/ 目录 / 演练场 / mcp-security-hub
← 全部服务器 ↗ GitHub
● 社区 FuzzingLabs ⚡ 即开即用

mcp-security-hub

作者 FuzzingLabs · FuzzingLabs/mcp-security-hub

38 Dockerized MCP servers packaging 300+ security tools — Nmap, Nuclei, SQLMap, Ghidra, Hashcat, and more for AI assistants.

mcp-security-hub is a collection of 38 production-ready, Dockerized MCP servers integrating 300+ offensive security tools with AI assistants. Covers reconnaissance (Nmap, Shodan, Masscan), web security (Nuclei, SQLMap, FFUF), binary analysis (Radare2, Ghidra, YARA), cloud security (Trivy, Prowler), blockchain (Medusa), OSINT (Gitleaks, Bloodhound), and more. Docker Compose orchestration with security-hardened containers.

▶ 观看演示 📦 安装 💡 使用场景

为什么要用

核心特性

实时演示

实际使用效果

mcp-security-hub.replay ▶ 就绪
0/0

安装

选择你的客户端

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

打开 Claude Desktop → Settings → Developer → Edit Config。保存后重启应用。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Cursor 使用与 Claude Desktop 相同的 mcpServers 格式。项目级配置优先于全局。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

点击 Cline 侧栏中的 MCP Servers 图标,然后选 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

格式与 Claude Desktop 相同。重启 Windsurf 生效。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "mcp-security-hub",
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  ]
}

Continue 使用服务器对象数组,而非映射。

~/.config/zed/settings.json
{
  "context_servers": {
    "mcp-security-hub": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/FuzzingLabs/mcp-security-hub"
        ]
      }
    }
  }
}

加入 context_servers。Zed 保存后热重载。

claude mcp add mcp-security-hub -- TODO 'See README: https://github.com/FuzzingLabs/mcp-security-hub'

一行命令搞定。用 claude mcp list 验证,claude mcp remove 卸载。

使用场景

实战用法: mcp-security-hub

How to run automated reconnaissance with mcp-security-hub

👤 Security professionals conducting authorized assessments ⏱ ~60 min intermediate

何时使用: You need to run multiple recon tools against an authorized target.

前置条件
  • Docker and Docker Compose installed — Install Docker Desktop or Docker Engine
  • Written authorization for the target — Signed penetration testing agreement
步骤
  1. Start recon tools
    Start the nmap-mcp and nuclei-mcp servers. Run port scanning and vulnerability scanning against the authorized target at 192.168.1.100.✓ 已复制
    → Port scan results and vulnerability findings
  2. Deep dive on findings
    Found a web server on port 443. Run FFUF for directory fuzzing and check for common web vulnerabilities with Nuclei.✓ 已复制
    → Directory listing and vulnerability scan results

结果: Comprehensive reconnaissance results from multiple tools.

注意事项
  • Running all 38 servers at once consumes significant resources — Only start the servers you need. Use docker-compose up with specific service names.
搭配使用: filesystem

Analyze a CTF binary with containerized reverse engineering tools

👤 CTF participants working on binary challenges ⏱ ~30 min intermediate

何时使用: You have a binary to reverse engineer and want containerized analysis tools.

前置条件
  • Docker with security-hub cloned — git clone && docker-compose build
步骤
  1. Analyze the binary
    Start the radare2-mcp server. Load the CTF binary and show me the function list, strings, and entry point disassembly.✓ 已复制
    → Binary overview with interesting functions and strings

结果: Binary analysis insights from containerized tools.

注意事项
  • Binary needs host-specific libraries — Mount the binary directory into the container, or use the YARA/Capa servers for static analysis

组合

与其他 MCP 搭配,撬动十倍杠杆

mcp-security-hub + filesystem

Save all security assessment results to organized report files

Run a full recon suite on the target and compile results into a pentest report at ~/reports/assessment.md.✓ 已复制

工具

此 MCP 暴露的能力

工具输入参数何时调用成本
nmap-mcp target, options Network port scanning 0
nuclei-mcp target, templates? Template-based vulnerability scanning 0
sqlmap-mcp url, params? SQL injection testing 0
radare2-mcp binary_path, command Binary reverse engineering 0
trivy-mcp target_image Container and IaC vulnerability scanning 0

成本与限制

运行它的成本

API 配额
N/A — all tools run locally in Docker
每次调用 Token 数
300–3000 tokens per tool output
费用
Free — all tools are open source. Shodan/similar may need their own API keys.
提示
Only start servers you need. docker-compose up nmap-mcp nuclei-mcp instead of all 38.

安全

权限、密钥、影响范围

凭据存储: Individual tool API keys (Shodan, etc.) via Docker env vars
数据出站: Scans connect to target IPs. OSINT tools call their respective APIs.

故障排查

常见错误与修复

Docker build fails

Ensure Docker is installed and running. Some tools may need updated base images.

验证: docker --version && docker compose --version
Container can't reach target

Check Docker network settings. Use host networking mode for network scanning tools.

验证: docker exec <container> ping <target>
Out of disk space

Docker images can be large. Prune unused images: docker system prune

验证: docker system df

替代方案

mcp-security-hub 对比其他方案

替代方案何时用它替代权衡
hexstrike-aiYou want AI agents that autonomously orchestrate security toolsMore AI intelligence but less Docker isolation
mcp-kali-serverYou want a lightweight bridge to a full Kali installation instead of DockerSimpler setup but less isolation

更多

资源

📖 阅读 GitHub 上的官方 README

🐙 查看未解决的 issue

🔍 浏览全部 400+ MCP 服务器和 Skills