External Recon

v1.0.0Securitystable

An external reconnaissnce MCP server for offensive security engagements

mcp-external-reconmcpai-integration
Share:
13
Stars
0
Downloads
0
Weekly
0/5

What is External Recon?

External Recon is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to external reconnaissnce mcp server for offensive security engagements

An external reconnaissnce MCP server for offensive security engagements

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • An external reconnaissnce MCP server for offensive security

Use Cases

Perform external reconnaissance for offensive security assessments.
Gather intelligence on targets using AI-assisted security tools.
naebo

Maintainer

LicenseMIT
Languagepython
Versionv1.0.0
UpdatedFeb 28, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx mcp-external-recon

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use External Recon

The External Recon MCP server is a proof-of-concept offensive security tool that wraps common external reconnaissance techniques—DNS enumeration, subdomain brute-forcing, WHOIS lookups, HTTP header analysis, and email security assessment—into MCP tools usable by an AI assistant. Built in Python and invoked via uv, it runs OS-level commands (dig, whois, dnsrecon) on the local machine and returns structured results. Security professionals conducting authorized penetration tests or bug bounty assessments can use it to let Claude drive a reconnaissance workflow through natural language rather than running commands manually.

Prerequisites

  • Python 3.x with uv installed (curl -LsSf https://astral.sh/uv/install.sh | sh)
  • System tools installed: dig, whois, and dnsrecon
  • Claude Desktop or another MCP-compatible client
  • Written authorization to perform reconnaissance against the target domain
  • The dns-wordlist.txt file from the repository for subdomain brute-forcing
1

Clone the repository

Download the server code including the supplied subdomain wordlist required for DNS brute-forcing.

git clone https://github.com/naebo/mcp-external-recon-server
cd mcp-external-recon-server
2

Install system dependencies

Ensure dig, whois, and dnsrecon are installed. On macOS use Homebrew; on Debian/Ubuntu use apt.

# macOS
brew install bind dnsrecon whois

# Debian/Ubuntu
apt install dnsutils whois dnsrecon
3

Install uv

Install uv if not already present. It is used to run the Python server without manual virtualenv setup.

curl -LsSf https://astral.sh/uv/install.sh | sh
4

Configure Claude Desktop

Open the Claude Desktop developer config file and add the external-recon server entry using absolute paths to both the uv binary and the repository folder.

5

Relaunch Claude Desktop and start a recon session

After relaunching, select the external-recon prompt from the chat toolbar and supply the target domain name to begin an AI-assisted reconnaissance workflow.

External Recon Examples

Client configuration

Add the external-recon server to claude_desktop_config.json. Replace the paths with absolute paths on your system.

{
  "mcpServers": {
    "external-recon": {
      "command": "/usr/local/bin/uv",
      "args": [
        "--directory",
        "/absolute/path/to/mcp-external-recon-server",
        "run",
        "external-recon.py"
      ]
    }
  }
}

Prompts to try

Example prompts for an authorized external reconnaissance engagement against a target domain.

- "Perform full external reconnaissance on example.com"
- "Enumerate all DNS records for target.com including MX, NS, TXT, and SOA"
- "Brute-force subdomains of example.com using the wordlist"
- "Look up WHOIS information for target.com and summarize the registrar details"
- "Check the HTTP headers for https://example.com and identify any security misconfigurations"

Troubleshooting External Recon

Server fails to start because dnsrecon or dig is not found

Install the required system tools. On macOS run 'brew install bind dnsrecon whois'. On Linux run 'apt install dnsutils dnsrecon whois'. Verify each is on PATH by running 'which dig', 'which whois', and 'which dnsrecon' in your terminal.

Subdomain brute-forcing returns no results or errors

The server requires dns-wordlist.txt to be present in the repository directory. Confirm the file exists at the path the script expects. Very large wordlists may also hit current limitations — the README notes there is a constraint with very long wordlists, so use a reasonably sized list.

The hammer icon does not appear in Claude Desktop after configuration

Verify the absolute paths in claude_desktop_config.json are correct for both the uv binary (find it with 'which uv') and the repository directory. Restart Claude Desktop completely after saving the config file.

Frequently Asked Questions about External Recon

What is External Recon?

External Recon is a Model Context Protocol (MCP) server that external reconnaissnce mcp server for offensive security engagements It connects AI assistants to external tools and data sources through a standardized interface.

How do I install External Recon?

Follow the installation instructions on the External Recon GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with External Recon?

External Recon works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is External Recon free to use?

Yes, External Recon is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

External Recon Alternatives — Similar Security Servers

Looking for alternatives to External Recon? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "mcp-external-recon": { "command": "npx", "args": ["-y", "mcp-external-recon"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use External Recon?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides