External Recon
An external reconnaissnce MCP server for offensive security engagements
What is External Recon?
External Recon is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to external reconnaissnce mcp server for offensive security engagements
An external reconnaissnce MCP server for offensive security engagements
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- An external reconnaissnce MCP server for offensive security
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx mcp-external-reconConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use External Recon
The External Recon MCP server is a proof-of-concept offensive security tool that wraps common external reconnaissance techniques—DNS enumeration, subdomain brute-forcing, WHOIS lookups, HTTP header analysis, and email security assessment—into MCP tools usable by an AI assistant. Built in Python and invoked via uv, it runs OS-level commands (dig, whois, dnsrecon) on the local machine and returns structured results. Security professionals conducting authorized penetration tests or bug bounty assessments can use it to let Claude drive a reconnaissance workflow through natural language rather than running commands manually.
Prerequisites
- Python 3.x with uv installed (curl -LsSf https://astral.sh/uv/install.sh | sh)
- System tools installed: dig, whois, and dnsrecon
- Claude Desktop or another MCP-compatible client
- Written authorization to perform reconnaissance against the target domain
- The dns-wordlist.txt file from the repository for subdomain brute-forcing
Clone the repository
Download the server code including the supplied subdomain wordlist required for DNS brute-forcing.
git clone https://github.com/naebo/mcp-external-recon-server
cd mcp-external-recon-serverInstall system dependencies
Ensure dig, whois, and dnsrecon are installed. On macOS use Homebrew; on Debian/Ubuntu use apt.
# macOS
brew install bind dnsrecon whois
# Debian/Ubuntu
apt install dnsutils whois dnsreconInstall uv
Install uv if not already present. It is used to run the Python server without manual virtualenv setup.
curl -LsSf https://astral.sh/uv/install.sh | shConfigure Claude Desktop
Open the Claude Desktop developer config file and add the external-recon server entry using absolute paths to both the uv binary and the repository folder.
Relaunch Claude Desktop and start a recon session
After relaunching, select the external-recon prompt from the chat toolbar and supply the target domain name to begin an AI-assisted reconnaissance workflow.
External Recon Examples
Client configuration
Add the external-recon server to claude_desktop_config.json. Replace the paths with absolute paths on your system.
{
"mcpServers": {
"external-recon": {
"command": "/usr/local/bin/uv",
"args": [
"--directory",
"/absolute/path/to/mcp-external-recon-server",
"run",
"external-recon.py"
]
}
}
}Prompts to try
Example prompts for an authorized external reconnaissance engagement against a target domain.
- "Perform full external reconnaissance on example.com"
- "Enumerate all DNS records for target.com including MX, NS, TXT, and SOA"
- "Brute-force subdomains of example.com using the wordlist"
- "Look up WHOIS information for target.com and summarize the registrar details"
- "Check the HTTP headers for https://example.com and identify any security misconfigurations"Troubleshooting External Recon
Server fails to start because dnsrecon or dig is not found
Install the required system tools. On macOS run 'brew install bind dnsrecon whois'. On Linux run 'apt install dnsutils dnsrecon whois'. Verify each is on PATH by running 'which dig', 'which whois', and 'which dnsrecon' in your terminal.
Subdomain brute-forcing returns no results or errors
The server requires dns-wordlist.txt to be present in the repository directory. Confirm the file exists at the path the script expects. Very large wordlists may also hit current limitations — the README notes there is a constraint with very long wordlists, so use a reasonably sized list.
The hammer icon does not appear in Claude Desktop after configuration
Verify the absolute paths in claude_desktop_config.json are correct for both the uv binary (find it with 'which uv') and the repository directory. Restart Claude Desktop completely after saving the config file.
Frequently Asked Questions about External Recon
What is External Recon?
External Recon is a Model Context Protocol (MCP) server that external reconnaissnce mcp server for offensive security engagements It connects AI assistants to external tools and data sources through a standardized interface.
How do I install External Recon?
Follow the installation instructions on the External Recon GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with External Recon?
External Recon works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is External Recon free to use?
Yes, External Recon is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
External Recon Alternatives — Similar Security Servers
Looking for alternatives to External Recon? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up External Recon in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use External Recon?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.