Security MCP Servers

(by Kevin Thomas) - An AI-driven MCP server that autonomously interfaces with MalwareBazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.

Redact sensitive information from your PDF documents before sending them to Claude. Masquerade serves as a privacy firewall for LLMs.

Screen individuals and organizations against global sanctions lists (OFAC, SDN, UN, etc). Query by prompt or document upload.

A Data Security First filesystem MCP server that implements .mcpignore to prevent MCP clients from accessing sensitive data.

List and analyze Netbird network peers, groups, policies, and more.

Interact with Okta API.

Interact with OpenCTI platform to retrieve threat intelligence data including reports, indicators, malware and threat actors.

MCP Server for OPNSense Firewall Management and API access

A MCP server for pinning GitHub Actions and container base images to their immutable SHA hashes to prevent supply chain attacks.

Privacy-first macOS MCP server that provides visual context for AI agents through window screenshots

Real-time Python package vulnerability scanner that checks dependencies against OSV and NVD databases, providing comprehensive security analysis with CVE details, lock file support, and actionable upgrade recommendations.

MCP server for integrating Ghidra with AI assistants. This plugin enables binary analysis, providing tools for function inspection, decompilation, memory exploration, and import/export analysis via the Model Context Protocol.

Security-focused MCP server that provides safety guidelines and content analysis for AI agents.

Claude MCP server to perform analysis on ROADrecon data

MCP server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.

MCP server for maigret, a powerful OSINT tool that collects user account information from various public sources. This server provides tools for searching usernames across social networks and analyzing URLs.

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

A Binary Ninja plugin, MCP server, and bridge that seamlessly integrates Binary Ninja with your favorite MCP client. It enables you to automate the process of performing binary analysis and reverse engineering.

MCP server for querying the ORKL API. This server provides tools for fetching threat reports, analyzing threat actors, and retrieving intelligence sources.