Back to Details

mcp-security-hub

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

mcp-security-hub

mcp-security-hub

Skill by ara.so — Security Skills collection.
ara.so提供的Skill — 安全技能集合。

Overview

概述

mcp-security-hub
is a production-ready collection of 38 Dockerized MCP (Model Context Protocol) servers that expose 300+ offensive security tools to AI assistants like Claude. It enables natural language security assessments, vulnerability scanning, binary analysis, and penetration testing workflows.
Key capabilities:
  • 8 reconnaissance servers (Nmap, Shodan, ProjectDiscovery tools, WhatWeb, Masscan, ZoomEye)
  • 6 web security servers (Nuclei, SQLMap, Nikto, ffuf, Burp Suite)
  • 6 binary analysis servers (radare2, Ghidra, Binwalk, YARA, Capa, IDA Pro)
  • 3 blockchain security servers (DAML Viewer, Medusa, Solazy)
  • 3 cloud security servers (Trivy, Prowler, RoadRecon)
  • Plus: secrets detection, fuzzing, OSINT, threat intelligence, Active Directory, password cracking
mcp-security-hub
是一套可用于生产环境的38个容器化MCP(Model Context Protocol)服务器集合,可为Claude等AI助手开放300余种攻防安全工具。它支持自然语言驱动的安全评估、漏洞扫描、二进制分析以及渗透测试工作流。
核心功能:
  • 8个侦察类服务器(Nmap、Shodan、ProjectDiscovery工具、WhatWeb、Masscan、ZoomEye)
  • 6个Web安全类服务器(Nuclei、SQLMap、Nikto、ffuf、Burp Suite)
  • 6个二进制分析类服务器(radare2、Ghidra、Binwalk、YARA、Capa、IDA Pro)
  • 3个区块链安全类服务器(DAML Viewer、Medusa、Solazy)
  • 3个云安全类服务器(Trivy、Prowler、RoadRecon)
  • 额外支持:密钥检测、模糊测试、开源情报(OSINT)、威胁情报、Active Directory、密码破解

Installation

安装

Prerequisites

前置条件

  • Docker 20.10+
  • Docker Compose 2.0+
  • Claude Desktop or MCP-compatible client
  • Docker 20.10+
  • Docker Compose 2.0+
  • Claude Desktop或兼容MCP的客户端

Clone and Build

克隆与构建

bash
git clone https://github.com/FuzzingLabs/mcp-security-hub.git
cd mcp-security-hub
bash
git clone https://github.com/FuzzingLabs/mcp-security-hub.git
cd mcp-security-hub

Build all MCP servers

Build all MCP servers

docker-compose build
docker-compose build

Or build specific servers

Or build specific servers

docker-compose build nmap-mcp nuclei-mcp gitleaks-mcp
undefined
docker-compose build nmap-mcp nuclei-mcp gitleaks-mcp
undefined

Verify Installation

验证安装

bash
undefined
bash
undefined

Check built images

Check built images

docker images | grep mcp
docker images | grep mcp

Start specific servers

Start specific servers

docker-compose up nmap-mcp nuclei-mcp -d
docker-compose up nmap-mcp nuclei-mcp -d

Verify health

Verify health

docker-compose ps
undefined
docker-compose ps
undefined

Configuration

配置

Claude Desktop Integration

Claude Desktop集成

macOS: 
~/Library/Application Support/Claude/claude_desktop_config.json

Windows: 
%APPDATA%\Claude\claude_desktop_config.json
json
{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    },
    "gitleaks": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "${HOME}/repos:/app/target:ro",
        "gitleaks-mcp:latest"
      ]
    },
    "radare2": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "${HOME}/binaries:/samples:ro",
        "radare2-mcp:latest"
      ]
    },
    "sqlmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "sqlmap-mcp:latest"]
    },
    "trivy": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "/var/run/docker.sock:/var/run/docker.sock:ro",
        "trivy-mcp:latest"
      ]
    }
  }
}
macOS: 
~/Library/Application Support/Claude/claude_desktop_config.json

