mcpservers-and-tools
by hackerdogs-ai
Overview
A generic, plugin-based MCP server designed to automatically discover and expose reconnaissance tools, supporting both pure Python and command-line application wrappers.
Installation
docker run --rm -e PROWLER_APP_API_KEY="pk_YN3DGF56.gAAAAABpasqdAFdo911TdCS4DOGlzOOyQh648evzYBcuZRIUCoZhvKoO2pT_lN76YqqqIsmak6pQfO01O9Jm251TOCUIrlz7Dz-Erps2_-sIQQOSkdSBF61d9LNSH12VmA_zfmS6yBl3WoTPef91JJNhD6Q7VpWRQRkbsIGMCKXIXVddOf24BA8=" -e API_BASE_URL="https://localhost:8000/api/v1" prowlercloud/prowler-mcpSecurity Notes
The `mcpservers/prowler/prowler_mcp.sh` script, which is part of the provided source, contains a hardcoded `PROWLER_APP_API_KEY`. This is a critical security vulnerability, as it exposes sensitive credentials directly in the source code. The `recon_mcpserver.py` component uses `subprocess.run` for external commands, which is implemented safely by passing arguments as a list. However, its dynamic plugin loading from the `recon/tools` directory means any code placed there will be executed, requiring strict trust and control over plugin sources to prevent arbitrary code execution.
Similar Servers
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-interviewer
A Python CLI tool to evaluate Model Context Protocol (MCP) servers for agentic use-cases, by inspecting capabilities, running functional tests, and providing LLM-as-a-judge evaluations.
mcp-security-scanner
A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.
mcp
The MCP Server provides an AI-powered framework for command execution, plugin-based tools, secure Python evaluation, and knowledge management, designed for standalone or embedded use.