mcp-for-security and agent-security-scanner-mcp

These are complements: the first provides MCP wrappers for offensive penetration testing tools (SQLMap, NMAP, FFUF), while the second provides defensive security scanning and vulnerability analysis capabilities that would naturally be used together in a comprehensive AI-driven security workflow.

mcp-for-security
55
Established
agent-security-scanner-mcp
50
Established
Maintenance 13/25
Adoption 10/25
Maturity 9/25
Community 23/25
Maintenance 13/25
Adoption 9/25
Maturity 18/25
Community 10/25
Stars: 559
Forks: 98
Downloads:
Commits (30d): 1
Language: TypeScript
License: MIT
Stars: 79
Forks: 6
Downloads:
Commits (30d): 0
Language: JavaScript
License: MIT
No Package No Dependents
No risk flags

About mcp-for-security

cyproxio/mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.

Each MCP server wraps a security tool with standardized input/output interfaces, enabling LLMs and AI agents to execute reconnaissance, scanning, and vulnerability testing tasks programmatically. The collection spans the full security testing lifecycle—from passive reconnaissance (Amass, certificate enumeration) through active scanning (Nmap, Masscan, FFUF) to vulnerability assessment (Nuclei, SQLmap, WPScan)—all deployable via Docker or standalone. Designed for integration with the Cyprox agentic-AI platform and any MCP-compatible client, it enables orchestrated security workflows where AI systems chain multiple tools together for automated threat detection and remediation.

About agent-security-scanner-mcp

sinewaveai/agent-security-scanner-mcp

Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.

Combines MCP integration with CLI flexibility, supporting Claude, Cursor, Windsurf, and OpenClaw — with parallel architecture splitting lightweight regex-based scanning (81.5KB ProofLayer) from enterprise features like AST+taint analysis, cross-file data flow tracking, and LLM-powered semantic intent profiling. Generates CycloneDX SBOMs, cross-references against OSV.dev for CVEs, and includes specialized detection for autonomous AI threats (prompt jailbreaks, unicode poisoning, malware signatures).

Related comparisons

mcp-for-security and pentest-mcp mcp-for-security and mcp-shodan mcp-for-security and mcp-armor mcp-for-security and mcp-checkpoint mcp-for-security and Wazuh-MCP-Server mcp-for-security and mcp-virustotal

Scores updated daily from GitHub, PyPI, and npm data. How scores work