mcp-for-security and mcp-server-wazuh
These are complementary tools: the first provides offensive security testing capabilities (vulnerability scanning, reconnaissance) that generate findings which the second ingests and correlates as a SIEM for detection, response, and threat intelligence.
About mcp-for-security
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.
Each MCP server wraps a security tool with standardized input/output interfaces, enabling LLMs and AI agents to execute reconnaissance, scanning, and vulnerability testing tasks programmatically. The collection spans the full security testing lifecycle—from passive reconnaissance (Amass, certificate enumeration) through active scanning (Nmap, Masscan, FFUF) to vulnerability assessment (Nuclei, SQLmap, WPScan)—all deployable via Docker or standalone. Designed for integration with the Cyprox agentic-AI platform and any MCP-compatible client, it enables orchestrated security workflows where AI systems chain multiple tools together for automated threat detection and remediation.
About mcp-server-wazuh
gbrigandi/mcp-server-wazuh
MCP Server for Wazuh SIEM
Implements MCP protocol integration with Wazuh SIEM through a Rust server that transforms API responses into natural language-queryable security data, enabling AI assistants to access alerts, agent status, vulnerabilities, compliance metrics, and forensic logs without manual queries. Bridges both Wazuh Indexer (detection) and Manager (configuration/agents) components while supporting interoperability with complementary security tools like Cortex, TheHive, and MISP for enriched threat intelligence and incident response orchestration.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work