PY

ExternalAttacker-MCP

by MorDavid/ExternalAttacker-MCP

0 views

A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.

automationpythonSecurity & Privacy

ExternalAttacker MCP Server

ExternalAttacker-MCP

Model Context Protocol (MCP) Server for External Attack Surface Management

ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.

๐Ÿ” Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.

๐Ÿ” What is ExternalAttacker?

ExternalAttacker combines the power of:

  • Automated Scanning: Comprehensive toolset for external reconnaissance
  • Model Context Protocol (MCP): An open protocol for creating custom AI tools
  • Natural Language Processing: Convert plain English queries into scanning commands

๐Ÿ“ฑ Community

Join our Telegram channel for updates, tips, and discussion:

โœจ Features

  • Natural Language Interface: Run scans using plain English
  • Comprehensive Scanning Categories:
    • ๐ŸŒ Subdomain Discovery (subfinder)
    • ๐Ÿ”ข Port Scanning (naabu)
    • ๐ŸŒ HTTP Analysis (httpx)
    • ๐Ÿ›ก๏ธ CDN Detection (cdncheck)
    • ๐Ÿ” TLS Analysis (tlsx)
    • ๐Ÿ“ Directory Fuzzing (ffuf, gobuster)
    • ๐Ÿ“ DNS Enumeration (dnsx)

๐Ÿ“‹ Prerequisites

  • Python 3.8 or higher
  • Go (for installing tools)
  • MCP Client

๐Ÿ”ง Installation

  1. Clone this repository:

    git clone https://github.com/mordavid/ExternalAttacker-MCP.git
cd ExternalAttacker

  2. Install Python dependencies:

    pip install -r requirements.txt

  3. Install required Go tools:

    go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest
go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
go install -v github.com/ffuf/ffuf@latest
go install github.com/OJ/gobuster/v3@latest
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest

  4. Run ExternalAttacker-App.py

    python ExternalAttacker-App.py
# Access http://localhost:6991

  5. Configure the MCP Server

    "mcpServers": {
    "ExternalAttacker-MCP": {
        "command": "python",
        "args": [
            "<Your_Path>\\ExternalAttacker-MCP.py"
        ]
    }
}

๐Ÿš€ Usage

Example queries you can ask through the MCP:

  • "Scan example.com for subdomains"
  • "Check open ports on 192.168.1.1"
  • "Analyze HTTP services on test.com"
  • "Check if domain.com uses a CDN"
  • "Analyze SSL configuration of site.com"
  • "Fuzz endpoints on target.com"

๐Ÿ“œ License

MIT License

๐Ÿ™ Acknowledgments

  • The ProjectDiscovery team for their excellent security tools
  • The MCP community for advancing AI-powered tooling

Note: This is a security tool. Please use responsibly and only on systems you have permission to test.

Install

{
  "mcpServers": {
    "externalattacker-mcp": {
      "command": "python",
      "args": [
        "<Your_Path>\\ExternalAttacker-MCP.py"
      ]
    }
  }
}
For more configuration details, refer to the content on the left

Related

Related projects feature coming soon

Will recommend related projects based on sub-categories