feat: Add new security-resources-mcp and wafw00f-mcp services and refactor http-headers-security-mcp for improved header analysis.

commix-mcp/src/index.ts

@@ -16,16 +16,21 @@ const server = new McpServer({
 
 server.tool(
     "do-commix",
-    "Run Smuggler to detect HTTP Request Smuggling vulnerabilities",
+    "Run Commix to detect and exploit command injection vulnerabilities. Commix (short for [comm]and [i]njection [e]xploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos, that automates the detection and exploitation of command injection vulnerabilities in certain software.",
     {
-        url: z.string().url().describe("Target URL to detect HTTP Request Smuggling")
+        url: z.string().url().describe("Target URL to detect command injection (e.g., http://192.168.1.1/vuln.php?id=1)"),
+        commix_args: z.array(z.string()).optional().describe("Additional commix arguments (e.g., ['--batch', '--crawl=1'])")
     },
-    async ({ url }) => {
-        const baseArgs = [args[1],"-u", url];
-        const allArgs = [...baseArgs, url];
+    async ({ url, commix_args = [] }) => {
+        const pythonPath = args[0];
+        const commixPath = args[1];
+
+        // Ensure --batch is included for non-interactive use in MCP
+        const finalArgs = [commixPath, "-u", url, "--batch", ...commix_args];
+
         let output = '';
 
-        const commix = spawn(args[0],allArgs);
+        const commix = spawn(pythonPath, finalArgs);
 
         commix.stdout.on('data', (data) => {
             output += data.toString();
@@ -37,20 +42,16 @@ server.tool(
 
         return new Promise((resolve, reject) => {
             commix.on('close', (code) => {
-                if (code === 0) {
-                    output = removeAnsiCodes(output);
-
-                    resolve({
-                        content: [{
-                            type: "text",
-                            text: output
-                        }]
-                    });
-                } else {
-                    reject(new Error(`commix exited with code ${code}`));
-                }
+                output = removeAnsiCodes(output);
+
+                resolve({
+                    content: [{
+                        type: "text",
+                        text: output + `\n\nCommix process finished with exit code ${code}`
+                    }]
+                });
             });
-            
+
             commix.on('error', (error) => {
                 reject(new Error(`Failed to start commix: ${error.message}`));
             });
@@ -65,10 +66,10 @@ function removeAnsiCodes(input: string): string {
 async function main() {
     const transport = new StdioServerTransport();
     await server.connect(transport);
-    console.error("Smuggler MCP Server running on stdio");
+    console.error("Commix MCP Server running on stdio");
 }
 
 main().catch((error) => {
     console.error("Fatal error in main():", error);
     process.exit(1);
-}); 
+});

http-headers-security-mcp/src/index.ts

@@ -8,70 +8,90 @@ import addHeadersData from "./owasp_headers_add.json";
 // Create server instance
 const server = new McpServer({
     name: "http-headers-security",
-    version: "1.0.0",
+    version: "1.0.1",
 });
 
-async function fetchHttpHeaders(target: string): Promise<string[]> {
+interface HeaderRecommendation {
+    header: string;
+    reason: string;
+}
+
+async function fetchHttpHeaders(target: string): Promise<Record<string, string>> {
     try {
         const response = await axios.get(target, {
-            timeout: 100000,
-            validateStatus: () => true // Accept all status codes
+            timeout: 30000,
+            validateStatus: () => true, // Accept all status codes
+            headers: {
+                'User-Agent': 'Mozilla/5.0 (MCP Security Scanner; https://github.com/cyproxio/mcp-for-security)'
+            }
         });
 
-        return Object.entries(response.headers).map(([key, value]) => `${key}: ${value}`);
-    } catch (error: unknown) {
-        if (error instanceof Error) {
-            throw new Error(`Failed to fetch headers: ${error.message}`);
+        // Convert header values to string if they are arrays
+        const headers: Record<string, string> = {};
+        for (const [key, value] of Object.entries(response.headers)) {
+            headers[key.toLowerCase()] = Array.isArray(value) ? value.join(', ') : (value || '');
         }
-        throw new Error('Failed to fetch headers: Unknown error occurred');
+        return headers;
+    } catch (error: any) {
+        throw new Error(`Failed to fetch headers from ${target}: ${error.message}`);
     }
 }
 
-async function findMatchingRemoveHeaders(headers: string[]): Promise<string[]> {
-    const removeHeaders = removeHeadersData.headers;
-
-    return headers.filter(header => {
-        const headerName = header.split(':')[0].trim().toLowerCase();
-        return removeHeaders.some(h => h.toLowerCase() === headerName);
-    });
-}
-
-async function findMatchingAddedHeaders(headers: string[]): Promise<string[]> {
-    const addHeaders = addHeadersData.headers;
-    const existingHeaderNames = headers.map(header => header.split(':')[0].trim().toLowerCase());
-
-    return addHeaders
-        .filter(header => !existingHeaderNames.includes(header.name.toLowerCase()))
-        .map(header => `${header.name}: ${header.value}`);
-}
-
 server.tool(
     "analyze-http-header",
-    "Perform security analysis of HTTP response headers for a web application. This tool examines HTTP headers against OWASP security best practices, identifying both potentially dangerous headers that should be removed and recommended security headers that are missing. Results include specific recommendations for improving security posture.",
+    "Perform a security analysis of HTTP response headers against OWASP best practices. Identifies dangerous headers to remove and critical security headers to add.",
     {
-        target: z.string().describe("Target URL to analyze (e.g., https://example.com). The tool will make a request to this URL and evaluate its HTTP response headers for security issues."),
+        target: z.string().url().describe("Target URL to analyze (e.g., https://example.com)"),
     },
     async ({ target }) => {
-        return new Promise((resolve, reject) => {
-            fetchHttpHeaders(target)
-                .then(async headers => {
-                    const removeHeaders = await findMatchingRemoveHeaders(headers);
-                    const addedHeaders = await findMatchingAddedHeaders(headers);
-                    const result = { 
-                        removeHeaders: removeHeaders.length > 0 ? removeHeaders : ["No headers to remove"],
-                        addedHeaders: addedHeaders.length > 0 ? addedHeaders : ["No headers to add"]
-                    };
-                    resolve({
-                        content: [{
-                            type: "text",
-                            text: JSON.stringify(result, null, 2)
-                        }]
-                    });
-                })
-                .catch(error => {
-                    reject(error);
-                });
-        });
+        try {
+            const currentHeaders = await fetchHttpHeaders(target);
+
+            // Analyze headers to remove
+            const headersToRemove = removeHeadersData.headers
+                .filter(h => currentHeaders[h.toLowerCase()] !== undefined)
+                .map(h => ({
+                    header: h,
+                    value: currentHeaders[h.toLowerCase()]
+                }));
+
+            // Analyze headers to add
+            const headersToAdd = addHeadersData.headers
+                .filter(h => currentHeaders[h.name.toLowerCase()] === undefined)
+                .map(h => ({
+                    header: h.name,
+                    recommendedValue: h.value
+                }));
+
+            const result = {
+                target,
+                summary: {
+                    totalCurrentHeaders: Object.keys(currentHeaders).length,
+                    issuesFound: headersToRemove.length + headersToAdd.length,
+                    criticalMissing: headersToAdd.length
+                },
+                recommendations: {
+                    remove: headersToRemove.length > 0 ? headersToRemove : "No dangerous headers detected.",
+                    add: headersToAdd.length > 0 ? headersToAdd : "All recommended security headers are present."
+                },
+                rawHeaders: currentHeaders
+            };
+
+            return {
+                content: [{
+                    type: "text",
+                    text: JSON.stringify(result, null, 2)
+                }]
+            };
+        } catch (error: any) {
+            return {
+                isError: true,
+                content: [{
+                    type: "text",
+                    text: `Error analyzing headers: ${error.message}`
+                }]
+            };
+        }
     }
 );
 

readme.md

@@ -5,12 +5,11 @@
 [![Docker](https://img.shields.io/github/release/cyproxio/mcp-for-security?style=social)](https://github.com/cyproxio/mcp-for-security/releases)
 ---
 
-<img src="https://avatars.githubusercontent.com/u/89649708?s=48&v=4" width="40" align="left" />
+![Cyprox Logo](https://avatars.githubusercontent.com/u/89649708?s=48&v=4)
 
-**About Cyprox — The Future of AI-Driven Cybersecurity** <br/></br>
+### About Cyprox — The Future of AI-Driven Cybersecurity
 
-
-**Cyprox** is pioneering the future of cybersecurity by combining artificial intelligence and security tools to empower organizations with next-level threat detection and automated response.  
+**Cyprox** is pioneering the future of cybersecurity by combining artificial intelligence and security tools to empower organizations with next-level threat detection and automated response.
 
 > *"The Future of Cybersecurity Humans and AI, Working Together..."*
 
@@ -31,23 +30,23 @@ Explore more at [https://cyprox.io](https://cyprox.io)
 
 ---
 
-## 🌐 Installation 
+## 🌐 Installation
 
 ### Docker
 
 You can use all MCP servers through Docker using the cyprox/mcp-for-security Docker image. It can also be used from any MCP client with Docker support, such as the Cyprox platform.
 Visit [Cyprox](https://cyprox.io) for more information.
 
 ### Manuel
+
 Since each MCP server may require different dependencies, the `start.sh` bash script provides a general setup mechanism. Nonetheless, users should always refer to the installation instructions specific to the corresponding MCP server to ensure proper setup.
 
 ---
 
-
 ## Available Tools
 
 | Tool | Description | Detailed Documentation |
-|------|-------------|------------------------|
+| --- | --- | --- |
 | Amass | Advanced subdomain enumeration and reconnaissance tool | [Amass MCP Documentation](./amass-mcp) |
 | Alterx | Pattern-based wordlist generator for subdomain discovery | [Alterx MCP Documentation](./alterx-mcp/) |
 | Arjun | Run Arjun to discover hidden HTTP parameters | [Arjun MCP Documentation](./arjun-mcp) |
@@ -70,77 +69,110 @@ Since each MCP server may require different dependencies, the `start.sh` bash sc
 | SQLmap | Advanced SQL injection detection and exploitation tool | [SQLmap MCP Documentation](./sqlmap-mcp/) |
 | Waybackurls | Tool for retrieving historical URLs from the Wayback Machine | [Waybackurls MCP Documentation](./waybackurls-mcp/) |
 | WPScan | WordPress vulnerability scanner for detecting plugins, themes, and configuration issues | [WPScan MCP Documentation](./wpscan-mcp/) |
+| WAFW00F | Web Application Firewall identification and fingerprinting tool | [WAFW00F MCP Documentation](./wafw00f-mcp/) |
+| Security Resources | MCP server providing security resources, checklists, and guides | [Resources MCP Documentation](./security-resources-mcp/) |
+| commix | Command injection exploiter | [Commix MCP Documentation](./commix-mcp/) |
 
 ## Quick Reference
 
 ### Alterx MCP  
+
 Generates custom wordlists for subdomain discovery using pattern-based permutations.
 
 ### Amass MCP  
+
 Advanced reconnaissance tool for subdomain enumeration and intelligence gathering with both passive and active modes.
 
 ### arjun MCP  
+
 Discovers hidden HTTP parameters on web applications by scanning URLs, supporting custom wordlists, multiple methods, and adjustable scanning speeds.
 
 ### Assetfinder MCP
+
 Discovers subdomains related to a given domain using passive enumeration techniques. Integrates Tomnomnom’s Assetfinder into the MCP ecosystem for fast and reliable reconnaissance.
 
 ### Cero MCP Server
+
 Certificate-based subdomain discovery tool that extracts domain names from TLS certificates for reconnaissance and infrastructure mapping.
 
 ### Certificate Search (crt.sh) MCP  
+
 Discovers subdomains by querying SSL certificate transparency logs without active scanning.
 
 ### FFUF MCP Server  
+
 URL-based fuzzing tool with support for all FFUF command line arguments.
 
 ### Gowitness MCP Server  
+
 Web screenshot and reconnaissance tool that captures screenshots of web pages, analyzes HTTP responses, and provides visual reconnaissance capabilities for security assessments and web application testing.
 
 ### HTTP Headers Security MCP  
+
 Analyzes HTTP response headers against OWASP security standards with recommendations.
 
 ### httpx MCP  
+
 Performs high-speed probing of discovered subdomains to validate alive hosts, fetch response details, and enrich reconnaissance data without heavy scanning.
 
-### Katana MCP 
+### Katana MCP
+
 Performs fast and customizable web crawling to discover endpoints, scripts, and hidden paths. Supports JavaScript parsing, depth control, and hybrid crawling with headless browsers to enrich reconnaissance and automation workflows.
 
 ### Masscan MCP Server  
+
 Fast port scanning tool for target-based port discovery across networks.
 
 ### MobSF MCP Server  
+
 Mobile application security testing framework for Android, iOS, and Windows applications.
 
 ### Nmap MCP Server  
+
 Full-featured network scanner with detailed service fingerprinting and vulnerability detection.
 
 ### Nuclei MCP Server  
+
 Template-based vulnerability scanner with an extensive library of security checks.
 
-### Scout Suite MCP Server 
+### Scout Suite MCP Server
+
 Performs a multi-service cloud security audit by analyzing cloud configurations and highlighting potential misconfigurations and risks based on best practices.
 
 ### shuffledns MCP  
+
 High-speed DNS brute-forcing and mass subdomain resolution tool to quickly discover valid subdomains using custom resolvers and wordlists.
 
 ### smuggler MCP  
+
 HTTP Request Smuggling detection tool that identifies desynchronization vulnerabilities between front-end and back-end servers.
 
 ### SQLmap MCP Server  
+
 SQL injection testing tool with comprehensive capabilities for vulnerability discovery.
 
 ### SSLScan MCP Server  
+
 SSL/TLS configuration analyzer for identifying weak ciphers and security misconfigurations.
 
 ### Waybackurls MCP  
+
 Retrieves historical URLs from the Wayback Machine to discover forgotten endpoints.
 
 ### WPScan MCP  
+
 WordPress vulnerability scanner for detecting outdated plugins, themes, and common misconfigurations.
 
+### WAFW00F MCP
+
+Identifies and fingerprints Web Application Firewalls (WAF) to help understand the target infrastructure.
+
+### Security Resources MCP
+
+Provides educational resources, checklists, and guides based on industry standards like OWASP to assist in security assessments.
+
+## TO-DO Tools
 
-## TO-DO Tools 
 - commix
 - Corsy
 - CrackMapExec
@@ -162,9 +194,7 @@ WordPress vulnerability scanner for detecting outdated plugins, themes, and comm
 - puredns
 - s3scanner
 - tlsx
-- wafw00f
 - webscreenshot
-- wpscan
 - ...
 
 ## Development
@@ -183,4 +213,3 @@ For installation instructions for each tool, please refer to the individual docu
 ## Usage
 
 Each tool has specific parameters and usage instructions. For detailed information, see the documentation for the specific tool you want to use.
-