Nessus MCP Server

A Model Context Protocol (MCP) server for interacting with the Tenable Nessus vulnerability scanner. This server allows AI assistants to perform vulnerability scanning and analysis through the MCP protocol.

Features

• Vulnerability Scanning: Start and monitor vulnerability scans against specified targets
• Scan Management: List, track, and retrieve results from vulnerability scans
• Vulnerability Analysis: Search for and get detailed information about specific vulnerabilities
• Mock Mode: Fully functional mock mode for testing without a Nessus API key

Tools

The server provides the following tools:

Tool Name	Description
list_scan_templates	List available Nessus scan templates
start_scan	Start a new vulnerability scan against a target
get_scan_status	Check the status of a running scan
get_scan_results	Get the results of a completed scan
list_scans	List all scans and their status
get_vulnerability_details	Get detailed information about a specific vulnerability
search_vulnerabilities	Search for vulnerabilities by keyword

Installation

Prerequisites

• Node.js 16 or higher
• TypeScript (for development)

Building from Source

1. Clone the repository:

   git clone https://github.com/Cyreslab-AI/nessus-mcp-server.git
   cd nessus-mcp-server
   

2. Install dependencies:

   npm install
   

3. Build the server:

   npm run build
   

Usage

Running in Mock Mode

By default, the server runs in mock mode, which doesn't require a Nessus API key:

node build/index.js

Running with Nessus API

To connect to a real Nessus instance, set the following environment variables:

NESSUS_URL=https://your-nessus-instance:8834
NESSUS_ACCESS_KEY=your-access-key
NESSUS_SECRET_KEY=your-secret-key

Then run the server:

node build/index.js

Using with Claude for Desktop

To use this server with Claude for Desktop:

1. Edit your Claude for Desktop configuration file:

   • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
   • Windows: %APPDATA%\Claude\claude_desktop_config.json

2. Add the server configuration:

{
  "mcpServers": {
    "nessus": {
      "command": "node",
      "args": ["/path/to/nessus-mcp-server/build/index.js"],
      "env": {
        "NESSUS_URL": "https://your-nessus-instance:8834",
        "NESSUS_ACCESS_KEY": "your-access-key",
        "NESSUS_SECRET_KEY": "your-secret-key"
      }
    }
  }
}

For mock mode, you can omit the env section.

Example Interactions

Starting a Scan

start_scan:
  target: 192.168.1.1
  scan_type: basic-network-scan

Getting Scan Results

get_scan_results:
  scan_id: scan-1234567890

Searching for Vulnerabilities

search_vulnerabilities:
  keyword: log4j

Development

Project Structure

• src/index.ts: Main server entry point
• src/nessus-api.ts: Nessus API client with mock fallback
• src/mock-data.ts: Mock vulnerability data for testing
• src/tools/: Tool implementations
• src/utils/: Utility functions

Adding New Tools

1. Define the tool schema and handler in the appropriate file in src/tools/
2. Import and register the tool in src/index.ts

License

MIT

Disclaimer

This server is not affiliated with or endorsed by Tenable. Nessus is a trademark of Tenable, Inc.