko
This is curated list of Security tools' MCP server
Sentinelx402
splitfireai-hue
Real-time phishing detection, IP reputation, and CVE risk analysis API for AI agents. Powered by live threat feeds (OpenPhish, Feodo Tracker, URLhaus). Pay per request via x402 micropayments (USDC on Base). First 1,000 requests free, no signup required.
MCP Vulnerability Scanner
RobertoDure
A Model Context Protocol (MCP) server for scanning IP addresses for vulnerabilities. This server provides tools to perform security scanning on individual IPs or multiple IPs at once.
NOVA MCP lets you configure NOVA (the prompt pattern matching) as a guardrail for your AI system.
fr0gger
The NOVA MCP Security Gateway is a prompt-validation service that runs first in your Model Context Protocol (MCP) chain. It loads Nova rules (in .nov format), checks each incoming prompt against these rules, and blocks any that match high-severity security or jailbreak patterns.
RelayShield
nzdsf2-gif
RelayShield gives AI agents and developers real-time identity and infrastructure threat detection via a single REST API. Monitor breach exposure, SIM/eSIM swap attacks, and domain lookalikes. Install as a native MCP server for Claude Desktop and Claude Code in one line: pip insta
LiveDataLink
blackboxfoundry
LiveDataLink is a hosted MCP server giving AI agents 182 real-time data tools across 36 domains through a single Streamable HTTP endpoint. Coverage includes sanctions screening (OFAC + UN + EU + BIS DPL first-party indexed), SEC EDGAR, federal courts plus Caselaw Access Project,
Operant Mcp
operantlabs
Security testing MCP server with 51 tools across 19 modules. Covers SQL injection, XSS, command injection, SSRF, path traversal, PCAP forensics, memory forensics (Volatility), reconnaissance, malware analysis, CloudTrail analysis, and more. Includes 8 methodology prompts for guid
Dechonet Mcp
node-man
Domain security reconnaissance for AI agents — 13 tools (DNS, SSL, HTTP headers, email auth, port scan, ASN, RDAP) with a 0–100 Health Score. Free, no API key
Pentestmcp
RamKansal
pentestMCP: AI-Powered Penetration Testing via MCP
Netforensicmcp
kylecui
NetForensicMCP V2.1 is a Model Context Protocol (MCP) server designed to empower Large Language Models (LLMs) with advanced offline network traffic analysis and threat intelligence capabilities. Built on top of Wireshark's tshark, NetForensicMCP provides comprehensive PCAP analys
MCP Recon
sundayz-hunter
A comprehensive Model Context Protocol (MCP) server for web security reconnaissance and analysis.
Frequently asked questions
What is a #cybersecurity MCP server?
- An MCP server tagged #cybersecurity implements the Model Context Protocol so AI assistants like Claude, Cursor, and VS Code can access cybersecurity-related tools, data, or APIs.
How many #cybersecurity MCP servers and clients are there?
- mcp.so currently lists 38 MCP servers and clients tagged #cybersecurity.
How do I install a #cybersecurity MCP server?
- Open any server below and copy its install snippet into Claude Desktop, Cursor, VS Code, or another MCP client's configuration — remote servers need no separate download.