Back to Home
six2dez icon

burp-mcp-agents

Verified Safe

by six2dez

View Source

Overview

Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.

Installation

Run Command
python3 lmstudio/lmstudio_mcp_agent.py llama-3.1-8b-instruct

Environment Variables

  • OLLAMA_HOST

Security Notes

The system is explicitly designed for local, trusted use and warns against exposing the Caddy proxy (listening on 127.0.0.1:19876) externally. All direct agent-to-Burp/LLM communication components bind to localhost by default. Cloud backends (Codex, Gemini) will transmit prompts and tool call details to their respective external APIs, but the raw Burp traffic is processed locally by the agents before being summarized for the LLM. The LM Studio default API key 'lm-studio' is a placeholder for a local server and not a sensitive secret. No 'eval' or obvious obfuscation detected.

Similar Servers

VibeShift

62

VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.

Coding Agents
8
$High

pentestMCP

32

This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.

AI & ML
2
$High

mcp-pentest

23

An AI-driven middleware to orchestrate and manage penetration testing tools and engagements.

AI & ML
2
$Medium

VulneraMCP

3

An AI-powered platform for automated security testing, vulnerability research, and bug bounty hunting.

AI & ML
3
$High

Stats

Interest Score94
Security Score9
Cost ClassMedium
Avg Tokens2000
Stars151
Forks27
Last Update2026-01-19

Tags

Bug huntingPenetration testingVulnerability analysisBurp SuiteAI assistantLLMSecurity