operant-mcp

Security testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.

GitHub

operant-mcp

NPM Version npm downloads GitHub stars License: MIT TypeScript MCP Server smithery badge

Install in VS Code Install in Cursor

operant-mcp MCP server

Security testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.

Quick Start

npx operant-mcp

Or install globally:

npm install -g operant-mcp
operant-mcp

Usage with Claude Code

Add to your MCP config:

{
  "mcpServers": {
    "operant": {
      "command": "npx",
      "args": ["-y", "operant-mcp"]
    }
  }
}

Tools (51)

SQL Injection (6)

  • sqli_where_bypass — Test OR-based WHERE clause bypass
  • sqli_login_bypass — Test login form SQL injection
  • sqli_union_extract — UNION-based data extraction
  • sqli_blind_boolean — Boolean-based blind SQLi
  • sqli_blind_time — Time-based blind SQLi
  • sqli_file_read — Read files via LOAD_FILE()

XSS (2)

  • xss_reflected_test — Test reflected XSS with 10 payloads
  • xss_payload_generate — Generate context-aware XSS payloads

Command Injection (2)

  • cmdi_test — Test OS command injection
  • cmdi_blind_detect — Blind command injection via sleep timing

Path Traversal (1)

  • path_traversal_test — Test directory traversal with encoding variants

SSRF (2)

  • ssrf_test — Test SSRF with localhost bypass variants
  • ssrf_cloud_metadata — Test cloud metadata access via SSRF

PCAP/Network Forensics (8)

  • pcap_overview — Protocol hierarchy and endpoint stats
  • pcap_extract_credentials — Extract FTP/HTTP/SMTP credentials
  • pcap_dns_analysis — DNS query analysis
  • pcap_http_objects — Export HTTP objects
  • pcap_detect_scan — Detect port scanning
  • pcap_follow_stream — Follow TCP/UDP streams
  • pcap_tls_analysis — TLS/SNI analysis
  • pcap_llmnr_ntlm — Detect LLMNR/NTLM attacks

Reconnaissance (7)

  • recon_quick — Quick recon (robots.txt, headers, common dirs)
  • recon_dns — Full DNS enumeration
  • recon_vhost — Virtual host discovery
  • recon_tls_sans — Extract SANs from TLS certificates
  • recon_directory_bruteforce — Directory brute-force
  • recon_git_secrets — Search git repos for secrets
  • recon_s3_bucket — Test S3 bucket permissions

Memory Forensics (3)

  • volatility_linux — Linux memory analysis (Volatility 2)
  • volatility_windows — Windows memory analysis (Volatility 3)
  • memory_detect_rootkit — Linux rootkit detection

Malware Analysis (2)

  • maldoc_analyze — Full OLE document analysis pipeline
  • maldoc_extract_macros — Extract VBA macros

Cloud Security (2)

  • cloudtrail_analyze — CloudTrail log analysis
  • cloudtrail_find_anomalies — Detect anomalous CloudTrail events

Authentication (3)

  • auth_csrf_extract — Extract CSRF tokens
  • auth_bruteforce — Username enumeration + credential brute-force
  • auth_cookie_tamper — Cookie tampering test

Access Control (2)

  • idor_test — Test for IDOR vulnerabilities
  • role_escalation_test — Test privilege escalation

Business Logic (2)

  • price_manipulation_test — Test price/quantity manipulation
  • coupon_abuse_test — Test coupon stacking/reuse

Clickjacking (2)

  • clickjacking_test — Test X-Frame-Options/CSP
  • frame_buster_bypass — Test frame-busting bypass

CORS (1)

  • cors_test — Test CORS misconfigurations

File Upload (1)

  • file_upload_test — Test file upload bypasses

NoSQL Injection (2)

  • nosqli_auth_bypass — MongoDB auth bypass
  • nosqli_detect — NoSQL injection detection

Deserialization (1)

  • deserialization_test — Test insecure deserialization

GraphQL (2)

  • graphql_introspect — Full schema introspection
  • graphql_find_hidden — Discover hidden fields

Prompts (8)

Methodology guides for structured security assessments:

  • web_app_pentest — Full web app pentest methodology
  • pcap_forensics — PCAP analysis workflow
  • memory_forensics — Memory dump analysis (Linux/Windows)
  • recon_methodology — Reconnaissance checklist
  • malware_analysis — Malware document analysis
  • cloud_security_audit — CloudTrail analysis workflow
  • sqli_methodology — SQL injection testing guide
  • xss_methodology — XSS testing guide

System Requirements

Tools require various CLI utilities depending on the module:

  • Most tools: curl
  • PCAP analysis: tshark (Wireshark CLI)
  • DNS recon: dig, host
  • Memory forensics: volatility / vol.py / vol3
  • Malware analysis: olevba, oledump.py
  • Cloud analysis: jq
  • Secrets scanning: git

License

MIT

İlgili Sunucular

NotebookLM Web Importer

Web sayfalarını ve YouTube videolarını tek tıkla NotebookLM'e aktarın. 200.000'den fazla kullanıcı tarafından güveniliyor.

Chrome Eklentisini Yükle