Windows: 
%APPDATA%\Claude\claude_desktop_config.json
json
{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    },
    "gitleaks": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "${HOME}/repos:/app/target:ro",
        "gitleaks-mcp:latest"
      ]
    },
    "radare2": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "${HOME}/binaries:/samples:ro",
        "radare2-mcp:latest"
      ]
    },
    "sqlmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "sqlmap-mcp:latest"]
    },
    "trivy": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "/var/run/docker.sock:/var/run/docker.sock:ro",
        "trivy-mcp:latest"
      ]
    }
  }
}

Project-Level Configuration

项目级配置

Create 
.mcp.json
in your project root:
json
{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    }
  }
}
在项目根目录创建
.mcp.json
文件:
json
{
  "mcpServers": {
    "nmap": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--cap-add=NET_RAW", "nmap-mcp:latest"]
    },
    "nuclei": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "nuclei-mcp:latest"]
    }
  }
}

Environment Variables

环境变量

Many MCP servers require API keys for external services:
bash
undefined
许多MCP服务器需要外部服务的API密钥:
bash
undefined

Shodan

Shodan

export SHODAN_API_KEY=your_key_here
export SHODAN_API_KEY=your_key_here

VirusTotal

VirusTotal

export VT_API_KEY=your_key_here
export VT_API_KEY=your_key_here

ZoomEye

ZoomEye

export ZOOMEYE_API_KEY=your_key_here
export ZOOMEYE_API_KEY=your_key_here

Burp Suite

Burp Suite

export BURP_API_KEY=your_key_here

Pass environment variables to Docker containers:

```json
{
  "mcpServers": {
    "shodan": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "SHODAN_API_KEY=${SHODAN_API_KEY}",
        "shodan-mcp:latest"
      ]
    }
  }
}
export BURP_API_KEY=your_key_here

将环境变量传递给Docker容器:

```json
{
  "mcpServers": {
    "shodan": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "SHODAN_API_KEY=${SHODAN_API_KEY}",
        "shodan-mcp:latest"
      ]
    }
  }
}

Key MCP Servers

核心MCP服务器

Nmap MCP (Network Scanning)

Nmap MCP(网络扫描)

Available tools (8):
  • scan_hosts
    - Basic host discovery
  • scan_ports
    - Port scanning with service detection
  • scan_os
    - OS fingerprinting
  • scan_vuln
    - Vulnerability scanning with NSE scripts
  • scan_custom
    - Custom nmap command execution
  • list_nse_scripts
    - List available NSE scripts
  • get_nse_script_info
    - Get NSE script details
  • scan_with_script
    - Run specific NSE script
Example prompts:
  • "Scan 192.168.1.0/24 for open ports"
  • "Perform OS detection on 10.0.0.1"
  • "Run vulnerability scan on example.com"
可用工具(8种):
  • scan_hosts
    - 基础主机发现
  • scan_ports
    - 带服务探测的端口扫描
  • scan_os
    - 操作系统指纹识别
  • scan_vuln
    - 使用NSE脚本的漏洞扫描
  • scan_custom
    - 自定义nmap命令执行
  • list_nse_scripts
    - 列出可用NSE脚本
  • get_nse_script_info
    - 获取NSE脚本详情
  • scan_with_script
    - 运行指定NSE脚本
示例提示:
  • "扫描192.168.1.0/24网段的开放端口"
  • "对10.0.0.1进行操作系统探测"
  • "对example.com进行漏洞扫描"

Nuclei MCP (Vulnerability Scanning)

Nuclei MCP(漏洞扫描)

Available tools (7):
  • scan_target
    - Scan with default templates
  • scan_with_severity
    - Filter by severity (critical, high, medium, low)
  • scan_with_tags
    - Use specific tags (cve, exposure, xss, sqli)
  • scan_with_templates
    - Use custom template paths
  • list_templates
    - Show available templates
  • update_templates
    - Update template database
  • scan_multiple_targets
    - Bulk scanning
Example prompts:
  • "Scan https://example.com for critical vulnerabilities"
  • "Check example.com for CVEs using nuclei"
  • "Run nuclei with exposure and misconfiguration templates"
可用工具(7种):
  • scan_target
    - 使用默认模板扫描
  • scan_with_severity
    - 按风险等级过滤(critical、high、medium、low)
  • scan_with_tags
    - 使用指定标签(cve、exposure、xss、sqli)
  • scan_with_templates
    - 使用自定义模板路径
  • list_templates
    - 显示可用模板
  • update_templates
    - 更新模板数据库
  • scan_multiple_targets
    - 批量扫描
示例提示:

