/ 目錄 / 演練場 / mcp-security-hub
← 全部伺服器 ↗ GitHub
● 社群 FuzzingLabs ⚡ 即開即用

mcp-security-hub

作者 FuzzingLabs · FuzzingLabs/mcp-security-hub

38 Dockerized MCP servers packaging 300+ security tools — Nmap, Nuclei, SQLMap, Ghidra, Hashcat, and more for AI assistants.

mcp-security-hub is a collection of 38 production-ready, Dockerized MCP servers integrating 300+ offensive security tools with AI assistants. Covers reconnaissance (Nmap, Shodan, Masscan), web security (Nuclei, SQLMap, FFUF), binary analysis (Radare2, Ghidra, YARA), cloud security (Trivy, Prowler), blockchain (Medusa), OSINT (Gitleaks, Bloodhound), and more. Docker Compose orchestration with security-hardened containers.

▶ 觀看演示 📦 安裝 💡 使用場景

為什麼要用

核心特性

即時演示

實際使用效果

mcp-security-hub.replay ▶ 就緒
0/0

安裝

選擇你的客戶端

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

開啟 Claude Desktop → Settings → Developer → Edit Config。儲存後重啟應用。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

Cursor 使用與 Claude Desktop 相同的 mcpServers 格式。專案級設定優先於全域。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

點擊 Cline 側欄中的 MCP Servers 圖示,然後選 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "mcp-security-hub": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  }
}

格式與 Claude Desktop 相同。重啟 Windsurf 生效。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "mcp-security-hub",
      "command": "TODO",
      "args": [
        "See README: https://github.com/FuzzingLabs/mcp-security-hub"
      ]
    }
  ]
}

Continue 使用伺服器物件陣列,而非映射。

~/.config/zed/settings.json
{
  "context_servers": {
    "mcp-security-hub": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/FuzzingLabs/mcp-security-hub"
        ]
      }
    }
  }
}

加入 context_servers。Zed 儲存後熱重載。

claude mcp add mcp-security-hub -- TODO 'See README: https://github.com/FuzzingLabs/mcp-security-hub'

一行命令搞定。用 claude mcp list 驗證,claude mcp remove 移除。

使用場景

實戰用法: mcp-security-hub

How to run automated reconnaissance with mcp-security-hub

👤 Security professionals conducting authorized assessments ⏱ ~60 min intermediate

何時使用: You need to run multiple recon tools against an authorized target.

前置條件
  • Docker and Docker Compose installed — Install Docker Desktop or Docker Engine
  • Written authorization for the target — Signed penetration testing agreement
步驟
  1. Start recon tools
    Start the nmap-mcp and nuclei-mcp servers. Run port scanning and vulnerability scanning against the authorized target at 192.168.1.100.✓ 已複製
    → Port scan results and vulnerability findings
  2. Deep dive on findings
    Found a web server on port 443. Run FFUF for directory fuzzing and check for common web vulnerabilities with Nuclei.✓ 已複製
    → Directory listing and vulnerability scan results

結果: Comprehensive reconnaissance results from multiple tools.

注意事項
  • Running all 38 servers at once consumes significant resources — Only start the servers you need. Use docker-compose up with specific service names.
搭配使用: filesystem

Analyze a CTF binary with containerized reverse engineering tools

👤 CTF participants working on binary challenges ⏱ ~30 min intermediate

何時使用: You have a binary to reverse engineer and want containerized analysis tools.

前置條件
  • Docker with security-hub cloned — git clone && docker-compose build
步驟
  1. Analyze the binary
    Start the radare2-mcp server. Load the CTF binary and show me the function list, strings, and entry point disassembly.✓ 已複製
    → Binary overview with interesting functions and strings

結果: Binary analysis insights from containerized tools.

注意事項
  • Binary needs host-specific libraries — Mount the binary directory into the container, or use the YARA/Capa servers for static analysis

組合

與其他 MCP 搭配,撬動十倍槓桿

mcp-security-hub + filesystem

Save all security assessment results to organized report files

Run a full recon suite on the target and compile results into a pentest report at ~/reports/assessment.md.✓ 已複製

工具

此 MCP 暴露的能力

工具輸入參數何時呼叫成本
nmap-mcp target, options Network port scanning 0
nuclei-mcp target, templates? Template-based vulnerability scanning 0
sqlmap-mcp url, params? SQL injection testing 0
radare2-mcp binary_path, command Binary reverse engineering 0
trivy-mcp target_image Container and IaC vulnerability scanning 0

成本與限制

運行它的成本

API 配額
N/A — all tools run locally in Docker
每次呼叫 Token 數
300–3000 tokens per tool output
費用
Free — all tools are open source. Shodan/similar may need their own API keys.
提示
Only start servers you need. docker-compose up nmap-mcp nuclei-mcp instead of all 38.

安全

權限、密鑰、影響範圍

憑證儲存: Individual tool API keys (Shodan, etc.) via Docker env vars
資料出站: Scans connect to target IPs. OSINT tools call their respective APIs.

故障排查

常見錯誤與修復

Docker build fails

Ensure Docker is installed and running. Some tools may need updated base images.

驗證: docker --version && docker compose --version
Container can't reach target

Check Docker network settings. Use host networking mode for network scanning tools.

驗證: docker exec <container> ping <target>
Out of disk space

Docker images can be large. Prune unused images: docker system prune

驗證: docker system df

替代方案

mcp-security-hub 對比其他方案

替代方案何時用它替代權衡
hexstrike-aiYou want AI agents that autonomously orchestrate security toolsMore AI intelligence but less Docker isolation
mcp-kali-serverYou want a lightweight bridge to a full Kali installation instead of DockerSimpler setup but less isolation

更多

資源

📖 閱讀 GitHub 上的官方 README

🐙 查看未解決的 issue

🔍 瀏覽全部 400+ MCP 伺服器和 Skills