Security Operations Multi-Tool Platform (MCP)

A comprehensive security operations platform that integrates multiple security tools into a unified interface. This platform provides a centralized way to run various security scanning and testing tools.

Features

• Unified Interface: Single entry point for multiple security tools
• Docker Support: Easy deployment using Docker
• JSON Output: Consistent JSON output format across all tools
• Error Handling: Robust error handling and reporting
• Extensible: Easy to add new tools and functionality

Included Tools

• Nuclei: Fast and customizable vulnerability scanner
• FFUF: Fast web fuzzer and content discovery tool
• Amass: In-depth attack surface mapping and external asset discovery
• Arjun: HTTP parameter discovery tool for finding hidden parameters
• Dirsearch: Web path scanner
• Gospider: Fast web spider for crawling and URL discovery
• Hashcat: Advanced password recovery
• HTTPX: Fast and multi-purpose HTTP toolkit
• IPInfo: IP address information gathering
• Nmap: Network exploration and security auditing
• SQLMap: Automatic SQL injection and database takeover tool
• Subfinder: Subdomain discovery tool
• TLSX: TLS/SSL scanning and analysis
• WFuzz: Web application fuzzer
• XSStrike: Advanced XSS detection and exploitation

Tool Categories

Web Application Security

• Nuclei: Vulnerability scanning with custom templates
• FFUF: Fast web fuzzing and content discovery
• WFuzz: Web application fuzzing
• XSStrike: XSS detection and exploitation
• SQLMap: SQL injection testing and exploitation
• Arjun: HTTP parameter discovery and testing
• Gospider: Web crawling and URL discovery
• Dirsearch: Directory and file enumeration

Network Security

• Nmap: Network scanning and service enumeration
• HTTPX: HTTP probing and analysis
• TLSX: TLS/SSL configuration analysis

Reconnaissance

• Amass: Attack surface mapping and asset discovery
• Subfinder: Subdomain enumeration
• IPInfo: IP address intelligence gathering

Cryptography

• Hashcat: Password cracking and hash analysis

Recent Additions

Gospider Integration

• Web Crawling: Automated website crawling and URL discovery
• Multiple Output Formats: JSON and text output support
• Filtering Capabilities: Extension-based filtering and content filtering
• Configurable Depth: Customizable crawling depth and concurrency
• Subdomain Support: Option to include subdomains in crawling
• Form Detection: Automatic detection of HTML forms
• Secret Discovery: Identification of potential sensitive information

Arjun Integration

• Parameter Discovery: Find hidden HTTP parameters in web applications
• Multiple HTTP Methods: Support for GET, POST, PUT, and other methods
• Bulk Scanning: Scan multiple URLs simultaneously
• Custom Wordlists: Use custom parameter wordlists
• Stable Mode: Reduced false positives with stable scanning mode
• Custom Headers: Support for custom HTTP headers and authentication
• Threading Support: Configurable threading for faster scans

Installation

Using Docker (Recommended)

1. Clone the repository:

   git clone https://github.com/securityfortech/secops-mcp.git
   cd secops-mcp
   

2. Build the Docker image:

   docker build -t secops-mcp .
   

3. Run the container:

   docker run -it --rm secops-mcp
   

Manual Installation

1. Clone the repository:

   git clone https://github.com/securityfortech/secops-mcp.git
   cd secops-mcp
   

2. Create and activate a virtual environment:

   python -m venv venv
   source venv/bin/activate  # On Windows: venv\Scripts\activate
   

3. Install dependencies:

   pip install -r requirements.txt
   

4. Install required tools:

   • Follow the installation instructions for each tool in the tools/ directory
   • Ensure all tools are in your system PATH

Usage

1. Start the application:

   python main.py
   

2. The application will provide a unified interface for running various security tools.

3. Each tool returns results in a consistent JSON format:

   {
       "success": boolean,
       "error": string (if error),
       "results": object (if success)
   }
   

Usage Examples

Gospider Web Crawling

# Basic web crawling
gospider_scan("https://example.com", depth=3, include_subs=True)

# Filtered crawling for specific file types
gospider_filtered_scan(
    "https://example.com",
    extensions=["js", "json", "xml"],
    exclude_extensions=["png", "jpg", "css"]
)

Arjun Parameter Discovery

# Basic parameter discovery
arjun_scan("https://example.com/api", method="GET")

# POST parameter discovery with custom data
arjun_scan(
    "https://example.com/login",
    method="POST",
    data="username=test&password=test",
    stable=True
)

# Bulk parameter scanning
arjun_bulk_parameter_scan([
    "https://example.com/api/v1",
    "https://example.com/api/v2"
])

Tool Configuration

Each tool can be configured through its respective wrapper in the tools/ directory. Configuration options include:

• Output formats
• Timeouts
• Verbosity levels
• Custom wordlists
• Tool-specific parameters

Security Considerations

• This tool is for authorized security testing only
• Always obtain proper authorization before scanning systems
• Be mindful of rate limiting and scanning intensity
• Respect robots.txt and terms of service
• Use appropriate wordlists and scanning parameters

Contributing

1. Fork the repository
2. Create a feature branch
3. Commit your changes
4. Push to the branch
5. Create a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

• All the security tools and their developers
• The security community for their contributions and support