Cisco opensourced MCP-Scanner for finding vulnerabilties in MCP server
6 months ago
- #vulnerability-scanning
- #python
- #security
- MCP Scanner is a Python tool for scanning MCP servers and tools for security vulnerabilities.
- It combines Cisco AI Defense inspect API, YARA rules, and LLM-as-a-judge for detection.
- Features include multiple modes (CLI, REST API), multi-engine security analysis, and comprehensive scanning.
- Supports explicit authentication control, OAuth, and custom endpoints.
- Allows customizable YARA rules and provides detailed vulnerability reports.
- Requires Python 3.11+, uv package manager, and optional API keys for Cisco AI Defense and LLM providers.
- Installation can be done via pip or from source with uv.
- Configuration involves setting environment variables for API keys and endpoints.
- CLI usage includes scanning known configs, remote servers, and stdio servers with various flags.
- Programmatic usage is supported via Python SDK with async capabilities.
- API server provides REST endpoints for integrating scanning into applications.
- Supports multiple output formats: summary, detailed, table, by_severity, and raw JSON.
- Documentation includes architecture, authentication, programmatic usage, API reference, and output formats.
- Licensed under Apache 2.0 and available on GitHub.