★ 0 stars
🤖 AI/LLM
Updated 5d ago
MCP server exposing 10 security scanners as Claude Code tools (ZAP, Nuclei, Semgrep, Gitleaks, Trivy, Nmap, sqlmap, Nikto, Subfinder, Burp Pro) with correlation, risk scoring, attack-chain analysis, SARIF/JUnit/HTML reports, and stdio + Streamable-HTTP transports.
View on GitHub →
Quick Install
Copy the config for your editor. Some servers may need additional setup — check the README.
Claude Desktop
Claude Code
Cursor
Add to claude_desktop_config.json:
{
"mcpServers": {
"security-mcp-server": {
"command": "npx",
"args": [
"-y",
"Bikebrainz/security-mcp-server"
]
}
}
}📋 Copy
Run in terminal:
claude mcp add security-mcp-server npx -y Bikebrainz/security-mcp-server📋 Copy
Add to .cursor/mcp.json:
{
"mcpServers": {
"security-mcp-server": {
"command": "npx",
"args": [
"-y",
"Bikebrainz/security-mcp-server"
]
}
}
}📋 Copy
README Excerpt
An MCP (Model Context Protocol) server that exposes a set of security scanners as tools an MCP client can call. Designed to run as a local stdio child process of an MCP-capable client (e.g. Claude Code), with an optional HTTP transport for cases where stdio isn't enough. This is v2.2. See `CHANGELOG.md` for the full evolution from the v1 archive
Tools (19)
burp_scan dependency_scan gitleaks nikto nikto_scan nmap nuclei nuclei_scan port_scan sast_scan secrets_scan semgrep sqli_scan sqlmap subdomain_scan subfinder trivy waiting_for_slot web_full_scan