Externalattacker Mcp
What is Externalattacker Mcp
ExternalAttacker is a powerful integration for automated scanning and external attack surface management. It leverages the Model Context Protocol (MCP) for creating customized AI tools, enabling seamless reconnaissance through natural language processing.
Use cases
Users can deploy ExternalAttacker to discover subdomains, check for open ports, analyze HTTP services, detect CDN usage, evaluate SSL configurations, and perform directory fuzzing, among other tasks, all by using plain English queries.
How to use
To use ExternalAttacker, clone the repository, install necessary Python dependencies and Go tools, then run the ExternalAttacker-App.py script. After configuring the MCP server, users can access the application via a web interface and input their scanning requests.
Key features
Key features include a natural language interface for ease of use, comprehensive scanning categories covering subdomain discovery, port scanning, HTTP analysis, CDN detection, TLS analysis, directory fuzzing, and DNS enumeration.
Where to use
ExternalAttacker can be utilized in various environments focused on cybersecurity, including penetration testing, security assessments, and vulnerability identification across domains and networks that users have authorization to analyze.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Externalattacker Mcp
ExternalAttacker is a powerful integration for automated scanning and external attack surface management. It leverages the Model Context Protocol (MCP) for creating customized AI tools, enabling seamless reconnaissance through natural language processing.
Use cases
Users can deploy ExternalAttacker to discover subdomains, check for open ports, analyze HTTP services, detect CDN usage, evaluate SSL configurations, and perform directory fuzzing, among other tasks, all by using plain English queries.
How to use
To use ExternalAttacker, clone the repository, install necessary Python dependencies and Go tools, then run the ExternalAttacker-App.py script. After configuring the MCP server, users can access the application via a web interface and input their scanning requests.
Key features
Key features include a natural language interface for ease of use, comprehensive scanning categories covering subdomain discovery, port scanning, HTTP analysis, CDN detection, TLS analysis, directory fuzzing, and DNS enumeration.
Where to use
ExternalAttacker can be utilized in various environments focused on cybersecurity, including penetration testing, security assessments, and vulnerability identification across domains and networks that users have authorization to analyze.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
ExternalAttacker MCP Server
Model Context Protocol (MCP) Server for External Attack Surface Management
ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.
🔍 Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.
🔍 What is ExternalAttacker?
ExternalAttacker combines the power of:
- Automated Scanning: Comprehensive toolset for external reconnaissance
- Model Context Protocol (MCP): An open protocol for creating custom AI tools
- Natural Language Processing: Convert plain English queries into scanning commands
📱 Community
Join our Telegram channel for updates, tips, and discussion:
- Telegram: https://t.me/root_sec
✨ Features
- Natural Language Interface: Run scans using plain English
- Comprehensive Scanning Categories:
- 🌐 Subdomain Discovery (subfinder)
- 🔢 Port Scanning (naabu)
- 🌍 HTTP Analysis (httpx)
- 🛡️ CDN Detection (cdncheck)
- 🔐 TLS Analysis (tlsx)
- 📁 Directory Fuzzing (ffuf, gobuster)
- 📝 DNS Enumeration (dnsx)
📋 Prerequisites
- Python 3.8 or higher
- Go (for installing tools)
- MCP Client
🔧 Installation
-
Clone this repository:
git clone https://github.com/mordavid/ExternalAttacker-MCP.git cd ExternalAttacker -
Install Python dependencies:
pip install -r requirements.txt -
Install required Go tools:
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest go install -v github.com/ffuf/ffuf@latest go install github.com/OJ/gobuster/v3@latest go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest -
python ExternalAttacker-App.py # Access http://localhost:6991 -
Configure the MCP Server
"mcpServers": { "ExternalAttacker-MCP": { "command": "python", "args": [ "<Your_Path>\\ExternalAttacker-MCP.py" ] } }
🚀 Usage
Example queries you can ask through the MCP:
- “Scan example.com for subdomains”
- “Check open ports on 192.168.1.1”
- “Analyze HTTP services on test.com”
- “Check if domain.com uses a CDN”
- “Analyze SSL configuration of site.com”
- “Fuzz endpoints on target.com”
📜 License
MIT License
🙏 Acknowledgments
- The ProjectDiscovery team for their excellent security tools
- The MCP community for advancing AI-powered tooling
Note: This is a security tool. Please use responsibly and only on systems you have permission to test.
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
