Wass Mcp

7registry active

Summary

Wraps four security scanning tools (Nikto, Nuclei, Wapiti, shcheck) in an MCP interface for web application security testing. You get individual tools for server vulnerability scans, template-based CVE detection, app-level injection testing, and security header analysis, plus a full_scan that runs all four in parallel. Each tool takes a host and optional port, returns paginated results, and logs to SQLite so you can query execution history later. Ships as a Docker container that listens on HTTP and survives restarts without losing state. Intended for authorized penetration testing and security assessments where you need to coordinate multiple scanners through a conversational interface rather than CLI invocations.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

WASS-MCP

A Model Context Protocol (MCP) server for web application security scanning.

Features

MCP Protocol Support - Full compatibility with MCP clients (Claude, etc.)
Nikto Integration - Web server vulnerability scanning
Nuclei Integration - Template-based vulnerability scanning
Wapiti Integration - Web application vulnerability scanning
Shcheck Integration - Security headers analysis
Execution History - Persistent storage of scan results
Stateless Design - Survives server restarts without session errors
RESTful HTTP Transport - Streamable HTTP-based MCP protocol

Usage

docker run -p 127.0.0.1:8989:8989 tb0hdan/wass-mcp

MCP Client Configuration

Example command to add WASS-MCP server to Claude MCP clients:

claude mcp add wass-mcp --transport http http://127.0.0.1:8989

or Gemini:

gemini mcp add wass-mcp --transport http http://127.0.0.1:8989

Available Tools

nikto

Perform web server vulnerability scans using Nikto.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Example:

{
  "host": "192.168.1.100",
  "port": 443
}

nuclei

Perform template-based vulnerability scanning using Nuclei.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Vulnerabilities Detected:

CVE detection via community templates
Misconfigurations
Exposed panels/dashboards
Default credentials
Technology detection
Security headers analysis
And many more via 8000+ community templates

Example:

{
  "host": "192.168.1.100",
  "port": 443
}

wapiti

Perform comprehensive web application vulnerability scans using Wapiti.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Vulnerabilities Detected:

SQL Injection / Blind SQL Injection
Cross-Site Scripting (XSS)
File Inclusion / Path Traversal
Command Execution
CRLF Injection
Server-Side Request Forgery (SSRF)
Open Redirects
HTTP Security Headers
Content Security Policy issues

Example:

{
  "host": "192.168.1.100",
  "port": 8080
}

shcheck_py

Analyze HTTP security headers using shcheck.py.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Headers Analyzed:

Content-Security-Policy
Strict-Transport-Security
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
And other security-relevant headers

Example:

{
  "host": "example.com",
  "port": 443
}

full_scan

Perform a comprehensive security scan using all available scanners in parallel.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Features:

Runs nikto, nuclei, wapiti and shcheck scanners in parallel
Merges results into a unified report
Includes timing and status for each scanner
Gracefully handles missing scanner binaries

Example:

{
  "host": "192.168.1.100",
  "port": 8080
}

history

Browse and manage tool execution history.

Parameters:

Name	Type	Required	Description
`action`	string	Yes	One of: `list`, `get`, `delete`, `clear`
`id`	integer	For get/delete	Execution ID
`limit`	integer	No	Results per page (default: 10)
`offset`	integer	No	Pagination offset

Actions:

list - List execution history with pagination
get - Get full details of a specific execution
delete - Delete a specific execution by ID
clear - Delete all execution history

API Endpoints

Endpoint	Description
`POST /mcp`	MCP protocol endpoint
`GET /`	Service information (JSON)
`GET /debug/pprof/*`	Profiling endpoints

Development and advanced usage

Source build requirements

Go 1.25+
Nikto (apt install nikto or equivalent)
Nuclei (go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest)
Wapiti (apt install wapiti or equivalent)
Shcheck (pip install shcheck or from GitHub)
SQLite3

