FofaMap

v1.0.0Securitystable

FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA 数据采集、存活检测、统计聚合、图标 Hash 及批量查询等核心功能的基础上,2.0 版本原生支持 MCP 协议,可无缝接入 Cursor、Claude 等 AI 平台。其核心内置了 AI 自我反思机制,能根据查询结果自动调优语法,并智能联动 Nuclei 推荐精准扫描策略,实现从“被动采集”到“主动智能决策”的红队作业进化。

ai-agentasset-mappingfofa-apifofamapinformation-gathering-tools
Share:
666
Stars
0
Downloads
0
Weekly
0/5

What is FofaMap?

FofaMap is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to fofamap v2.0 是一款基于 python3 开发的全网首个 ai 驱动红队资产测绘智能体。在延续原有 fofa 数据采集、存活检测、统计聚合、图标 hash 及批量查询等核心功能的基础上,2.0 版本原生支持 mcp 协议,可无缝接入 cursor、claude 等 ai 平台。其核心内置了 ai 自我反思机制,能根据查询结果自动调优语法,并智能联动 nuclei 推荐精准扫描策略,实现...

FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA 数据采集、存活检测、统计聚合、图标 Hash 及批量查询等核心功能的基础上,2.0 版本原生支持 MCP 协议,可无缝接入 Cursor、Claude 等 AI 平台。其核心内置了 AI 自我反思机制,能根据查询结果自动调优语法,并智能联动 Nuclei 推荐精准扫描策略,实现从“被动采集”到“主动智能决策”的红队作业进化。

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA

Use Cases

FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA 数据采集、存活检测、统计聚合、图标 H
asaotomo

Maintainer

LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 20, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx fofamap

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use FofaMap

FofaMap v2.0 is a Python-based AI-driven red team asset mapping agent that wraps the FOFA internet search engine API with an intelligent self-reflection mechanism. When a query returns zero results, the embedded AI agent automatically rewrites and relaxes the FOFA syntax until results are found. It supports native MCP protocol integration so AI platforms like Claude Desktop or Cursor can invoke asset mapping and Nuclei vulnerability scanning without any manual command construction.

Prerequisites

  • Python 3.10 or higher
  • A FOFA account with API access (email and API key from fofa.info)
  • A DeepSeek, OpenAI, or compatible LLM API key for the AI agent layer
  • Nuclei binary (optional, required only for vulnerability scanning integration)
  • An MCP client such as Claude Desktop or Cursor
1

Clone the repository and install dependencies

Clone FofaMap from GitHub and install the Python requirements. Python 3.10 or higher is required.

git clone https://github.com/asaotomo/FofaMap.git
cd FofaMap
pip3 install -r requirements.txt
2

Run the interactive configuration wizard

Run the init command to launch the setup wizard. It will walk you through entering your FOFA credentials and AI API key, then write them to config/settings.yaml.

python3 fofamap.py init
3

Edit config/settings.yaml with your credentials

Open config/settings.yaml and fill in your FOFA email, FOFA API key, and your LLM API key. You can also change the api_type to openai, ollama, or lmstudio if you are not using DeepSeek.

userinfo:
  email: "[email protected]"
  key: "your_fofa_api_key"
  deepseek_api_key: "sk-xxxxxxxxxxxxxxxxxxxxxxxx"
  api_type: "deepseek"
  base_url: "https://api.deepseek.com/v1"
  model: "deepseek-chat"
4

Test CLI usage with a natural language query

Verify the setup by running an AI-mode query. FofaMap will translate your natural language into a FOFA query, search for assets, and return results.

python3 fofamap.py -ai "Find all Nginx servers in the United States"
5

Configure MCP server for Claude Desktop or Cursor

Add the FofaMap MCP server to your MCP client configuration file. The command should point to your Python interpreter and the absolute path to mcp_server.py.

{
  "mcpServers": {
    "fofamap": {
      "command": "/usr/bin/python3",
      "args": ["/absolute/path/to/FofaMap/mcp_server.py"]
    }
  }
}
6

Verify MCP connection and start querying

Open your MCP client and confirm the FofaMap server shows a green connected status. You can now ask the AI to use FofaMap tools directly in conversation.

FofaMap Examples

Client configuration

Claude Desktop configuration for FofaMap MCP server. Replace the paths with your actual Python interpreter and cloned repository location.

{
  "mcpServers": {
    "fofamap": {
      "command": "/usr/bin/python3",
      "args": ["/Users/yourname/FofaMap/mcp_server.py"]
    }
  }
}

Prompts to try

Natural language prompts that FofaMap's AI agent can handle via the MCP interface.

- "Use FofaMap to find all subdomains of bing.com and check if they are alive"
- "Search for exposed Spring Boot actuator endpoints in Germany"
- "Find ThinkPHP installations in China and recommend Nuclei scan templates"
- "Query FOFA for WebLogic servers and generate a vulnerability scan plan"
- "Map assets for domain example.com and export the results to an Excel report"

Troubleshooting FofaMap

FOFA query returns 0 results even for well-known targets

The AI self-reflection mechanism should auto-retry with relaxed syntax. If it still fails, check that your FOFA API key is valid and your account has remaining query quota. Free FOFA accounts have limited API access; a paid plan may be required for broad queries.

MCP server shows red/disconnected status in Cursor or Claude Desktop

Ensure the Python interpreter path and mcp_server.py path in your config are absolute paths. Relative paths are not resolved correctly. Check the MCP log output (Cursor: Output > MCP Log) for the specific Python error.

Nuclei commands are generated but do not execute

Nuclei must be installed and available in your system PATH. Run 'nuclei -version' to verify. Alternatively, place the nuclei binary directly in the FofaMap project root directory.

Frequently Asked Questions about FofaMap

What is FofaMap?

FofaMap is a Model Context Protocol (MCP) server that fofamap v2.0 是一款基于 python3 开发的全网首个 ai 驱动红队资产测绘智能体。在延续原有 fofa 数据采集、存活检测、统计聚合、图标 hash 及批量查询等核心功能的基础上,2.0 版本原生支持 mcp 协议,可无缝接入 cursor、claude 等 ai 平台。其核心内置了 ai 自我反思机制,能根据查询结果自动调优语法,并智能联动 nuclei 推荐精准扫描策略,实现从“被动采集”到“主动智能决策”的红队作业进化。 It connects AI assistants to external tools and data sources through a standardized interface.

How do I install FofaMap?

Follow the installation instructions on the FofaMap GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with FofaMap?

FofaMap works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is FofaMap free to use?

Yes, FofaMap is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

FofaMap Alternatives — Similar Security Servers

Looking for alternatives to FofaMap? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "fofamap": { "command": "npx", "args": ["-y", "fofamap"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use FofaMap?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides