2025-10-06 21:13:31 +03:30
2025-10-06 21:13:31 +03:30

🔎 Awesome MCP Servers for Bug Bounty

A focused, no-noise list of Model Context Protocol (MCP) servers for real bug bounty work: recon, crawling, evidence capture, enrichment, code/secret OSINT, and mobile analysis.

Contents

🔭 Recon & Internet Intel

  • mcp-recon - Conversational recon for domains, IPs, and ASNs. Turns plain questions into targeted HTTP/ASN checks.
  • Shodan MCP - Map exposed hosts and services and pivot on CVEs from Shodan results.
  • Censys MCP - Enumerate hosts, certs, and services across the internet map with Censys Search.

🕷️ Crawling, Fetching & Evidence

  • Firecrawl MCP - Crawl and scrape pages, returning structured content for diffing and analysis.
  • Screenshot Website MCP - Fast, headless screenshots (auto-tiling) for crisp PoC evidence.
  • Fetch MCP (official) - Lightweight HTML-to-Markdown fetcher when you do not need a full browser.

🧪 Enrichment & Triage

  • VirusTotal MCP - Lookups for URLs, files, IPs, and domains with relationship context.
  • CVE-Search MCP - Query vendors, products, recent updates, or specific CVE IDs.

🧑‍💻 Code & Secrets OSINT

  • GitHub MCP (remote) - Search repos, issues, and PRs. Review diffs to triage suspected secrets.
  • Maigret MCP - Username footprinting across many platforms with quick URL checks.

📱 Mobile & APK Analysis

🛠️ Orchestration

  • secops-mcp - Multi-tool hub wiring common security utilities behind a simple MCP interface for bug bounty workflows.

📬 Contact

You can reach me on X.

Description
No description provided
Readme 135 KiB