cybersecurity-mcp-server 0.1.0__tar.gz

cybersecurity_mcp_server-0.1.0/.gitignore

@@ -0,0 +1,7 @@
+__pycache__/
+*.pyc
+.venv/
+*.egg-info/
+dist/
+build/
+.env

cybersecurity_mcp_server-0.1.0/PKG-INFO

@@ -0,0 +1,54 @@
+Metadata-Version: 2.4
+Name: cybersecurity-mcp-server
+Version: 0.1.0
+Summary: Cybersecurity data for AI agents — CVE database, vulnerability search, threat intelligence, exploit info
+Project-URL: Homepage, https://github.com/AiAgentKarl/cybersecurity-mcp-server
+Project-URL: Repository, https://github.com/AiAgentKarl/cybersecurity-mcp-server
+Author: AiAgentKarl
+License: MIT
+Keywords: cve,cybersecurity,mcp,security,threat-intelligence,vulnerabilities
+Requires-Python: >=3.10
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: mcp>=1.0.0
+Requires-Dist: pydantic>=2.0.0
+Description-Content-Type: text/markdown
+
+# Cybersecurity MCP Server 🔒
+
+CVE database and vulnerability intelligence for AI agents. Search the NIST National Vulnerability Database, check software security, and stay informed about threats.
+
+## Features
+
+- **CVE Search** — Search vulnerabilities by keyword or severity
+- **CVE Details** — Full details including CVSS score, affected products, references
+- **Software Check** — Check any software for known vulnerabilities
+- **CPE Database** — Search products in the Common Platform Enumeration
+- **No API Key** — Uses the free NIST NVD API
+
+## Installation
+
+```bash
+pip install cybersecurity-mcp-server
+```
+
+## Tools
+
+| Tool | Description |
+|------|-------------|
+| `search_vulnerabilities` | Search CVE database by keyword |
+| `get_cve_details` | Get full CVE details by ID |
+| `check_software_vulnerabilities` | Check a software for known CVEs |
+| `search_products` | Search CPE product database |
+
+## Examples
+
+```
+"Are there critical vulnerabilities in Apache Log4j?"
+"Show me CVE-2021-44228 details"
+"Check nginx for known security issues"
+"What are the latest critical CVEs?"
+```
+
+## License
+
+MIT

cybersecurity_mcp_server-0.1.0/README.md

@@ -0,0 +1,39 @@
+# Cybersecurity MCP Server 🔒
+
+CVE database and vulnerability intelligence for AI agents. Search the NIST National Vulnerability Database, check software security, and stay informed about threats.
+
+## Features
+
+- **CVE Search** — Search vulnerabilities by keyword or severity
+- **CVE Details** — Full details including CVSS score, affected products, references
+- **Software Check** — Check any software for known vulnerabilities
+- **CPE Database** — Search products in the Common Platform Enumeration
+- **No API Key** — Uses the free NIST NVD API
+
+## Installation
+
+```bash
+pip install cybersecurity-mcp-server
+```
+
+## Tools
+
+| Tool | Description |
+|------|-------------|
+| `search_vulnerabilities` | Search CVE database by keyword |
+| `get_cve_details` | Get full CVE details by ID |
+| `check_software_vulnerabilities` | Check a software for known CVEs |
+| `search_products` | Search CPE product database |
+
+## Examples
+
+```
+"Are there critical vulnerabilities in Apache Log4j?"
+"Show me CVE-2021-44228 details"
+"Check nginx for known security issues"
+"What are the latest critical CVEs?"
+```
+
+## License
+
+MIT

cybersecurity_mcp_server-0.1.0/pyproject.toml

@@ -0,0 +1,21 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "cybersecurity-mcp-server"
+version = "0.1.0"
+description = "Cybersecurity data for AI agents — CVE database, vulnerability search, threat intelligence, exploit info"
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.10"
+authors = [{name = "AiAgentKarl"}]
+keywords = ["mcp", "cybersecurity", "cve", "vulnerabilities", "security", "threat-intelligence"]
+dependencies = ["mcp>=1.0.0", "httpx>=0.27.0", "pydantic>=2.0.0"]
+
+[project.urls]
+Homepage = "https://github.com/AiAgentKarl/cybersecurity-mcp-server"
+Repository = "https://github.com/AiAgentKarl/cybersecurity-mcp-server"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src"]