# Clone the repository
git clone https://github.com/tb0hdan/wass-mcp.git
cd wass-mcp

# Build
make build

# Run
./build/wass-mcp

Starting the Server

# Default (localhost:8989)
./build/wass-mcp

# Custom bind address
./build/wass-mcp --bind 0.0.0.0:8080

# Custom database path
./build/wass-mcp --db /var/lib/wass-mcp/data.db

# Debug mode
./build/wass-mcp --debug

Configuration Options

Flag	Default	Description
`--bind`	`localhost:8989`	HTTP server bind address
`--db`	`./wass-mcp.db`	SQLite database file path
`--debug`	`false`	Enable debug logging
`--version`	-	Print version and exit

Linting

make lint

Testing

make test

Project Structure

wass-mcp/
├── cmd/wass-mcp/        # Application entry point
├── pkg/
│   ├── server/          # MCP server wrapper
│   ├── storage/         # Database layer (SQLite/GORM)
│   ├── models/          # Data models
│   ├── tools/           # MCP tool implementations
│   │   ├── nikto/       # Nikto web server scanner
│   │   ├── wapiti/      # Wapiti web app scanner
│   │   ├── nuclei/      # Nuclei template scanner
│   │   ├── shcheck/     # Security headers checker
│   │   ├── fullscan/    # Parallel full scan
│   │   └── history/     # History management
│   └── types/           # Shared types and constants
├── docs/                # Documentation
└── build/               # Build output and coverage reports

Security Notice

This tool is intended for authorized security testing only. Ensure you have proper authorization before scanning any systems. Unauthorized scanning may be illegal in your jurisdiction.

Project notes

For complete project notes, design decisions, and architecture overview, please refer to the Project Notes document.

License

Contributing

Fork the repository
Create a feature branch (git checkout -b feature/new-tool)
Commit your changes (git commit -am 'Add new scanning tool')
Push to the branch (git push origin feature/new-tool)
Create a Pull Request

Acknowledgments

Model Context Protocol - Protocol specification
Nikto - Web server scanner
Nuclei - Template-based vulnerability scanner
Wapiti - Web application vulnerability scanner
Shcheck - Security headers checker
GORM - Go ORM library

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

WASS-MCP

A Model Context Protocol (MCP) server for web application security scanning.

Features

MCP Protocol Support - Full compatibility with MCP clients (Claude, etc.)
Nikto Integration - Web server vulnerability scanning
Nuclei Integration - Template-based vulnerability scanning
Wapiti Integration - Web application vulnerability scanning
Shcheck Integration - Security headers analysis
Execution History - Persistent storage of scan results
Stateless Design - Survives server restarts without session errors
RESTful HTTP Transport - Streamable HTTP-based MCP protocol

Usage

docker run -p 127.0.0.1:8989:8989 tb0hdan/wass-mcp

MCP Client Configuration

Example command to add WASS-MCP server to Claude MCP clients:

claude mcp add wass-mcp --transport http http://127.0.0.1:8989

or Gemini:

gemini mcp add wass-mcp --transport http http://127.0.0.1:8989

Available Tools

nikto

Perform web server vulnerability scans using Nikto.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Example:

{
  "host": "192.168.1.100",
  "port": 443
}

nuclei

Perform template-based vulnerability scanning using Nuclei.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Vulnerabilities Detected:

CVE detection via community templates
Misconfigurations
Exposed panels/dashboards
Default credentials
Technology detection
Security headers analysis
And many more via 8000+ community templates

Example:

{
  "host": "192.168.1.100",
  "port": 443
}

wapiti

Perform comprehensive web application vulnerability scans using Wapiti.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Vulnerabilities Detected:

SQL Injection / Blind SQL Injection
Cross-Site Scripting (XSS)
File Inclusion / Path Traversal
Command Execution
CRLF Injection
Server-Side Request Forgery (SSRF)
Open Redirects
HTTP Security Headers
Content Security Policy issues

Example:

{
  "host": "192.168.1.100",
  "port": 8080
}

shcheck_py

Analyze HTTP security headers using shcheck.py.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Headers Analyzed:

Content-Security-Policy
Strict-Transport-Security
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
And other security-relevant headers

Example:

{
  "host": "example.com",
  "port": 443
}

full_scan

Perform a comprehensive security scan using all available scanners in parallel.

