A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
Documentation
ExternalAttacker MCP Server
Model Context Protocol (MCP) Server for External Attack Surface Management
ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.
🔍 Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.
🔍 What is ExternalAttacker?
ExternalAttacker combines the power of:
- Automated Scanning: Comprehensive toolset for external reconnaissance
- Model Context Protocol (MCP): An open protocol for creating custom AI tools
- Natural Language Processing: Convert plain English queries into scanning commands
📱 Community
Join our Telegram channel for updates, tips, and discussion:
- Telegram: https://t.me/root_sec
✨ Features
- Natural Language Interface: Run scans using plain English
- Comprehensive Scanning Categories:
- 🌐 Subdomain Discovery (subfinder)
- 🔢 Port Scanning (naabu)
- 🌍 HTTP Analysis (httpx)
- 🛡️ CDN Detection (cdncheck)
- 🔐 TLS Analysis (tlsx)
- 📁 Directory Fuzzing (ffuf, gobuster)
- 📝 DNS Enumeration (dnsx)
📋 Prerequisites
- Python 3.8 or higher
- Go (for installing tools)
- MCP Client
🔧 Installation
1. Clone this repository:
git clone https://github.com/mordavid/ExternalAttacker-MCP.git
cd ExternalAttacker2. Install Python dependencies:
pip install -r requirements.txt3. Install required Go tools:
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest
go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
go install -v github.com/ffuf/ffuf@latest
go install github.com/OJ/gobuster/v3@latest
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest4. Run ExternalAttacker-App.py
python ExternalAttacker-App.py
# Access http://localhost:69915. Configure the MCP Server
"mcpServers": {
"ExternalAttacker-MCP": {
"command": "python",
"args": [
"\\ExternalAttacker-MCP.py"
]
}
}🚀 Usage
Example queries you can ask through the MCP:
- "Scan example.com for subdomains"
- "Check open ports on 192.168.1.1"
- "Analyze HTTP services on test.com"
- "Check if domain.com uses a CDN"
- "Analyze SSL configuration of site.com"
- "Fuzz endpoints on target.com"
📜 License
MIT License
🙏 Acknowledgments
- The ProjectDiscovery team for their excellent security tools
- The MCP community for advancing AI-powered tooling
---
_Note: This is a security tool. Please use responsibly and only on systems you have permission to test._
Similar MCP
Based on tags & features
Trending MCP
Most active this week