cybersecurity_mcp_server-0.1.0/src/clients/nist.py

@@ -0,0 +1,49 @@
+"""NIST NVD API Client — CVE-Datenbank und Vulnerability-Suche."""
+
+import httpx
+
+
+class NistClient:
+    """Async-Client für die NIST National Vulnerability Database."""
+
+    def __init__(self):
+        self._client = httpx.AsyncClient(timeout=30.0)
+        self._base = "https://services.nvd.nist.gov/rest/json"
+
+    async def search_cves(
+        self, keyword: str = None, cve_id: str = None,
+        severity: str = None, limit: int = 10,
+    ) -> dict:
+        """CVEs suchen über die NVD API 2.0."""
+        url = f"{self._base}/cves/2.0"
+        params = {"resultsPerPage": min(limit, 50)}
+
+        if cve_id:
+            params["cveId"] = cve_id
+        if keyword:
+            params["keywordSearch"] = keyword
+        if severity:
+            params["cvssV3Severity"] = severity.upper()
+
+        resp = await self._client.get(url, params=params)
+        resp.raise_for_status()
+        return resp.json()
+
+    async def get_cve(self, cve_id: str) -> dict:
+        """Einzelne CVE-Details abrufen."""
+        url = f"{self._base}/cves/2.0"
+        params = {"cveId": cve_id}
+        resp = await self._client.get(url, params=params)
+        resp.raise_for_status()
+        return resp.json()
+
+    async def search_cpes(self, keyword: str, limit: int = 10) -> dict:
+        """CPE (Common Platform Enumeration) suchen — Software/Hardware identifizieren."""
+        url = f"{self._base}/cpes/2.0"
+        params = {"keywordSearch": keyword, "resultsPerPage": min(limit, 50)}
+        resp = await self._client.get(url, params=params)
+        resp.raise_for_status()
+        return resp.json()
+
+    async def close(self):
+        await self._client.aclose()

cybersecurity_mcp_server-0.1.0/src/server.py

@@ -0,0 +1,16 @@
+"""Cybersecurity MCP Server — CVE-Datenbank und Vulnerability-Intelligence."""
+
+from mcp.server.fastmcp import FastMCP
+from src.tools.security import register_security_tools
+
+mcp = FastMCP(
+    "Cybersecurity MCP Server",
+    instructions="Search CVE vulnerabilities, check software security, browse the NIST National Vulnerability Database. Essential for any agent working with code or infrastructure.",
+)
+register_security_tools(mcp)
+
+def main():
+    mcp.run(transport="stdio")
+
+if __name__ == "__main__":
+    main()