Parameters:

Name	Type	Required	Description
`host`	string	Yes	Target hostname or IP address
`port`	integer	No	Target port (default: 80)
`vhost`	string	No	Virtual host header
`max_lines`	integer	No	Maximum output lines
`offset`	integer	No	Output line offset

Features:

Runs nikto, nuclei, wapiti and shcheck scanners in parallel
Merges results into a unified report
Includes timing and status for each scanner
Gracefully handles missing scanner binaries

Example:

{
  "host": "192.168.1.100",
  "port": 8080
}

history

Browse and manage tool execution history.

Parameters:

Name	Type	Required	Description
`action`	string	Yes	One of: `list`, `get`, `delete`, `clear`
`id`	integer	For get/delete	Execution ID
`limit`	integer	No	Results per page (default: 10)
`offset`	integer	No	Pagination offset

Actions:

list - List execution history with pagination
get - Get full details of a specific execution
delete - Delete a specific execution by ID
clear - Delete all execution history

API Endpoints

Endpoint	Description
`POST /mcp`	MCP protocol endpoint
`GET /`	Service information (JSON)
`GET /debug/pprof/*`	Profiling endpoints

Development and advanced usage

Source build requirements

Go 1.25+
Nikto (apt install nikto or equivalent)
Nuclei (go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest)
Wapiti (apt install wapiti or equivalent)
Shcheck (pip install shcheck or from GitHub)
SQLite3

# Clone the repository
git clone https://github.com/tb0hdan/wass-mcp.git
cd wass-mcp

# Build
make build

# Run
./build/wass-mcp

Starting the Server

# Default (localhost:8989)
./build/wass-mcp

# Custom bind address
./build/wass-mcp --bind 0.0.0.0:8080

# Custom database path
./build/wass-mcp --db /var/lib/wass-mcp/data.db

# Debug mode
./build/wass-mcp --debug

Configuration Options

Flag	Default	Description
`--bind`	`localhost:8989`	HTTP server bind address
`--db`	`./wass-mcp.db`	SQLite database file path
`--debug`	`false`	Enable debug logging
`--version`	-	Print version and exit

Linting

make lint

Testing

make test

Project Structure

wass-mcp/
├── cmd/wass-mcp/        # Application entry point
├── pkg/
│   ├── server/          # MCP server wrapper
│   ├── storage/         # Database layer (SQLite/GORM)
│   ├── models/          # Data models
│   ├── tools/           # MCP tool implementations
│   │   ├── nikto/       # Nikto web server scanner
│   │   ├── wapiti/      # Wapiti web app scanner
│   │   ├── nuclei/      # Nuclei template scanner
│   │   ├── shcheck/     # Security headers checker
│   │   ├── fullscan/    # Parallel full scan
│   │   └── history/     # History management
│   └── types/           # Shared types and constants
├── docs/                # Documentation
└── build/               # Build output and coverage reports

Security Notice

This tool is intended for authorized security testing only. Ensure you have proper authorization before scanning any systems. Unauthorized scanning may be illegal in your jurisdiction.

Project notes

For complete project notes, design decisions, and architecture overview, please refer to the Project Notes document.

License

Contributing

Fork the repository
Create a feature branch (git checkout -b feature/new-tool)
Commit your changes (git commit -am 'Add new scanning tool')
Push to the branch (git push origin feature/new-tool)
Create a Pull Request

Acknowledgments

Model Context Protocol - Protocol specification
Nikto - Web server scanner
Nuclei - Template-based vulnerability scanner
Wapiti - Web application vulnerability scanner
Shcheck - Security headers checker
GORM - Go ORM library

Wass Mcp

WASS-MCP

Features

Usage

MCP Client Configuration

Available Tools

nikto

nuclei

wapiti

shcheck_py

full_scan

history

API Endpoints

Development and advanced usage

Source build requirements

Starting the Server

Configuration Options

Linting

Testing

Project Structure

Security Notice

Project notes

License

Contributing

Acknowledgments

Wass Mcp

WASS-MCP

Features

Usage

MCP Client Configuration

Available Tools

nikto

nuclei

wapiti

shcheck_py

full_scan

history

API Endpoints

Development and advanced usage

Source build requirements

Starting the Server

Configuration Options

Linting

Testing

Project Structure

Security Notice

Project notes

License

Contributing

Acknowledgments

Related Security & Pentesting MCP Servers

Related Security & Pentesting MCP Servers