ExternalAttacker MCP Server

By MorDavid GitHub

A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.

mcp bug-bounty

Overview

What is ExternalAttacker MCP?

ExternalAttacker MCP is a Model Context Protocol (MCP) server designed for automated external attack surface management and reconnaissance, utilizing natural language processing to facilitate scanning and vulnerability discovery.

How to use ExternalAttacker MCP?

To use ExternalAttacker MCP, clone the repository from GitHub, install the necessary dependencies, and run the server. You can then issue commands in plain English to perform various scans.

Key features of ExternalAttacker MCP?

Natural language interface for running scans
Comprehensive scanning capabilities including subdomain discovery, port scanning, HTTP analysis, CDN detection, TLS analysis, directory fuzzing, and DNS enumeration.

Use cases of ExternalAttacker MCP?

Scanning domains for subdomains and vulnerabilities.
Analyzing open ports on network devices.
Checking SSL configurations and CDN usage for websites.
Fuzzing endpoints to discover hidden resources.

FAQ from ExternalAttacker MCP?

Can I use ExternalAttacker MCP on any domain?

Yes, but only on systems you have permission to test.

What are the prerequisites for using ExternalAttacker MCP?

You need Python 3.8 or higher and Go installed to set up the required tools.

Is there a community for support?

Yes, you can join the Telegram channel for updates and discussions.

Content

ExternalAttacker MCP Server

Model Context Protocol (MCP) Server for External Attack Surface Management

ExternalAttacker is a powerful integration that brings automated scanning capabilities with natural language interface for comprehensive external attack surface management and reconnaissance.

🔍 Automated Attack Surface Management with AI!
Scan domains, analyze infrastructure, and discover vulnerabilities using natural language.

🔍 What is ExternalAttacker?

ExternalAttacker combines the power of:

Automated Scanning: Comprehensive toolset for external reconnaissance
Model Context Protocol (MCP): An open protocol for creating custom AI tools
Natural Language Processing: Convert plain English queries into scanning commands

📱 Community

Join our Telegram channel for updates, tips, and discussion:

Telegram: https://t.me/root_sec

✨ Features

Natural Language Interface: Run scans using plain English
Comprehensive Scanning Categories:
- 🌐 Subdomain Discovery (subfinder)
- 🔢 Port Scanning (naabu)
- 🌍 HTTP Analysis (httpx)
- 🛡️ CDN Detection (cdncheck)
- 🔐 TLS Analysis (tlsx)
- 📁 Directory Fuzzing (ffuf, gobuster)
- 📝 DNS Enumeration (dnsx)

📋 Prerequisites

Python 3.8 or higher
Go (for installing tools)
MCP Client

🔧 Installation

Clone this repository:

git clone https://github.com/mordavid/ExternalAttacker-MCP.git
cd ExternalAttacker

Install Python dependencies:
```
pip install -r requirements.txt
```

Install required Go tools:

go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest
go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
go install -v github.com/ffuf/ffuf@latest
go install github.com/OJ/gobuster/v3@latest
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest

Run ExternalAttacker-App.py

python ExternalAttacker-App.py
# Access http://localhost:6991

Configure the MCP Server

"mcpServers": {
    "ExternalAttacker-MCP": {
        "command": "python",
        "args": [
            "<Your_Path>\\ExternalAttacker-MCP.py"
        ]
    }
}