cybersecurity_mcp_server-0.1.0/src/tools/security.py

@@ -0,0 +1,150 @@
+"""Security-Tools — CVE-Suche, Vulnerability-Analyse, Threat Intelligence."""
+
+from mcp.server.fastmcp import FastMCP
+from src.clients.nist import NistClient
+
+_nist = NistClient()
+
+
+def _parse_cve(item: dict) -> dict:
+    """CVE-Eintrag in lesbares Format umwandeln."""
+    cve = item.get("cve", {})
+    metrics = cve.get("metrics", {})
+
+    # CVSS Score extrahieren
+    cvss_score = None
+    cvss_severity = None
+    cvss_vector = None
+
+    for version in ["cvssMetricV31", "cvssMetricV30", "cvssMetricV2"]:
+        if version in metrics and metrics[version]:
+            cvss_data = metrics[version][0].get("cvssData", {})
+            cvss_score = cvss_data.get("baseScore")
+            cvss_severity = cvss_data.get("baseSeverity")
+            cvss_vector = cvss_data.get("vectorString")
+            break
+
+    # Beschreibung (englisch bevorzugt)
+    descriptions = cve.get("descriptions", [])
+    desc = ""
+    for d in descriptions:
+        if d.get("lang") == "en":
+            desc = d.get("value", "")
+            break
+
+    # Betroffene Produkte
+    configs = cve.get("configurations", [])
+    affected = []
+    for config in configs[:3]:
+        for node in config.get("nodes", []):
+            for match in node.get("cpeMatch", [])[:5]:
+                affected.append(match.get("criteria", ""))
+
+    # Referenzen
+    refs = [r.get("url") for r in cve.get("references", [])[:5]]
+
+    return {
+        "cve_id": cve.get("id", ""),
+        "description": desc[:500],
+        "cvss_score": cvss_score,
+        "cvss_severity": cvss_severity,
+        "cvss_vector": cvss_vector,
+        "published": cve.get("published", ""),
+        "last_modified": cve.get("lastModified", ""),
+        "affected_products": affected[:5],
+        "references": refs,
+        "status": cve.get("vulnStatus", ""),
+    }
+
+
+def register_security_tools(mcp: FastMCP):
+
+    @mcp.tool()
+    async def search_vulnerabilities(
+        keyword: str, severity: str = None, limit: int = 10,
+    ) -> dict:
+        """CVE-Datenbank nach Schwachstellen durchsuchen.
+
+        Durchsucht die NIST National Vulnerability Database (NVD).
+
+        Args:
+            keyword: Suchbegriff (z.B. "Apache Log4j", "OpenSSL", "Windows RDP")
+            severity: Optional — "LOW", "MEDIUM", "HIGH", "CRITICAL"
+            limit: Maximale Ergebnisse (Standard: 10)
+        """
+        data = await _nist.search_cves(keyword=keyword, severity=severity, limit=limit)
+        vulnerabilities = data.get("vulnerabilities", [])
+        return {
+            "query": keyword,
+            "total_results": data.get("totalResults", 0),
+            "results_count": len(vulnerabilities),
+            "vulnerabilities": [_parse_cve(v) for v in vulnerabilities],
+        }
+
+    @mcp.tool()
+    async def get_cve_details(cve_id: str) -> dict:
+        """Details einer bestimmten CVE abrufen.
+
+        Args:
+            cve_id: CVE-ID (z.B. "CVE-2021-44228" für Log4Shell)
+        """
+        data = await _nist.get_cve(cve_id)
+        vulnerabilities = data.get("vulnerabilities", [])
+        if vulnerabilities:
+            return _parse_cve(vulnerabilities[0])
+        return {"found": False, "cve_id": cve_id}
+
+    @mcp.tool()
+    async def check_software_vulnerabilities(software: str, limit: int = 10) -> dict:
+        """Bekannte Schwachstellen für eine Software prüfen.
+
+        Sucht nach CVEs die eine bestimmte Software betreffen.
+
+        Args:
+            software: Software-Name (z.B. "nginx", "postgresql", "react")
+            limit: Maximale Ergebnisse
+        """
+        data = await _nist.search_cves(keyword=software, limit=limit)
+        vulnerabilities = data.get("vulnerabilities", [])
+        parsed = [_parse_cve(v) for v in vulnerabilities]
+
+        # Nach Schweregrad sortieren
+        parsed.sort(key=lambda x: x.get("cvss_score") or 0, reverse=True)
+
+        critical = sum(1 for v in parsed if (v.get("cvss_score") or 0) >= 9.0)
+        high = sum(1 for v in parsed if 7.0 <= (v.get("cvss_score") or 0) < 9.0)
+
+        return {
+            "software": software,
+            "total_found": data.get("totalResults", 0),
+            "critical_count": critical,
+            "high_count": high,
+            "vulnerabilities": parsed,
+        }
+
+    @mcp.tool()
+    async def search_products(keyword: str, limit: int = 10) -> dict:
+        """Software/Hardware-Produkte in der CPE-Datenbank suchen.
+
+        CPE (Common Platform Enumeration) identifiziert Produkte eindeutig.
+
+        Args:
+            keyword: Produkt-Name (z.B. "microsoft windows", "apache httpd")
+            limit: Maximale Ergebnisse
+        """
+        data = await _nist.search_cpes(keyword, limit)
+        products = data.get("products", [])
+        parsed = []
+        for p in products:
+            cpe = p.get("cpe", {})
+            parsed.append({
+                "cpe_name": cpe.get("cpeName", ""),
+                "title": cpe.get("titles", [{}])[0].get("title", "") if cpe.get("titles") else "",
+                "created": cpe.get("created", ""),
+                "deprecated": cpe.get("deprecated", False),
+            })
+        return {
+            "query": keyword,
+            "total_results": data.get("totalResults", 0),
+            "products": parsed,
+        }