Gitleaks MCP (Secrets Detection)

Gitleaks MCP(密钥检测)

Available tools (5):
  • scan_repo
    - Scan git repository
  • scan_file
    - Scan individual file
  • scan_directory
    - Scan directory tree
  • generate_baseline
    - Create baseline for false positives
  • scan_commits
    - Scan specific commit range
Example prompts:
  • "Scan /app/target/myrepo for secrets"
  • "Check this project for exposed API keys"
  • "Find credentials in the last 10 commits"
Volume mounting required:
json
{
  "gitleaks": {
    "command": "docker",
    "args": [
      "run", "-i", "--rm",
      "-v", "/path/to/repos:/app/target:ro",
      "gitleaks-mcp:latest"
    ]
  }
}
可用工具(5种):
  • scan_repo
    - 扫描Git仓库
  • scan_file
    - 扫描单个文件
  • scan_directory
    - 扫描目录树
  • generate_baseline
    - 创建误报基准
  • scan_commits
    - 扫描指定提交范围
示例提示:
  • "扫描/app/target/myrepo中的密钥"
  • "检查此项目中是否有暴露的API密钥"
  • "查找最近10次提交中的凭据"
需要挂载卷:
json
{
  "gitleaks": {
    "command": "docker",
    "args": [
      "run", "-i", "--rm",
      "-v", "/path/to/repos:/app/target:ro",
      "gitleaks-mcp:latest"
    ]
  }
}

Radare2 MCP (Binary Analysis)

Radare2 MCP(二进制分析)

Available tools (32+):
  • analyze_binary
    - Load and analyze binary
  • disassemble
    - Disassemble functions
  • decompile
    - Decompile to C-like code
  • list_functions
    - Show all functions
  • find_strings
    - Extract strings
  • find_imports
    - List imported functions
  • find_exports
    - List exported functions
  • search_bytes
    - Search byte patterns
  • analyze_entropy
    - Detect packed sections
Example prompts:
  • "Analyze /samples/malware.exe for suspicious functions"
  • "Decompile main function in this binary"
  • "Find strings in /samples/firmware.bin"
Volume mounting required:
json
{
  "radare2": {
    "command": "docker",
    "args": [
      "run", "-i", "--rm",
      "-v", "/path/to/binaries:/samples:ro",
      "radare2-mcp:latest"
    ]
  }
}
可用工具(32+种):
  • analyze_binary
    - 加载并分析二进制文件
  • disassemble
    - 反汇编函数
  • decompile
    - 反编译为类C代码
  • list_functions
    - 显示所有函数
  • find_strings
    - 提取字符串
  • find_imports
    - 列出导入函数
  • find_exports
    - 列出导出函数
  • search_bytes
    - 搜索字节模式
  • analyze_entropy
    - 检测加壳段
示例提示:
  • "分析/samples/malware.exe中的可疑函数"
  • "反编译此二进制文件中的main函数"
  • "在/samples/firmware.bin中查找字符串"
需要挂载卷:
json
{
  "radare2": {
    "command": "docker",
    "args": [
      "run", "-i", "--rm",
      "-v", "/path/to/binaries:/samples:ro",
      "radare2-mcp:latest"
    ]
  }
}

SQLMap MCP (SQL Injection)

SQLMap MCP(SQL注入)

Available tools (8):
  • test_url
    - Test URL for SQL injection
  • dump_database
    - Extract database contents
  • dump_table
    - Extract specific table
  • list_databases
    - Enumerate databases
  • list_tables
    - Enumerate tables
  • get_dbs
    - Get database names
  • get_current_user
    - Get DB user
  • test_forms
    - Test web forms for SQLi
Example prompts:
可用工具(8种):
  • test_url
    - 测试URL是否存在SQL注入
  • dump_database
    - 提取数据库内容
  • dump_table
    - 提取指定表
  • list_databases
    - 枚举数据库
  • list_tables
    - 枚举表
  • get_dbs
    - 获取数据库名称
  • get_current_user
    - 获取数据库用户
  • test_forms
    - 测试Web表单是否存在SQL注入
示例提示:

Trivy MCP (Container Security)

Trivy MCP(容器安全)

Available tools (7):
  • scan_image
    - Scan Docker image
  • scan_filesystem
    - Scan local filesystem
  • scan_config
    - Scan IaC files (Terraform, K8s)
  • scan_repo
    - Scan git repository
  • list_vulnerabilities
    - Show known CVEs
  • get_sbom
    - Generate SBOM
  • scan_kubernetes
    - Scan K8s cluster
Example prompts:
  • "Scan nginx:latest for vulnerabilities"
  • "Check this Dockerfile for security issues"
  • "Generate SBOM for python:3.11 image"
可用工具(7种):
  • scan_image
    - 扫描Docker镜像
  • scan_filesystem
    - 扫描本地文件系统
  • scan_config
    - 扫描IaC文件(Terraform、K8s)
  • scan_repo
    - 扫描Git仓库
  • list_vulnerabilities
    - 显示已知CVE漏洞
  • get_sbom
    - 生成软件物料清单(SBOM)
  • scan_kubernetes
    - 扫描K8s集群
示例提示:
  • "扫描nginx:latest镜像的漏洞"
  • "检查此Dockerfile的安全问题"
  • "为python:3.11镜像生成SBOM"

Common Workflows

常见工作流

Network Reconnaissance Workflow

网络侦察工作流

bash
undefined
bash
undefined

1. Build reconnaissance servers

1. Build reconnaissance servers

docker-compose build nmap-mcp whatweb-mcp masscan-mcp
docker-compose build nmap-mcp whatweb-mcp masscan-mcp

2. Start services

2. Start services

docker-compose up nmap-mcp whatweb-mcp -d
docker-compose up nmap-mcp whatweb-mcp -d

3. Use in Claude

3. Use in Claude

"Scan 10.0.0.0/24 for web servers, then fingerprint each one"

"Scan 10.0.0.0/24 for web servers, then fingerprint each one"

undefined
undefined

Web Application Security Assessment

Web应用安全评估

bash
undefined
bash
undefined

Build web security stack

Build web security stack

docker-compose build nuclei-mcp sqlmap-mcp ffuf-mcp
docker-compose build nuclei-mcp sqlmap-mcp ffuf-mcp

Start services

Start services

docker-compose up nuclei-mcp sqlmap-mcp ffuf-mcp -d
docker-compose up nuclei-mcp sqlmap-mcp ffuf-mcp -d

In Claude:

In Claude:

"Scan example.com with nuclei, test any forms for SQL injection,

"Scan example.com with nuclei, test any forms for SQL injection,

and fuzz for hidden directories"

and fuzz for hidden directories"

undefined
undefined

Binary Analysis Pipeline

二进制分析流程

bash
undefined
bash
undefined

Build binary analysis tools

Build binary analysis tools

docker-compose build radare2-mcp binwalk-mcp yara-mcp capa-mcp
docker-compose build radare2-mcp binwalk-mcp yara-mcp capa-mcp

Mount binaries directory

Mount binaries directory

docker-compose up radare2-mcp binwalk-mcp yara-mcp capa-mcp -d
docker-compose up radare2-mcp binwalk-mcp yara-mcp capa-mcp -d

In Claude:

In Claude:

"Analyze /samples/suspicious.exe - extract filesystem if packed,

"Analyze /samples/suspicious.exe - extract filesystem if packed,

scan for malware patterns, and identify capabilities"

scan for malware patterns, and identify capabilities"

undefined
undefined

Secrets Scanning in CI/CD

CI/CD中的密钥扫描

bash
undefined
bash
undefined

Build gitleaks

Build gitleaks

docker-compose build gitleaks-mcp
docker-compose build gitleaks-mcp

Run as one-off scan

Run as one-off scan

docker run -i --rm
-v "$(pwd):/app/target:ro"
gitleaks-mcp:latest <<EOF { "jsonrpc": "2.0", "method": "tools/call", "params": { "name": "scan_directory", "arguments": { "path": "/app/target" } }, "id": 1 } EOF
undefined
docker run -i --rm
-v "$(pwd):/app/target:ro"
gitleaks-mcp:latest <<EOF { "jsonrpc": "2.0", "method": "tools/call", "params": { "name": "scan_directory", "arguments": { "path": "/app/target" } }, "id": 1 } EOF
undefined

