MCP Security Hub

v1.0.0Securitystable

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

aiclaudecybersecuritydockerghidra
Share:
554
Stars
0
Downloads
0
Weekly
0/5

What is MCP Security Hub?

MCP Security Hub is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to growing collection of mcp servers bringing offensive security tools to ai assistants. nmap, ghidra, nuclei, sqlmap, hashcat and more.

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • A growing collection of MCP servers bringing offensive secur

Use Cases

Offensive security tools for AI
Nmap, Ghidra, Nuclei, SQLMap
Docker-based pentesting automation
FuzzingLabs

Maintainer

LicenseMIT
Languagepython
Versionv1.0.0
UpdatedMay 20, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx mcp-security-hub

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use MCP Security Hub

MCP Security Hub is a collection of 38 production-ready, Docker-based MCP servers that bring 300+ offensive security tools to AI assistants like Claude. It covers reconnaissance (Nmap, Masscan, Shodan), web security (Nuclei, SQLMap, ffuf, Burp Suite), binary analysis (Ghidra, Radare2, Binwalk), cloud security (Trivy, Prowler), secrets detection (Gitleaks), Active Directory assessment (BloodHound), and more — all accessible via natural-language prompts. Security professionals use it to automate penetration testing workflows, correlate findings across multiple tools, and accelerate vulnerability research without manually invoking individual CLI tools.

Prerequisites

  • Docker and Docker Compose installed and running
  • Git to clone the repository
  • An MCP-capable client such as Claude Desktop or Claude Code
  • Sufficient disk space for Docker images (multiple GB expected)
  • Root or sudo access may be required for certain network-level tools (e.g., Nmap raw sockets)
1

Clone the repository

Clone the mcp-security-hub repository from GitHub — the images are built locally, not pulled from a registry.

git clone https://github.com/FuzzingLabs/mcp-security-hub
cd mcp-security-hub
2

Build the Docker images

Build all MCP server images using Docker Compose. This step is required before configuring any MCP client. Build time depends on the number of tools; individual images can be built for faster iteration.

# Build all images
docker-compose build

# Or build specific images
docker-compose build nmap-mcp nuclei-mcp
3

Start the desired MCP server containers

Start only the servers you need using Docker Compose. Each security tool runs as an isolated, non-root container.

docker-compose up nmap-mcp nuclei-mcp -d

# Verify containers are healthy
docker-compose ps
4

Configure Claude Desktop

Add the desired MCP servers to your Claude Desktop configuration. Each server is run via the docker command pointing to its local image. Note: --cap-add=NET_RAW is required for Nmap.

{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    },
    "gitleaks": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "-v", "/path/to/repos:/app/target:ro", "gitleaks-mcp:latest"]
    }
  }
}
5

Mount volumes for file-based tools

Tools that analyze local files (Gitleaks, Radare2, Binwalk, YARA) require volume mounts so the container can access your files. Replace /path/to/repos or /path/to/binaries with your actual paths.

{
  "mcpServers": {
    "radare2": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "-v", "/path/to/binaries:/samples:ro", "radare2-mcp:latest"]
    }
  }
}

MCP Security Hub Examples

Client configuration

Claude Desktop JSON configuration for Nmap, Nuclei, and Gitleaks MCP servers from mcp-security-hub.

{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    },
    "sqlmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "sqlmap-mcp:latest"]
    }
  }
}

Prompts to try

Example security assessment prompts once the MCP servers are connected to Claude.

- "Scan 192.168.1.0/24 for open web server ports and identify their technologies"
- "Run a Nuclei vulnerability scan against https://example.com using the CVE templates"
- "Check this git repository for any leaked secrets or credentials using Gitleaks"
- "Perform SQL injection testing on https://testsite.com/login?id=1"
- "Analyze the binary /samples/malware.exe and identify its capabilities"

Troubleshooting MCP Security Hub

Docker image not found when starting a container

You must build images locally before using them. Run docker-compose build (or docker-compose build <image-name>) from inside the mcp-security-hub directory before configuring your MCP client.

Nmap scan fails with permission denied or raw socket errors

Nmap requires the NET_RAW capability for certain scan types. Ensure you include --cap-add=NET_RAW in the docker run args. On Linux hosts, you may also need --cap-add=NET_ADMIN.

File-based tools (Gitleaks, Radare2) cannot find the target files

Ensure you mount the correct host directory into the container using the -v flag in the docker args. The path must exist on the host, and the container path must match what the tool expects (e.g., /app/target or /samples).

Frequently Asked Questions about MCP Security Hub

What is MCP Security Hub?

MCP Security Hub is a Model Context Protocol (MCP) server that growing collection of mcp servers bringing offensive security tools to ai assistants. nmap, ghidra, nuclei, sqlmap, hashcat and more. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install MCP Security Hub?

Follow the installation instructions on the MCP Security Hub GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with MCP Security Hub?

MCP Security Hub works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is MCP Security Hub free to use?

Yes, MCP Security Hub is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

MCP Security Hub Alternatives — Similar Security Servers

Looking for alternatives to MCP Security Hub? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "mcp-security-hub": { "command": "npx", "args": ["-y", "mcp-security-hub"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use MCP Security Hub?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides