Skip to content
MCP Directorybeta
ServersCategoriesChangelogDevDigestSign in

MCP Directory

The npm for MCP -- a searchable directory of MCP servers.

A Developers Digest product

Product

  • Dashboard
  • Browse Servers
  • Changelog
  • About

Ecosystem

  • DevDigest
  • YouTube
  • X / Twitter
  • GitHub

Built with Next.js, Tailwind, and Convex

© 2026 Developers Digest

All categories

Security MCP Servers

10 MCP servers for security

Security MCP servers equip your AI with tools for vulnerability scanning, threat intelligence, secrets management, and security auditing. These servers bring the power of security tools like Semgrep, Snyk, and Shodan directly into your AI workflow, making security analysis accessible through natural language.

The servers span several security disciplines: static analysis with Semgrep for finding code vulnerabilities, dependency scanning with Snyk for known CVEs, network reconnaissance with Shodan for discovering exposed services, and malware analysis with VirusTotal. For secrets management, the HashiCorp Vault server provides secure access to credentials and encryption keys.

Security servers are particularly valuable for shift-left security practices. Ask your AI to scan a codebase for vulnerabilities before a release, check if a domain has been typosquatted, look up CVEs affecting your dependencies, or verify that a suspicious file is safe. Integrating these tools into your AI workflow means security checks happen as part of your natural development process, not as an afterthought.

security180

semgrep-mcp

by Semgrep

Static analysis security scanning with Semgrep. Find vulnerabilities, enforce code patterns, and audit codebases.

semgrepsastsecurityscanning
npx -y semgrep-mcp
DetailsInstall
security180

mcp-shodan

by BurtTheCoder

Search Shodan for internet-connected devices and services. Scan IPs, discover open ports, and assess network exposure.

shodannetwork-scanningiotrecon
npx -y mcp-shodan
DetailsInstall
security160

mcp-virustotal

by BurtTheCoder

Scan files, URLs, and domains with VirusTotal. Check for malware, analyze threat intelligence, and verify file safety.

virustotalmalwarethreat-intelscanning
npx -y mcp-virustotal
DetailsInstall
security140

snyk-mcp-server

by nicepkg

Scan dependencies for vulnerabilities with Snyk. Check for known CVEs, license issues, and security risks.

snykvulnerabilitiesdependenciescve
npx -y snyk-mcp-server
DetailsInstall
security130

mcp-maigret

by BurtTheCoder

OSINT username search across 500+ websites with Maigret. Find social media profiles and digital footprints from a username.

osintusername-searchsocial-mediarecon
npx -y mcp-maigret
DetailsInstall
security120

hashicorp-vault-mcp

by nicepkg

Access HashiCorp Vault secrets. Read, write, and manage secrets, encryption keys, and dynamic credentials.

vaultsecretsencryptionhashicorp
npx -y hashicorp-vault-mcp
DetailsInstall
security110

osv-mcp

by StacklokLabs

Query the OSV vulnerability database. Look up CVEs, check package vulnerabilities, and assess security risks across ecosystems.

osvvulnerabilitiescvesecurity-scanning
npx -y osv-mcp
DetailsInstall
security100

mcp-dnstwist

by BurtTheCoder

Detect domain squatting and phishing with dnstwist. Find typosquatting domains, homoglyph attacks, and lookalike URLs.

dnsphishingtyposquattingdomain-security
npx -y mcp-dnstwist
DetailsInstall
security

dkvdm/onepassword-mcp-server

by dkvdm

Secure credential retrieval from 1Password for AI agents. Access secrets, passwords, and API keys stored in your 1Password vaults without exposing them in plaintext.

1passwordsecretscredentials
npx -y @dkvdm/onepassword-mcp-server
DetailsInstall
security

Gaffx/volatility-mcp

by Gaffx

Memory forensics analysis powered by Volatility 3.x. Run plugins like pslist and netscan through AI assistants to investigate memory dumps without manual CLI work.

forensicsmemory-analysissecurity
npx -y @gaffx/volatility-mcp
DetailsInstall

Related Categories

Dev Tools

47 servers

Cloud

18 servers

Filesystem

7 servers

Browse all 218 servers