mcp_nuclei_server

mcp_nuclei_server

9
security

The MCP Nuclei Server is a security scanning service based on the Model Control Protocol (MCP). It integrates Nuclei scanning capabilities with large language models and supports flexible configuration options. The project focuses on providing comprehensive and customizable security assessments.

MCP Nuclei Server

Python Version Stars

A Nuclei security scanning server based on MCP (Model Control Protocol), providing convenient vulnerability scanning services.

Project Introduction

MCP Nuclei Server is a Nuclei security scanning service developed based on the MCP protocol. It allows large language models to execute Nuclei security scans, supporting various scanning options and result output formats.

Key Features:

  • Support for Nuclei security scanning
  • Configurable template and tag filtering
  • Support for severity-based vulnerability filtering
  • JSON format output results
  • Easy-to-integrate MCP service

Installation Guide

Prerequisites

  • Python 3.8 or higher
  • Nuclei binary (installed and configured)

Installation Steps

  1. Clone the repository:
git clone https://github.com/crazyMarky/mcp_nuclei_server.git
cd mcp_nuclei_server
  1. Install UV and activate environment:
curl -LsSf https://astral.sh/uv/install.sh | sh # Linux/Mac
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"  # Windows
  1. Install dependencies:
# Create and activate virtual environment
uv venv
source .venv/bin/activate
# Install mcp related packages
uv pip install mcp

Usage Guide

MCP Configuration (Example for CLINE)

  1. Reference MCP JSON configuration:
{
  "mcpServers": {
    "nuclei_mcp_server": {
      "command": "/path/to/uv", # path to uv
      "args": [
        "--directory",
        "/path/to/nuclei_mcp_server/",
        "run",
        "main.py"
      ],
      "env": {
        "NUCLEI_BIN_PATH": "/path/to/nuclei"
      }
    }
  }
}

Usage Example

Example

Parameter Description

  • target: Target URL or IP address
  • templates: List of specific templates to use (optional)
  • severity: Vulnerability severity filter (critical, high, medium, low, info)
  • template_tags: Template tag filter (optional)
  • output_format: Output format (default: "json")

Output Format

Scan results are returned in JSON format with the following fields:

{
    "success": true,
    "target": "https://example.com",
    "time_cost_seconds": 10.5,
    "results": [
        {
            "template": "template-name",
            "severity": "high",
            "matched_at": "https://example.com/path",
            "info": {
                "name": "Vulnerability Name",
                "description": "Vulnerability Description"
            }
        }
    ]
}

Contributing

Issues and Pull Requests are welcome!

  1. Fork the project
  2. Create your feature branch (git checkout -b feature/AmazingFeature)
  3. Commit your changes (git commit -m 'Add some AmazingFeature')
  4. Push to the branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

This project is licensed under the MIT License - see the file for details

Contact

For any questions or suggestions, please contact us through:

  • Submit an Issue