Cloud Security Audit

云安全审计

bash
undefined
bash
undefined

Build cloud security tools

Build cloud security tools

docker-compose build trivy-mcp prowler-mcp
docker-compose build trivy-mcp prowler-mcp

Mount Docker socket for Trivy

Mount Docker socket for Trivy

docker-compose up trivy-mcp prowler-mcp -d
docker-compose up trivy-mcp prowler-mcp -d

In Claude:

In Claude:

"Scan all running containers for CVEs, then audit AWS account

"Scan all running containers for CVEs, then audit AWS account

for security misconfigurations"

for security misconfigurations"

undefined
undefined

Docker Compose Orchestration

Docker Compose编排

Start All Services

启动所有服务

bash
docker-compose up -d
bash
docker-compose up -d

Start Specific Category

启动指定类别服务

bash
undefined
bash
undefined

Reconnaissance only

Reconnaissance only

docker-compose up nmap-mcp whatweb-mcp masscan-mcp -d
docker-compose up nmap-mcp whatweb-mcp masscan-mcp -d

Web security only

Web security only

docker-compose up nuclei-mcp sqlmap-mcp ffuf-mcp -d
undefined
docker-compose up nuclei-mcp sqlmap-mcp ffuf-mcp -d
undefined

Resource Limits

资源限制

Edit 
docker-compose.yml
to adjust resource constraints:
yaml
services:
  nmap-mcp:
    image: nmap-mcp:latest
    deploy:
      resources:
        limits:
          cpus: '2.0'
          memory: 1G
        reservations:
          cpus: '0.5'
          memory: 256M
编辑
docker-compose.yml
调整资源约束:
yaml
services:
  nmap-mcp:
    image: nmap-mcp:latest
    deploy:
      resources:
        limits:
          cpus: '2.0'
          memory: 1G
        reservations:
          cpus: '0.5'
          memory: 256M

Health Monitoring

健康监控

bash
undefined
bash
undefined

Check health status

Check health status

docker-compose ps
docker-compose ps

View logs

View logs

docker-compose logs -f nmap-mcp
docker-compose logs -f nmap-mcp

Restart unhealthy services

Restart unhealthy services

docker-compose restart nmap-mcp
undefined
docker-compose restart nmap-mcp
undefined

Development

开发

Building Individual Servers

构建单个服务器

bash
cd reconnaissance/nmap-mcp
docker build -t nmap-mcp:latest .
bash
cd reconnaissance/nmap-mcp
docker build -t nmap-mcp:latest .

Testing MCP Server

测试MCP服务器

bash
undefined
bash
undefined

Run interactive test

Run interactive test

docker run -it --rm nmap-mcp:latest
docker run -it --rm nmap-mcp:latest

Send JSON-RPC request

Send JSON-RPC request

echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' |
docker run -i --rm nmap-mcp:latest
undefined
echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' |
docker run -i --rm nmap-mcp:latest
undefined

Adding Custom MCP Server

添加自定义MCP服务器

bash
mkdir -p custom-category/mytool-mcp
cd custom-category/mytool-mcp
bash
mkdir -p custom-category/mytool-mcp
cd custom-category/mytool-mcp

Create Dockerfile

Create Dockerfile

cat > Dockerfile <<'EOF' FROM python:3.11-slim RUN useradd -m -u 1000 mcpuser RUN pip install mcp mytool USER mcpuser WORKDIR /app COPY server.py . CMD ["python", "server.py"] EOF
cat > Dockerfile <<'EOF' FROM python:3.11-slim RUN useradd -m -u 1000 mcpuser RUN pip install mcp mytool USER mcpuser WORKDIR /app COPY server.py . CMD ["python", "server.py"] EOF

Create server.py with MCP protocol implementation

Create server.py with MCP protocol implementation

Add to docker-compose.yml

Add to docker-compose.yml

undefined
undefined

Security Hardening

安全加固

All MCP servers follow security best practices:
dockerfile
undefined
所有MCP服务器遵循安全最佳实践:
dockerfile
undefined

