Submit: operant-mcp — Security testing MCP server with 51 tools #197
Description
Tool Submission: operant-mcp
Name: operant-mcp
URL: https://github.com/operantlabs/operant-mcp
Category: Developer Tools / Security / MCP Server
Pricing: Free (MIT License)
What is operant-mcp?
A security testing MCP (Model Context Protocol) server that provides 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment. It enables AI-powered security testing workflows directly from any MCP-compatible client like Claude, Cursor, or Windsurf.
Available Tools (51 total)
Penetration Testing:
- SQL injection (login bypass, union extraction, blind boolean/time-based, file read)
- XSS (reflected testing, payload generation)
- SSRF (cloud metadata, general testing)
- CSRF extraction
- Command injection (blind detection, direct testing)
- Path traversal testing
- File upload testing
- Deserialization testing
- IDOR testing
- CORS misconfiguration testing
- Clickjacking testing
Network Forensics:
- PCAP overview and analysis
- DNS analysis
- TLS analysis
- Credential extraction from captures
- HTTP object extraction
- Stream following
- LLMNR/NTLM analysis
- Scan detection
Memory Analysis:
- Rootkit detection
- Volatility analysis (Windows and Linux)
Reconnaissance:
- Quick recon scans
- DNS enumeration
- Directory brute force
- S3 bucket discovery
- Git secrets scanning
- TLS SAN extraction
- Virtual host discovery
Cloud Security:
- CloudTrail analysis and anomaly detection
- Cloud metadata SSRF testing
Why it's relevant to developers
Security testing is a critical part of the development lifecycle. operant-mcp brings 51 security tools into the AI-assisted development workflow via MCP, letting developers test for vulnerabilities directly from their AI coding assistant.
Links
- GitHub: https://github.com/operantlabs/operant-mcp
- npm: https://www.npmjs.com/package/operant-mcp
- Install:
npx operant-mcp
Tech Stack
TypeScript, Node.js, Model Context Protocol (MCP)
Happy to provide any additional info needed.