operant-mcp
Security testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.
operant-mcp
Security testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.
Quick Start
npx operant-mcp
Or install globally:
npm install -g operant-mcp
operant-mcp
Usage with Claude Code
Add to your MCP config:
{
"mcpServers": {
"operant": {
"command": "npx",
"args": ["-y", "operant-mcp"]
}
}
}
Tools (51)
SQL Injection (6)
sqli_where_bypass— Test OR-based WHERE clause bypasssqli_login_bypass— Test login form SQL injectionsqli_union_extract— UNION-based data extractionsqli_blind_boolean— Boolean-based blind SQLisqli_blind_time— Time-based blind SQLisqli_file_read— Read files via LOAD_FILE()
XSS (2)
xss_reflected_test— Test reflected XSS with 10 payloadsxss_payload_generate— Generate context-aware XSS payloads
Command Injection (2)
cmdi_test— Test OS command injectioncmdi_blind_detect— Blind command injection via sleep timing
Path Traversal (1)
path_traversal_test— Test directory traversal with encoding variants
SSRF (2)
ssrf_test— Test SSRF with localhost bypass variantsssrf_cloud_metadata— Test cloud metadata access via SSRF
PCAP/Network Forensics (8)
pcap_overview— Protocol hierarchy and endpoint statspcap_extract_credentials— Extract FTP/HTTP/SMTP credentialspcap_dns_analysis— DNS query analysispcap_http_objects— Export HTTP objectspcap_detect_scan— Detect port scanningpcap_follow_stream— Follow TCP/UDP streamspcap_tls_analysis— TLS/SNI analysispcap_llmnr_ntlm— Detect LLMNR/NTLM attacks
Reconnaissance (7)
recon_quick— Quick recon (robots.txt, headers, common dirs)recon_dns— Full DNS enumerationrecon_vhost— Virtual host discoveryrecon_tls_sans— Extract SANs from TLS certificatesrecon_directory_bruteforce— Directory brute-forcerecon_git_secrets— Search git repos for secretsrecon_s3_bucket— Test S3 bucket permissions
Memory Forensics (3)
volatility_linux— Linux memory analysis (Volatility 2)volatility_windows— Windows memory analysis (Volatility 3)memory_detect_rootkit— Linux rootkit detection
Malware Analysis (2)
maldoc_analyze— Full OLE document analysis pipelinemaldoc_extract_macros— Extract VBA macros
Cloud Security (2)
cloudtrail_analyze— CloudTrail log analysiscloudtrail_find_anomalies— Detect anomalous CloudTrail events
Authentication (3)
auth_csrf_extract— Extract CSRF tokensauth_bruteforce— Username enumeration + credential brute-forceauth_cookie_tamper— Cookie tampering test
Access Control (2)
idor_test— Test for IDOR vulnerabilitiesrole_escalation_test— Test privilege escalation
Business Logic (2)
price_manipulation_test— Test price/quantity manipulationcoupon_abuse_test— Test coupon stacking/reuse
Clickjacking (2)
clickjacking_test— Test X-Frame-Options/CSPframe_buster_bypass— Test frame-busting bypass
CORS (1)
cors_test— Test CORS misconfigurations
File Upload (1)
file_upload_test— Test file upload bypasses
NoSQL Injection (2)
nosqli_auth_bypass— MongoDB auth bypassnosqli_detect— NoSQL injection detection
Deserialization (1)
deserialization_test— Test insecure deserialization
GraphQL (2)
graphql_introspect— Full schema introspectiongraphql_find_hidden— Discover hidden fields
Prompts (8)
Methodology guides for structured security assessments:
web_app_pentest— Full web app pentest methodologypcap_forensics— PCAP analysis workflowmemory_forensics— Memory dump analysis (Linux/Windows)recon_methodology— Reconnaissance checklistmalware_analysis— Malware document analysiscloud_security_audit— CloudTrail analysis workflowsqli_methodology— SQL injection testing guidexss_methodology— XSS testing guide
System Requirements
Tools require various CLI utilities depending on the module:
- Most tools:
curl - PCAP analysis:
tshark(Wireshark CLI) - DNS recon:
dig,host - Memory forensics:
volatility/vol.py/vol3 - Malware analysis:
olevba,oledump.py - Cloud analysis:
jq - Secrets scanning:
git
License
MIT
Related Servers
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Subotiz MCP
Connect AI assistants to Subotiz - Using Subotiz's external capabilities through natural language
IDA MCP Server
A Model Context Protocol server for the IDA Pro disassembler.
REI Crypto MCP Server - Beta
A FastMCP implementation of the in-house MCP servers used by Units of the Rei Network.
MCP Server Manager for Claude
Install and manage Model Context Protocol (MCP) servers for Claude Desktop.
CodeClone
Structural code quality analysis for Python with baseline-aware CI governance, canonical reports, and a triage-first MCP control surface for agents and IDEs.
Port MCP Server
An MCP server for Port.io that enables advanced automations and natural language interactions for developers and AI applications.
Sailor
Generate and render Mermaid diagrams as images using LLMs.
Remote MCP Server (Authless)
An example of a remote MCP server deployable on Cloudflare Workers without authentication.
iTerm
Access and control local iTerm2 terminal sessions.
Dify MCP Server
A TypeScript-based server that integrates the Dify AI application platform with the MCP Client.