External Reconnaissance MCP Server
by naebo
This is a Model Context Protocol (MCP) server designed for performing active external reconnaissance activities against a domain. It provides a suite of reconnaissance capabilities including DNS enumeration, subdomain discovery, email security analysis, and SSL certificate inspection.
Last updated: N/A
What is External Reconnaissance MCP Server?
This server is a Model Context Protocol (MCP) server that automates external reconnaissance tasks against a specified domain. It leverages tools like dig, whois, and dnsrecon to gather information about DNS records, subdomains, email security, and more.
How to use External Reconnaissance MCP Server?
To use this server, you need to download Claude for Desktop, install uv, download the repository, configure Claude for Desktop to point to the server's executable, relaunch Claude, select the 'external-recon' prompt, and supply the target domain.
Key features of External Reconnaissance MCP Server
Comprehensive DNS record enumeration (A, AAAA, MX, NS, SOA, TXT, SRV)
DNS zone transfer attempts
Subdomain enumeration & bruteforcing
WHOIS lookups
HTTP headers analysis
Email Security Assessment
Use cases of External Reconnaissance MCP Server
Identifying potential attack surfaces of a domain.
Gathering information for penetration testing.
Assessing the email security posture of an organization.
Monitoring changes in DNS records and subdomains.
Performing security audits of web infrastructure.
FAQ from External Reconnaissance MCP Server
What tools does this server rely on?
What tools does this server rely on?
This server requires dig, whois, and dnsrecon to be installed on your system.
Is this server production-ready?
Is this server production-ready?
No, this server is intended solely as a demonstration and is not production-ready. Use at your own risk.
How do I configure this server with Claude for Desktop?
How do I configure this server with Claude for Desktop?
You need to edit the Claude for Desktop configuration file and add the server's command and arguments.
What kind of security considerations should I keep in mind?
What kind of security considerations should I keep in mind?
Only use against authorised targets, follow responsible disclosure practices, and respect target system's resources.
Can I contribute to this project?
Can I contribute to this project?
Yes, contributions are welcome! Please feel free to submit pull requests.