/ 디렉터리 / 플레이그라운드 / mcp-security-hub
← 모든 서버 ↗ GitHub
● 커뮤니티 FuzzingLabs ⚡ 바로 사용

mcp-security-hub

제작: FuzzingLabs · FuzzingLabs/mcp-security-hub

38 Dockerized MCP servers packaging 300+ security tools — Nmap, Nuclei, SQLMap, Ghidra, Hashcat, and more for AI assistants.

mcp-security-hub is a collection of 38 production-ready, Dockerized MCP servers integrating 300+ offensive security tools with AI assistants. Covers reconnaissance (Nmap, Shodan, Masscan), web security (Nuclei, SQLMap, FFUF), binary analysis (Radare2, Ghidra, YARA), cloud security (Trivy, Prowler), blockchain (Medusa), OSINT (Gitleaks, Bloodhound), and more. Docker Compose orchestration with security-hardened containers.

▶ 데모 보기 📦 설치 💡 사용 사례

왜 쓰나요

핵심 기능

라이브 데모

실제 사용 모습

mcp-security-hub.replay ▶ 준비됨
0/0

설치

클라이언트 선택

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config 열기. 저장 후 앱 재시작.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Cursor는 Claude Desktop과 동일한 mcpServers 스키마 사용. 프로젝트 설정이 전역보다 우선.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Cline 사이드바의 MCP Servers 아이콘 클릭 후 "Edit Configuration" 선택.

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Claude Desktop과 같은 형식. Windsurf 재시작 후 적용.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "mcp-security-hub",
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  ]
}

Continue는 맵이 아닌 서버 오브젝트 배열 사용.

~/.config/zed/settings.json
{
  "context_servers": {
    "mcp-security-hub": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/FuzzingLabs/mcp-security-hub"
        ]
      }
    }
  }
}

context_servers에 추가. 저장 시 Zed가 핫 리로드.

claude mcp add mcp-security-hub -- TODO 'See README: https://github.com/FuzzingLabs/mcp-security-hub'

한 줄 명령. claude mcp list로 확인, claude mcp remove로 제거.

사용 사례

실전 활용법: mcp-security-hub

How to run automated reconnaissance with mcp-security-hub

👤 Security professionals conducting authorized assessments ⏱ ~60 min intermediate

언제 쓸까: You need to run multiple recon tools against an authorized target.

사전 조건
  • Docker and Docker Compose installed — Install Docker Desktop or Docker Engine
  • Written authorization for the target — Signed penetration testing agreement
흐름
  1. Start recon tools
    Start the nmap-mcp and nuclei-mcp servers. Run port scanning and vulnerability scanning against the authorized target at 192.168.1.100.✓ 복사됨
    → Port scan results and vulnerability findings
  2. Deep dive on findings
    Found a web server on port 443. Run FFUF for directory fuzzing and check for common web vulnerabilities with Nuclei.✓ 복사됨
    → Directory listing and vulnerability scan results

결과: Comprehensive reconnaissance results from multiple tools.

함정
  • Running all 38 servers at once consumes significant resources — Only start the servers you need. Use docker-compose up with specific service names.
함께 쓰기: filesystem

Analyze a CTF binary with containerized reverse engineering tools

👤 CTF participants working on binary challenges ⏱ ~30 min intermediate

언제 쓸까: You have a binary to reverse engineer and want containerized analysis tools.

사전 조건
  • Docker with security-hub cloned — git clone && docker-compose build
흐름
  1. Analyze the binary
    Start the radare2-mcp server. Load the CTF binary and show me the function list, strings, and entry point disassembly.✓ 복사됨
    → Binary overview with interesting functions and strings

결과: Binary analysis insights from containerized tools.

함정
  • Binary needs host-specific libraries — Mount the binary directory into the container, or use the YARA/Capa servers for static analysis

조합

다른 MCP와 조합해 10배 효율

mcp-security-hub + filesystem

Save all security assessment results to organized report files

Run a full recon suite on the target and compile results into a pentest report at ~/reports/assessment.md.✓ 복사됨

도구

이 MCP가 노출하는 것

도구입력언제 호출비용
nmap-mcp target, options Network port scanning 0
nuclei-mcp target, templates? Template-based vulnerability scanning 0
sqlmap-mcp url, params? SQL injection testing 0
radare2-mcp binary_path, command Binary reverse engineering 0
trivy-mcp target_image Container and IaC vulnerability scanning 0

비용 및 제한

운영 비용

API 쿼터
N/A — all tools run locally in Docker
호출당 토큰
300–3000 tokens per tool output
금액
Free — all tools are open source. Shodan/similar may need their own API keys.
Only start servers you need. docker-compose up nmap-mcp nuclei-mcp instead of all 38.

보안

권한, 시크릿, 파급범위

자격 증명 저장: Individual tool API keys (Shodan, etc.) via Docker env vars
데이터 외부 송신: Scans connect to target IPs. OSINT tools call their respective APIs.

문제 해결

자주 발생하는 오류와 해결

Docker build fails

Ensure Docker is installed and running. Some tools may need updated base images.

확인: docker --version && docker compose --version
Container can't reach target

Check Docker network settings. Use host networking mode for network scanning tools.

확인: docker exec <container> ping <target>
Out of disk space

Docker images can be large. Prune unused images: docker system prune

확인: docker system df

대안

mcp-security-hub 다른 것과 비교

대안언제 쓰나단점/장점
hexstrike-aiYou want AI agents that autonomously orchestrate security toolsMore AI intelligence but less Docker isolation
mcp-kali-serverYou want a lightweight bridge to a full Kali installation instead of DockerSimpler setup but less isolation

더 보기

리소스

📖 GitHub에서 공식 README 읽기

🐙 열린 이슈 보기

🔍 400+ MCP 서버 및 Skills 전체 보기