Skip to main content

Model Context Protocol (MCP) Server for External Attack Surface Management

Project description

ExternalAttacker MCP Server

ExternalAttacker-MCP

Model Context Protocol (MCP) Server for External Attack Surface Management

ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.

🔍 Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.

🔍 What is ExternalAttacker?

ExternalAttacker combines the power of:

  • Automated Scanning: Comprehensive toolset for external reconnaissance
  • Model Context Protocol (MCP): An open protocol for creating custom AI tools
  • Natural Language Processing: Convert plain English queries into scanning commands

📱 Community

Join our Telegram channel for updates, tips, and discussion:

✨ Features

  • Natural Language Interface: Run scans using plain English
  • Comprehensive Scanning Categories:
    • 🌐 Subdomain Discovery (subfinder)
    • 🔢 Port Scanning (naabu)
    • 🌍 HTTP Analysis (httpx)
    • 🛡️ CDN Detection (cdncheck)
    • 🔐 TLS Analysis (tlsx)
    • 📁 Directory Fuzzing (ffuf, gobuster)
    • 📝 DNS Enumeration (dnsx)

📋 Prerequisites

  • Python 3.8 or higher
  • Go (for installing tools)
  • MCP Client

🔧 Installation

  1. Clone this repository:

    git clone https://github.com/mordavid/ExternalAttacker-MCP.git
    cd ExternalAttacker
    
  2. Install Python dependencies:

    pip install -r requirements.txt
    
  3. Install required Go tools:

    go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
    go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
    go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
    go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest
    go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
    go install -v github.com/ffuf/ffuf@latest
    go install github.com/OJ/gobuster/v3@latest
    go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
    
  4. Run ExternalAttacker-App.py

    python ExternalAttacker-App.py
    # Access http://localhost:6991
    
  5. Configure the MCP Server

    "mcpServers": {
        "ExternalAttacker-MCP": {
            "command": "python",
            "args": [
                "<Your_Path>\\ExternalAttacker-MCP.py"
            ]
        }
    }
    

🚀 Usage

Example queries you can ask through the MCP:

  • "Scan example.com for subdomains"
  • "Check open ports on 192.168.1.1"
  • "Analyze HTTP services on test.com"
  • "Check if domain.com uses a CDN"
  • "Analyze SSL configuration of site.com"
  • "Fuzz endpoints on target.com"

📜 License

MIT License

🙏 Acknowledgments

  • The ProjectDiscovery team for their excellent security tools
  • The MCP community for advancing AI-powered tooling

Note: This is a security tool. Please use responsibly and only on systems you have permission to test.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file iflow_mcp_mordavid_externalattacker_mcp-1.0.0.tar.gz.

File metadata

  • Download URL: iflow_mcp_mordavid_externalattacker_mcp-1.0.0.tar.gz
  • Upload date:
  • Size: 961.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.0 {"installer":{"name":"uv","version":"0.10.0","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for iflow_mcp_mordavid_externalattacker_mcp-1.0.0.tar.gz
Algorithm Hash digest
SHA256 6f553f2e28bb1b1aeba3d6f879aaacb798478bb7cbea30933edd73e6d711f535
MD5 9190c5874d8cf89c1b61cc12e52edc79
BLAKE2b-256 436ca67ffee9df155d8f0acd29c39c029ddf3a6bb0ebf9e442d1819dd26a1bad

See more details on using hashes here.

File details

Details for the file iflow_mcp_mordavid_externalattacker_mcp-1.0.0-py3-none-any.whl.

File metadata

  • Download URL: iflow_mcp_mordavid_externalattacker_mcp-1.0.0-py3-none-any.whl
  • Upload date:
  • Size: 10.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.0 {"installer":{"name":"uv","version":"0.10.0","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for iflow_mcp_mordavid_externalattacker_mcp-1.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 db8185ceba46650c5d48ff7544d253566e5cba7a24e6f8edf352f09fe6692f33
MD5 e79c3c3ee98f1405f6c7bdd558081db0
BLAKE2b-256 d24487baa7dbedccda771b0ccdaab0fa5cd6d99e8530f77e2f1a763580b94347

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page