Server data from the Official MCP Registry
55 tools, 7 Resources, Sigma rules, email SPF/DMARC, MITRE, CVE/KEV, risk_score. No key.
55 tools, 7 Resources, Sigma rules, email SPF/DMARC, MITRE, CVE/KEV, risk_score. No key.
Remote endpoints: streamable-http: https://api.contrastcyber.com/mcp/
Valid MCP server (2 strong, 2 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry. 3 finding(s) downgraded by scanner intelligence.
55 tools verified · Open access · 3 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Remote Plugin
No local installation needed. Your AI client connects to the remote endpoint directly.
Add this to your MCP configuration to connect:
{
"mcpServers": {
"com-contrastcyber-api": {
"url": "https://api.contrastcyber.com/mcp/"
}
}
}From the project's GitHub README.
Security intelligence, built for AI agents. Give your agent grounded answers about vulnerabilities, threats, and attack surface — backed by authoritative sources (NVD, CISA KEV, FIRST EPSS, MITRE ATLAS & D3FEND), never guesswork. CVE/KEV/CWE lookup with EPSS exploit-probability and composite risk scoring, domain & IP investigation, IOC enrichment, code-security checks, and live web intelligence. 55 tools, 7 Resources, and 3 Prompts — free, no API key, no signup.
中文 · Live: api.contrastcyber.com
{
"mcpServers": {
"contrastapi": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://api.contrastcyber.com/mcp/"]
}
}
}
Restart your agent. Other clients (Python SDK, Node SDK, cURL, VS Code): mcp-setup · quickstart
Grab the .mcpb file from the latest release and double-click it (or Claude Desktop → Settings → Extensions → Install Extension…). No signup, no API key — all 55 tools ready immediately.
pip install contrastapi # Python 3.10+ — sync + async, typed responses, shortcut helpers
npm install contrastapi # Node 14+ — concrete TypeScript types, 14 namespaces
Both SDKs cover every HTTP endpoint and MCP tool — CVE/KEV/CWE, ATLAS, D3FEND, Sigma rules, email security posture, domain, IP, IOC, code security, and web intelligence — with wire-exact response shapes and a typed exception hierarchy that mirrors the API error envelope. They also expose MCP Resources for browsing the ATLAS, D3FEND, and CWE catalogs (see docs/MCP_Documentation.md) and a conditional triage Prompt (see docs/MCP_Documentation.md#contrast-triage). Web-intelligence tools — robots_txt, redirect_chain, email_verify, brand_assets, seo_audit, geo_audit — ship with an explicit ethical floor: per-target throttling, robots.txt respected, no SMTP probing.
OpenAPI: openapi.json
Smithery · npm · VS Code Marketplace · Awesome OSINT MCP · RapidAPI
Responses include a verdict block — deterministic, falsifiable_fields, data_age_seconds, sources_queried / sources_unavailable, completeness — so a verifier agent can independently re-derive specific fields from the upstream authority (NVD, RDAP, CT logs, URLhaus). Probe GET /v1/capabilities for "verdict_metadata": true.
CVE responses also embed next_calls: list[PivotHint] — {tool, input, reason} triples that suggest the next MCP tool to call (e.g. kev_detail when kev.in_kev=true, cwe_lookup when cwe_id is set). Agents chain workflows without manual prompting.
MIT
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.