Contrastapi — Security Intelligence
@UPinar
关于 Contrastapi — Security Intelligence
Security intelligence API for AI models. CVE lookup with EPSS/KEV enrichment, domain reconnaissance (DNS, WHOIS, SSL, subdomains, WAF detection), and code security checks (secrets, injection, headers). No API key required.
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"contrastapi": {
"url": "https://mcp.contrastcyber.com/mcp"
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Contrastapi — Security Intelligence?
Contrastapi — Security Intelligence is an MCP server that provides security intelligence tools for AI agents, including vulnerability lookup, domain reconnaissance, secret detection, and more. It is designed for developers and security teams who want to integrate security checks into AI-driven workflows.
How to use Contrastapi — Security Intelligence?
Add the server to your MCP client configuration. No API key is required. The free tier allows up to 100 requests per hour.
Key features of Contrastapi — Security Intelligence
- Search 340,000+ vulnerabilities with EPSS exploit probability and CISA KEV status
- Full domain reconnaissance: DNS, WHOIS, SSL, subdomains, and WAF detection
- Secret detection for hardcoded API keys, tokens, and passwords (14 patterns)
- Injection detection for SQL, command, and path traversal patterns
- HTTP security header validation against best practices
- Dependency checking of packages against the CVE database
Use cases of Contrastapi — Security Intelligence
- Identify known vulnerabilities and exploit probability for CVEs
- Perform comprehensive domain security audits during incident response
- Scan codebases for accidental exposure of secrets before deployment
- Validate web application security headers for compliance
- Check third-party dependencies for known vulnerabilities
FAQ from Contrastapi — Security Intelligence
Does Contrastapi — Security Intelligence require an API key?
No, the server does not require an API key. It offers a free tier with 100 requests per hour.
How many vulnerabilities does the CVE lookup cover?
Over 340,000 vulnerabilities, with EPSS exploit probability and CISA KEV status included.
What patterns does secret detection support?
Secret detection covers 14 patterns for hardcoded API keys, tokens, and passwords.
Is domain report a single tool or multiple?
The domain report tool provides full reconnaissance including DNS, WHOIS, SSL, subdomains, and WAF detection in one call, while individual lookups for DNS, WHOIS, and SSL are also available separately.
开发工具 分类下的更多 MCP 服务器
Golf
golf-mcpProduction-Ready MCP Server Framework • Build, deploy & scale secure AI agent infrastructure • Includes Auth, Observability, Debugger, Telemetry & Runtime • Run real-world MCPs powering AI Agents
MCP server to deploy code to Google Cloud Run
GoogleCloudPlatformMCP server to deploy apps to Cloud Run
mcp-excalidraw
yctimlinMCP server and Claude Code skill for Excalidraw — programmatic canvas toolkit to create, edit, and export diagrams via AI agents with real-time canvas sync.
nuxt-mcp / vite-plugin-mcp
antfuMCP server helping models to understand your Vite/Nuxt app better.
Stakpak Agent CLI
stakpakShip your code, on autopilot. An open source agent that lives on your machines 24/7 and keeps your apps running. 🦀
评论