mcp-recon
8
mcp-recon is a conversational reconnaissance interface and MCP server designed to perform web domain reconnaissance using simple text prompts. It integrates with AI interfaces that support the Model Context Protocol, running as a Docker container for security and portability.
Overview
mcp-recon bridges the gap between natural language and HTTP infrastructure analysis. It exposes reconnaissance tools through the Model Context Protocol (MCP), allowing you to perform web domain reconnaissance via any compatible AI interface, such as Claude Desktop.
Features
- Conversational Commands: Execute reconnaissance through simple text prompts
- MCP Server: Integrates with Claude Desktop or other MCP-compatible tools
- Multiple Analysis Modes: Choose from lite and full reconnaissance levels
- Standalone ASN Lookup: Query IPs, ASNs, or organizations directly
- Docker Ready: Run in an isolated container for security and portability
- Powered by httpx: Utilizes ProjectDiscovery's robust reconnaissance tools
- Bug Workarounds: Automatically handles httpx's stdin/stdout leakage issue
- MCP Prompts: Includes predefined prompts like http_lite_scan and katana_command_generator for streamlined operations
Quick Start Guide
mcp-recon provides three main reconnaissance tools:
- Quick/Lightweight Reconnaissance: Fast, lightweight HTTP fingerprinting that provides essential information with minimal overhead.
- Full Reconnaissance: Comprehensive metadata collection including page previews, headers, certificates, and technology detection.
- ASN Lookup: Standalone lookup of IPs, ASNs, or organization names using ProjectDiscovery's asnmap library.
Known Issues
- httpx Stdin Leak: The httpx library attempts to read stdin even when used as a library.
- ASN Silent Failures: Even when Asn = true, httpx may fail to enrich IPs.
Security Considerations
- Only scan domains you own or have permission to test
- The full_recon mode retrieves complete page content — use judiciously
- Consider rate limiting to avoid impacting target systems