VERIFIED

Intruder

Safety: 55/100

0.0(0)

This MCP server allows clients to interact with Intruder.io for vulnerability scanning and security monitoring via API, requiring an API key for authentication.

MCP ServersDevelopmentCloud & InfrastructureSearch & WebAI & LLMUtilitiesFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

This MCP server allows clients to interact with Intruder.io for vulnerability scanning and security monitoring via API, requiring an API key for authentication.

This MCP server is relatively safe when the Intruder API key is managed securely. Risks increase if the API key is exposed or if the client is configured to make destructive changes to Intruder configurations. Exercise caution when granting write access.

Performance depends on the Intruder.io API and network latency. Large scans may take a significant amount of time to complete.

Intruder.io charges based on usage, so automating scans may increase costs. Monitor API usage and optimize scan schedules to minimize expenses.

Python22 starsBSD-3-ClauseReleased 6/12/2025CI/CD

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

ReadWrite

Client Compatibility

Claude Desktop

full

Cursor

full

Windsurf

untested

VS Code (Copilot)

untested

Quickstart

Claude Desktop Config

{
  "mcpServers": {
    "intruder": {
      "command": "uv",
      "args": [
        "--directory",
        "path/to/intruder-mcp/intruder_mcp",
        "run",
        "server.py"
      ],
      "env": {
        "INTRUDER_API_KEY": "your-api-key"
      }
    }
  }
}

Environment Variables

INTRUDER_API_KEY

Tools (4)

moderate

start_scan

Initiates a new vulnerability scan on Intruder.io.

Starting scans can consume resources and potentially trigger alerts.

safe

get_scan_results

Retrieves the results of a specific vulnerability scan.

Read-only operation with no side effects.

safe

list_scans

Lists all vulnerability scans associated with the Intruder.io account.

Read-only operation with no side effects.

high

update_target

Updates the target configuration for a specific scan.

Modifying target configurations can impact scan scope and results.

Security

Auth Method

API Key

Known Risks

!Compromised API key could lead to unauthorized access to Intruder.io account.
!Misconfigured client could lead to unintended changes in Intruder.io settings.
!Potential for denial-of-service if the client makes excessive API calls.
!Data breaches if Intruder.io's platform is compromised.

Safety Score

moderate risk

Positive

+API key authentication required.
+Intruder.io handles the underlying security scanning.
+Limited scope of operations through the Intruder API.
+No direct system-level access.

Risks

-Exposure of Intruder API key if not handled securely.
-Potential for unintended modifications to Intruder configurations.
-Reliance on Intruder.io's security measures.
-Vulnerability scanning can potentially trigger alerts or actions based on scan results.

Use Cases

Vulnerability Management

-Automating vulnerability scans as part of a CI/CD pipeline.
-Integrating scan results into a central security dashboard.
-Scheduling regular vulnerability scans for critical assets.

Security Monitoring

-Tracking the status of vulnerability scans in real-time.
-Receiving alerts when new vulnerabilities are discovered.
-Generating reports on vulnerability trends over time.

Configuration Management

-Programmatically updating scan targets based on infrastructure changes.
-Managing scan schedules and settings through code.
-Ensuring consistent scanning configurations across multiple environments.

Who Is This For?

Best For

Security engineers
DevSecOps teams
Organizations using Intruder.io for vulnerability scanning
Teams automating security workflows
Integrating security into CI/CD pipelines

Not Ideal For

Organizations not using Intruder.io
Environments with strict security constraints that prohibit API access
Use cases requiring real-time vulnerability detection

Autonomy & Execution

Default ModeConfigurable

Autonomy depends on the specific tools and configurations used. Exercise caution when enabling write access and consider implementing safeguards to prevent unintended changes.

StatelessYes

Retry LogicNot documented

ConcurrencyNot documented

Production Tip

Monitor API usage to avoid exceeding rate limits and implement proper error handling to ensure reliable operation.

FAQ

What is the purpose of this MCP server?

It allows MCP clients to interact with Intruder.io for vulnerability scanning and security monitoring.

What authentication method is used?

API key authentication is required.

What are the potential security risks?

Compromised API key, misconfigured client, and potential for denial-of-service.

Can I automate vulnerability scans with this server?

Yes, you can automate scans as part of a CI/CD pipeline or schedule regular scans.

How can I monitor API usage?

Monitor API requests and responses in your client implementation.

What happens if the Intruder.io API returns an error?

The error will be propagated to the client.

Is there support for dry-run mode?

No, dry-run mode is not supported.

Key Features

Development Cloud & Infrastructure Search & Web AI & LLM Utilities

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Related Tools

Intruder | AI Builder Hub Review & Alternatives | Flaex AI