Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Noctua

БесплатноНе проверен

Exposes a pentest toolbox (sqlmap, nuclei, ffuf, etc.) via Docker to an LLM orchestrator for authorized security audits, with strict whitelisting and timeout co

GitHubEmbed

Описание

Exposes a pentest toolbox (sqlmap, nuclei, ffuf, etc.) via Docker to an LLM orchestrator for authorized security audits, with strict whitelisting and timeout controls.

README

🇬🇧 English · 🇫🇷 Français

An MCP server (stdio) that exposes a pentest toolbox to a strong LLM orchestrator (Claude Code, interactive), to run authorized security audits.

A clean rewrite inspired by the Darkmoon MCP (GPL v3) with no code copied → CeCILL-B license, zero GPL debt. What's reused is the toolbox (sqlmap, nuclei, ffuf, httpx, naabu, katana, whatweb…); the fragile orchestration (opencode + local model) is dropped and replaced by a strong brain that verifies.

Architecture

[Claude Code] --stdio--> [mcp-noctua (host)] --docker.sock--> [darkmoon container = toolbox]
   (the brain)             (controlled gateway)               (sqlmap, nuclei, ffuf…)

mcp-noctua reuses the darkmoon container (ascit/darkmoon:latest) as its toolbox, invoking it via docker.sock. Invoking tools inside a container is not a derivative work → no license concern. The container is kept alive; noctua starts it if it's stopped before a run.

Exposed MCP tools

Tool Role
run_tool(command, timeout?) Run a whitelisted tool in the toolbox.
web_crawl(url, depth?, timeout?) Bounded crawl (katana).
port_scan(target, ...) naabu + httpx, bounded.
vuln_scan(url, tags?) nuclei, bounded.
list_tools() Tools available in the toolbox.
health() Toolbox container state (running / started / not found).

Guard-rails

  • Strict allow-list of tools; dangerous patterns blocked (rm -rf, fork bomb, exfil…).
  • A timeout that actually kills the process inside the toolbox (fixes the Darkmoon flaw).
  • Authorized testing only; the operator validates every target.

Configuration (.env)

See .env.example. Keys: DOCKER_CONTAINER_NAME, NOCTUA_TIMEOUT, NOCTUA_REPORTS_DIR, NOCTUA_COMPOSE_DIR, DEBUG.

Install

git clone https://github.com/NeveuGregor/mcp-noctua.git
cd mcp-noctua
python3 -m venv venv && source venv/bin/activate
pip install -e ".[dev]"
cp .env.example .env   # adjust as needed
pytest

Register in ~/.claude.json as a stdio MCP server: venv/bin/python -m src.main (cwd = mcp-noctua).

License

CeCILL-B — see LICENSE.

from github.com/NeveuGregor/mcp-noctua

Установка Noctua

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/NeveuGregor/mcp-noctua

FAQ

Noctua MCP бесплатный?

Да, Noctua MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Noctua?

Нет, Noctua работает без API-ключей и переменных окружения.

Noctua — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить Noctua в Claude Desktop, Claude Code или Cursor?

Открой Noctua на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Noctua with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development