Example hardened Dockerfile pattern

Example hardened Dockerfile pattern

FROM alpine:3.19 RUN adduser -D -u 1000 mcpuser RUN apk add --no-cache tool-name USER mcpuser WORKDIR /app
FROM alpine:3.19 RUN adduser -D -u 1000 mcpuser RUN apk add --no-cache tool-name USER mcpuser WORKDIR /app

Drop all capabilities by default

Drop all capabilities by default

Add only required capabilities in docker-compose.yml

Add only required capabilities in docker-compose.yml

undefined
undefined

Required Capabilities

所需权限

Some tools need specific Linux capabilities:
yaml
nmap-mcp:
  cap_drop:
    - ALL
  cap_add:
    - NET_RAW  # Required for SYN scanning

trivy-mcp:
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro  # Docker scanning
部分工具需要特定Linux权限:
yaml
nmap-mcp:
  cap_drop:
    - ALL
  cap_add:
    - NET_RAW  # Required for SYN scanning

trivy-mcp:
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro  # Docker scanning

Read-Only Mounts

只读挂载

Always mount target directories read-only:
yaml
gitleaks-mcp:
  volumes:
    - ./repos:/app/target:ro  # Read-only prevents modification
始终以只读方式挂载目标目录:
yaml
gitleaks-mcp:
  volumes:
    - ./repos:/app/target:ro  # Read-only prevents modification

Troubleshooting

故障排除

MCP Server Not Responding

MCP服务器无响应

bash
undefined
bash
undefined

Check if container is running

Check if container is running

docker ps | grep mcp
docker ps | grep mcp

View logs

View logs

docker logs nmap-mcp
docker logs nmap-mcp

Restart service

Restart service

docker-compose restart nmap-mcp
docker-compose restart nmap-mcp

Test JSON-RPC directly

Test JSON-RPC directly

echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' |
docker run -i --rm nmap-mcp:latest
undefined
echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' |
docker run -i --rm nmap-mcp:latest
undefined

Permission Denied Errors

权限拒绝错误

bash
undefined
bash
undefined

Nmap requires NET_RAW capability

Nmap requires NET_RAW capability

Add to docker-compose.yml:

Add to docker-compose.yml:

cap_add:
  • NET_RAW
cap_add:
  • NET_RAW

Or run with --cap-add

Or run with --cap-add

docker run --cap-add=NET_RAW nmap-mcp:latest
undefined
docker run --cap-add=NET_RAW nmap-mcp:latest
undefined

Volume Mount Issues

卷挂载问题

bash
undefined
bash
undefined

Ensure absolute paths

Ensure absolute paths

docker run -v /absolute/path:/app/target:ro gitleaks-mcp
docker run -v /absolute/path:/app/target:ro gitleaks-mcp

Check permissions (container runs as UID 1000)

Check permissions (container runs as UID 1000)

chown -R 1000:1000 /path/to/repos
chown -R 1000:1000 /path/to/repos

Verify mount inside container

Verify mount inside container

docker run -it --rm -v $(pwd):/app/target:ro gitleaks-mcp sh ls -la /app/target
undefined
docker run -it --rm -v $(pwd):/app/target:ro gitleaks-mcp sh ls -la /app/target
undefined

Claude Desktop Not Finding MCP Servers

Claude Desktop无法找到MCP服务器

bash
undefined
bash
undefined

Verify config location

Verify config location

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

Windows: %APPDATA%\Claude\claude_desktop_config.json

Windows: %APPDATA%\Claude\claude_desktop_config.json

Check JSON syntax

Check JSON syntax

cat ~/Library/Application\ Support/Claude/claude_desktop_config.json | jq .
cat ~/Library/Application\ Support/Claude/claude_desktop_config.json | jq .

