Toolbox

v1.0.0Securitystable

Collaborative application security testing between humans and agents via CLI and MCP

agentagent-collaborationapplication-securityappsecllm
Share:
25
Stars
0
Downloads
0
Weekly
0/5

What is Toolbox?

Toolbox is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to collaborative application security testing between humans and agents via cli and mcp

Collaborative application security testing between humans and agents via CLI and MCP

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Collaborative application security testing between humans an

Use Cases

Application security testing
Penetration testing automation
Agent-human collaboration
go-appsec

Maintainer

LicenseMIT
Languagego
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

NPM

npx -y toolbox

Manual Installation

npx -y toolbox

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Toolbox

Toolbox (sectool) is a collaborative application security testing platform that bridges human security professionals and AI agents through both a CLI and an MCP server. It acts as a wire-fidelity HTTP/HTTPS proxy, capturing and replaying traffic, detecting reflections and JWT tokens, and enabling out-of-band (OAST) testing — all controllable through natural language via an AI assistant. Security teams use it to accelerate penetration testing workflows by letting AI agents automate routine recon, request replay, and vulnerability probing tasks.

Prerequisites

  • Go runtime or ability to install pre-built binaries (Linux, macOS, Windows — amd64/arm64)
  • An MCP-compatible client such as Claude Code or Claude Desktop
  • A target web application to test (only test apps you have permission to assess)
  • Browser configured to use the proxy at 127.0.0.1:8080 for traffic capture
  • Trust the auto-generated CA certificate at ~/.sectool/ca.pem in your browser/OS
1

Install the sectool binary

Install sectool using Go or download a pre-built binary from the GitHub releases page for your platform (Linux, macOS, Windows — amd64 or arm64).

go install github.com/go-appsec/toolbox/sectool@latest
2

Start the MCP server

Launch sectool in MCP mode. This starts the MCP server on port 9119 and an integrated HTTP proxy on port 8080. The CA certificate is auto-generated at ~/.sectool/ca.pem on first run.

sectool mcp
3

Trust the CA certificate

Import ~/.sectool/ca.pem into your browser or OS certificate store so HTTPS traffic can be intercepted and inspected without certificate errors.

# macOS example
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/.sectool/ca.pem
4

Configure your browser to use the proxy

Set your browser's HTTP and HTTPS proxy to 127.0.0.1:8080. Browse to the target application to generate traffic that sectool will capture.

5

Connect your MCP client

Register the running sectool MCP server with your AI client using the HTTP transport pointing to port 9119.

claude mcp add --transport http sectool http://127.0.0.1:9119/mcp
6

Configure the client JSON (alternative)

Alternatively, add sectool to your claude_desktop_config.json if you prefer config-file-based setup. The server must already be running before the client connects.

Toolbox Examples

Client configuration

Add the running sectool MCP server to Claude Desktop by pointing to its HTTP endpoint. The server must be started separately with `sectool mcp` before connecting.

{
  "mcpServers": {
    "sectool": {
      "command": "sectool",
      "args": ["mcp"]
    }
  }
}

Prompts to try

Security testing prompts to use with Claude once sectool is connected and traffic has been captured through the proxy.

- "Show me a summary of all captured proxy traffic"
- "Find any requests that reflect user input in the response"
- "Replay request flow abc123 and add the header X-Forwarded-For: 127.0.0.1"
- "Create an OAST payload and check if any captured request triggers it"
- "Crawl https://example.com and list all discovered endpoints"

Troubleshooting Toolbox

HTTPS traffic shows certificate errors even after importing the CA

Confirm the certificate at ~/.sectool/ca.pem was added as a trusted root CA (not just a trusted certificate). On macOS, use Keychain Access to verify it appears under System > Certificates with full trust. Restart your browser after importing.

Claude cannot connect to the MCP server

Verify sectool is running with `sectool mcp` and listening on port 9119. Check with `curl http://127.0.0.1:9119/mcp` — you should get a response. Ensure no firewall is blocking localhost connections.

No traffic appears in the proxy history

Confirm your browser proxy settings point to 127.0.0.1:8080 for both HTTP and HTTPS. Use `sectool proxy summary` in a separate terminal to check if any flows have been captured.

Frequently Asked Questions about Toolbox

What is Toolbox?

Toolbox is a Model Context Protocol (MCP) server that collaborative application security testing between humans and agents via cli and mcp It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Toolbox?

Install via npm with the command: npx -y toolbox. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).

Which AI clients work with Toolbox?

Toolbox works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Toolbox free to use?

Yes, Toolbox is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Toolbox Alternatives — Similar Security Servers

Looking for alternatives to Toolbox? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "toolbox": { "command": "npx", "args": ["-y", "toolbox"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Toolbox?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides