Your connection was interrupted

By Cyreslab-AI GitHub

Overview

What is Nessus MCP Server?

Nessus MCP Server is a Model Context Protocol (MCP) server designed for interacting with the Tenable Nessus vulnerability scanner, enabling AI assistants to perform vulnerability scanning and analysis through the MCP protocol.

How to use Nessus MCP Server?

To use the Nessus MCP Server, clone the repository, install the dependencies, and run the server either in mock mode or with a real Nessus API by setting the necessary environment variables.

Key features of Nessus MCP Server?

  • Vulnerability Scanning: Start and monitor scans against specified targets.
  • Scan Management: List, track, and retrieve results from scans.
  • Vulnerability Analysis: Get detailed information about specific vulnerabilities.
  • Mock Mode: Test functionality without a Nessus API key.

Use cases of Nessus MCP Server?

  1. Conducting vulnerability assessments on network devices.
  2. Integrating with AI tools for automated security analysis.
  3. Testing and validating security configurations in a controlled environment.

FAQ from Nessus MCP Server?

  • Can I use Nessus MCP Server without a Nessus API key?

Yes! The server can run in mock mode without requiring an API key.

  • What programming language is used for this project?

The project is developed in TypeScript.

  • Is there a license for this project?

Yes, it is licensed under the MIT License.

Content

Nessus MCP Server

A Model Context Protocol (MCP) server for interacting with the Tenable Nessus vulnerability scanner. This server allows AI assistants to perform vulnerability scanning and analysis through the MCP protocol.

Features

  • Vulnerability Scanning: Start and monitor vulnerability scans against specified targets
  • Scan Management: List, track, and retrieve results from vulnerability scans
  • Vulnerability Analysis: Search for and get detailed information about specific vulnerabilities
  • Mock Mode: Fully functional mock mode for testing without a Nessus API key

Tools

The server provides the following tools:

Tool NameDescription
list_scan_templatesList available Nessus scan templates
start_scanStart a new vulnerability scan against a target
get_scan_statusCheck the status of a running scan
get_scan_resultsGet the results of a completed scan
list_scansList all scans and their status
get_vulnerability_detailsGet detailed information about a specific vulnerability
search_vulnerabilitiesSearch for vulnerabilities by keyword

Installation

Prerequisites

  • Node.js 16 or higher
  • TypeScript (for development)

Building from Source

  1. Clone the repository:

    git clone https://github.com/Cyreslab-AI/nessus-mcp-server.git
cd nessus-mcp-server

  2. Install dependencies:

    npm install

  3. Build the server:

    npm run build

Usage

Running in Mock Mode

By default, the server runs in mock mode, which doesn't require a Nessus API key:

node build/index.js

Running with Nessus API

To connect to a real Nessus instance, set the following environment variables:

NESSUS_URL=https://your-nessus-instance:8834
NESSUS_ACCESS_KEY=your-access-key
NESSUS_SECRET_KEY=your-secret-key

Then run the server:

node build/index.js

Using with Claude for Desktop

To use this server with Claude for Desktop:

  1. Edit your Claude for Desktop configuration file:

    • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
    • Windows: %APPDATA%\Claude\claude_desktop_config.json

  2. Add the server configuration:

{
  "mcpServers": {
    "nessus": {
      "command": "node",
      "args": ["/path/to/nessus-mcp-server/build/index.js"],
      "env": {
        "NESSUS_URL": "https://your-nessus-instance:8834",
        "NESSUS_ACCESS_KEY": "your-access-key",
        "NESSUS_SECRET_KEY": "your-secret-key"
      }
    }
  }
}

For mock mode, you can omit the env section.

Example Interactions

Starting a Scan

start_scan:
  target: 192.168.1.1
  scan_type: basic-network-scan

Getting Scan Results

get_scan_results:
  scan_id: scan-1234567890

Searching for Vulnerabilities

search_vulnerabilities:
  keyword: log4j

Development

Project Structure

  • src/index.ts: Main server entry point
  • src/nessus-api.ts: Nessus API client with mock fallback
  • src/mock-data.ts: Mock vulnerability data for testing
  • src/tools/: Tool implementations
  • src/utils/: Utility functions

Adding New Tools

  1. Define the tool schema and handler in the appropriate file in src/tools/
  2. Import and register the tool in src/index.ts

License

MIT

Disclaimer

This server is not affiliated with or endorsed by Tenable. Nessus is a trademark of Tenable, Inc.

No tools information available.
No content found.