Skip to content

We5ter/ScanCodex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
assets
assets
 
 
src/scancodex
src/scancodex
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
README_CN.md
README_CN.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

ScanCodex

中文文档

ScanCodex

The security scanner codex for AI agents — powered by Scanners-Box.

Python License MCP Data

An MCP (Model Context Protocol) server that turns the Scanners-Box arsenal of 300+ open-source security tools into a queryable knowledge base for Claude, Cursor, and any MCP-compatible AI agent.

Ask your AI assistant "what should I use to scan Kubernetes for misconfigs?" and it will consult the codex, recommend the right tools, show you how to install them, and even run the install for you.

flowchart LR
    U([User]) -->|ask in natural language| A[AI Agent\nClaude / Cursor]
    A -->|MCP tool call| S[ScanCodex\nMCP Server]
    S -->|first run: download & cache| G[(Scanners-Box\nGitHub)]
    S -->|query| C[(~/.cache/\nscancodex)]
    G --> C
    S -->|fetch README| G
    S -->|git clone + build| L([Local Machine])
    S -->|results| A
    A -->|answer| U
Loading

Tools exposed

Tool Description
list_categories Browse all 20 scanner categories
recommend_scanners Find scanners by task description, category, or language
build_workflow Get a full tool chain for a pentest phase
get_tool_usage Fetch install & usage instructions from a tool's GitHub README
install_tool Clone and install a tool locally with one command

Quick start

Prerequisites: Python 3.10+

git clone https://github.com/We5ter/ScanCodex
cd ScanCodex
pip install .

Scanners-Box data is downloaded automatically on first use and cached to ~/.cache/scancodex/. No extra cloning needed.

Claude Desktop setup

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "scancodex": {
      "command": "python3",
      "args": ["-m", "scancodex.server"]
    }
  }
}

Claude Code setup

claude mcp add scancodex -- python3 -m scancodex.server

Example prompts

What tools should I use to test an LLM app for prompt injection?

I need to scan a Kubernetes cluster for security issues — what do you recommend?

Build me a recon workflow for a pentest engagement.

Show me Go-based vulnerability scanners for container images.

How do I install and use GitHack?

Install subfinder for me.

Pentest phases for build_workflow

recon · vuln_scan · web · container · mobile · smart_contract · ai_apps · malware · code_analysis · incident · a3c

License

MIT — data sourced from Scanners-Box (CC-BY-NC-ND-4.0).

About

MCP server that brings 300+ security tools from Scanners-Box to your AI agent. · 将 Scanners-Box 300+ 安全工具接入 AI 智能体的 MCP 服务

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages