Passive external attack-surface mapping via MCP: Certificate Transparency subdomains, DNS, TLS, HTTP posture, RDAP/WHOIS, and Shodan. Authorized, defensive use only.
View on GitHub →
Try with Claude — $10 free →
Quick Install
Copy the config for your editor. Some servers may need additional setup — check the README.
Add to claude_desktop_config.json:
{
"mcpServers": {
"attack-surface-mcp-s": {
"command": "npx",
"args": [
"-y",
"cyanheads/attack-surface-mcp-server"
]
}
}
}
Run in terminal:
claude mcp add attack-surface-mcp-s npx -y cyanheads/attack-surface-mcp-server
Add to .cursor/mcp.json:
{
"mcpServers": {
"attack-surface-mcp-s": {
"command": "npx",
"args": [
"-y",
"cyanheads/attack-surface-mcp-server"
]
}
}
}
Topics
attack-surfacebuncertificate-transparencydnseasmmcpmcp-servermodel-context-protocolrdapreconnaissancesecurityshodansubdomain-enumerationtlstypescript