Restart Claude Desktop after config changes

Restart Claude Desktop after config changes

Verify image exists

Verify image exists

docker images | grep nmap-mcp
undefined
docker images | grep nmap-mcp
undefined

API Key Authentication Failures

API密钥认证失败

bash
undefined
bash
undefined

Verify environment variable is set

Verify environment variable is set

echo $SHODAN_API_KEY
echo $SHODAN_API_KEY

Pass to Docker container

Pass to Docker container

docker run -e SHODAN_API_KEY=$SHODAN_API_KEY shodan-mcp
docker run -e SHODAN_API_KEY=$SHODAN_API_KEY shodan-mcp

For Claude Desktop, use full env var syntax

For Claude Desktop, use full env var syntax

{ "command": "docker", "args": ["-e", "SHODAN_API_KEY=${SHODAN_API_KEY}", ...] }
undefined
{ "command": "docker", "args": ["-e", "SHODAN_API_KEY=${SHODAN_API_KEY}", ...] }
undefined

Network Connectivity Issues

网络连接问题

bash
undefined
bash
undefined

Some tools need host network access

Some tools need host network access

docker run --network host nmap-mcp
docker run --network host nmap-mcp

Or create custom network

Or create custom network

docker network create security-net docker run --network security-net nmap-mcp
undefined
docker network create security-net docker run --network security-net nmap-mcp
undefined

Container Build Failures

容器构建失败

bash
undefined
bash
undefined

Clear Docker build cache

Clear Docker build cache

docker builder prune -a
docker builder prune -a

Rebuild with no cache

Rebuild with no cache

docker-compose build --no-cache nmap-mcp
docker-compose build --no-cache nmap-mcp

Check base image availability

Check base image availability

docker pull alpine:3.19 docker pull python:3.11-slim
undefined
docker pull alpine:3.19 docker pull python:3.11-slim
undefined

Advanced Usage

高级用法

Custom Nuclei Templates

自定义Nuclei模板

bash
undefined
bash
undefined

Mount custom template directory

Mount custom template directory

docker run -i --rm
-v $(pwd)/custom-templates:/nuclei-templates:ro
nuclei-mcp:latest
docker run -i --rm
-v $(pwd)/custom-templates:/nuclei-templates:ro
nuclei-mcp:latest

In Claude: "Use custom nuclei templates from /nuclei-templates"

In Claude: "Use custom nuclei templates from /nuclei-templates"

undefined
undefined

Multi-Stage Binary Analysis

多阶段二进制分析

bash
undefined
bash
undefined

1. Extract firmware

1. Extract firmware

docker run -v $(pwd)/firmware:/samples:ro binwalk-mcp
docker run -v $(pwd)/firmware:/samples:ro binwalk-mcp

2. Scan extracted files

2. Scan extracted files

docker run -v $(pwd)/firmware/_extracted:/samples:ro yara-mcp
docker run -v $(pwd)/firmware/_extracted:/samples:ro yara-mcp

3. Analyze suspicious binaries

3. Analyze suspicious binaries

docker run -v $(pwd)/firmware/_extracted:/samples:ro radare2-mcp
undefined
docker run -v $(pwd)/firmware/_extracted:/samples:ro radare2-mcp
undefined

Automated Scanning Pipeline

自动化扫描流程

bash
#!/bin/bash
bash
#!/bin/bash

scan-pipeline.sh

scan-pipeline.sh

TARGET=$1
TARGET=$1

Network scan

Network scan

docker run --rm --cap-add=NET_RAW nmap-mcp
-A $TARGET > nmap-results.txt
docker run --rm --cap-add=NET_RAW nmap-mcp
-A $TARGET > nmap-results.txt

Web fingerprinting

Web fingerprinting

docker run --rm whatweb-mcp $TARGET > whatweb-results.txt
docker run --rm whatweb-mcp $TARGET > whatweb-results.txt

Vulnerability scan

Vulnerability scan

docker run --rm nuclei-mcp -u $TARGET -severity high,critical \
nuclei-results.txt
undefined
docker run --rm nuclei-mcp -u $TARGET -severity high,critical \
nuclei-results.txt
undefined

Integration with Existing Tools

与现有工具集成

bash
undefined
bash
undefined

Export Trivy results to JSON

Export Trivy results to JSON

docker run --rm -v /var/run/docker.sock:/var/run/docker.sock
trivy-mcp image nginx:latest -f json > trivy-report.json
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock
trivy-mcp image nginx:latest -f json > trivy-report.json

Parse and filter with jq

Parse and filter with jq

cat trivy-report.json | jq '.Results[] | select(.Vulnerabilities)'
undefined
cat trivy-report.json | jq '.Results[] | select(.Vulnerabilities)'
undefined

References

参考资料