io.github.cyanheads/attack-surface-mcp-server
Passive external attack-surface mapping: CT subdomains, DNS, TLS, HTTP posture, RDAP/WHOIS, Shodan.
Ready: LocalSecurity: LocalAuth: UnknownSetup: Unknownmcp_servermcp
Use it
- Packages
- npm: @cyanheads/attack-surface-mcp-server 0.1.1
npx -y @cyanheads/attack-surface-mcp-serverEnv: SHODAN_API_KEY, CERTSPOTTER_API_KEY, ATTACKSURFACE_DEFAULT_RESOLVERS, ATTACKSURFACE_HTTP_USER_AGENT, ATTACKSURFACE_MAX_SUBDOMAINS, ATTACKSURFACE_RDAP_BOOTSTRAP_URL, ATTACKSURFACE_ALLOW_PRIVATE_TARGETS, MCP_LOG_LEVEL - npm: @cyanheads/attack-surface-mcp-server 0.1.1
npx -y @cyanheads/attack-surface-mcp-serverEnv: MCP_HTTP_HOST, MCP_HTTP_PORT, MCP_HTTP_ENDPOINT_PATH, MCP_AUTH_MODE, MCP_LOG_LEVEL
- npm: @cyanheads/attack-surface-mcp-server 0.1.1
- Instructions
- Use an MCP client, but no callable endpoint or package install target was published.
Version history
VersionStatusPublished
0.1.1LatestactiveJun 14, 2026
0.1.0activeJun 13, 2026