Externalattacker MCP
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
Installation
npx externalattacker-mcpAsk AI about Externalattacker MCP
Powered by Claude Β· Grounded in docs
I know everything about Externalattacker MCP. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
ExternalAttacker MCP Server
Model Context Protocol (MCP) Server for External Attack Surface Management
ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.
π Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.
π What is ExternalAttacker?
ExternalAttacker combines the power of:
- Automated Scanning: Comprehensive toolset for external reconnaissance
- Model Context Protocol (MCP): An open protocol for creating custom AI tools
- Natural Language Processing: Convert plain English queries into scanning commands
π± Community
Join our Telegram channel for updates, tips, and discussion:
- Telegram: https://t.me/root_sec
β¨ Features
- Natural Language Interface: Run scans using plain English
- Comprehensive Scanning Categories:
- π Subdomain Discovery (subfinder)
- π’ Port Scanning (naabu)
- π HTTP Analysis (httpx)
- π‘οΈ CDN Detection (cdncheck)
- π TLS Analysis (tlsx)
- π Directory Fuzzing (ffuf, gobuster)
- π DNS Enumeration (dnsx)
π Prerequisites
- Python 3.8 or higher
- Go (for installing tools)
- MCP Client
π§ Installation
-
Clone this repository:
git clone https://github.com/mordavid/ExternalAttacker-MCP.git cd ExternalAttacker -
Install Python dependencies:
pip install -r requirements.txt -
Install required Go tools:
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest go install -v github.com/ffuf/ffuf@latest go install github.com/OJ/gobuster/v3@latest go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest -
Run ExternalAttacker-App.py
python ExternalAttacker-App.py # Access http://localhost:6991 -
Configure the MCP Server
"mcpServers": { "ExternalAttacker-MCP": { "command": "python", "args": [ "<Your_Path>\\ExternalAttacker-MCP.py" ] } }
π Usage
Example queries you can ask through the MCP:
- "Scan example.com for subdomains"
- "Check open ports on 192.168.1.1"
- "Analyze HTTP services on test.com"
- "Check if domain.com uses a CDN"
- "Analyze SSL configuration of site.com"
- "Fuzz endpoints on target.com"
π License
MIT License
π Acknowledgments
- The ProjectDiscovery team for their excellent security tools
- The MCP community for advancing AI-powered tooling
Note: This is a security tool. Please use responsibly and only on systems you have permission to test.