AynOps
by
Enables AI clients to perform real‑time cybersecurity reconnaissance directly from a local server, automating WHOIS, DNS, port scanning, SSL inspection, header analysis, tech‑stack detection, CVE lookup and more.
AynOps Overview
What is AynOps about?
AynOps provides a local Model Context Protocol (MCP) server that equips Claude (or other AI clients) with a suite of security‑focused tools. Instead of manually running separate utilities, an AI can invoke commands like “analyze google.com” and receive a comprehensive security report instantly.
How to use AynOps?
- Install prerequisites – Python 3.12+, Claude Desktop, Nmap, Git.
- Clone & set up
git clone https://github.com/AynOps/AynOps cd AynOps pip install -r requirements.txt - Configure Claude Desktop – add an entry in the
claude_desktop_config.jsonpointing to the Python executable in the virtual environment andserver.py. SupplyABUSEIPDB_API_KEYandIP_API_KEYif you plan to useip_reputationorasn_lookup. - Restart Claude Desktop and ask the assistant for available tools or issue commands such as:
Do a WHOIS lookup on example.comRun DNS enumeration on github.comFull recon on reddit.com
Key features of AynOps
- whois_lookup – registration details, registrar, name servers.
- dns_enumeration – A, AAAA, MX, NS, TXT, CNAME, SOA + sub‑domain brute‑force.
- port_scan – Nmap‑driven scans with service/version detection and security warnings.
- ssl_inspect – Certificate details, cipher strength, SANs, TLS version.
- headers_analyzer – Evaluation of HSTS, CSP, X‑Frame‑Options, etc., with severity ratings.
- tech_stack_detect – Identify web server, CMS, JS frameworks, CDNs, analytics.
- cert_transparency – Sub‑domain discovery via crt.sh with fallback to HackerTarget.
- asn_lookup – Autonomous System information and hosting provider details.
- full_recon – Executes all core tools in parallel and aggregates results.
- cve_lookup – Searches NVD for CVEs by software name/version (no API key).
- ip_reputation – Checks AbuseIPDB for malicious IPs (API key required).
Use cases of AynOps
- Security researchers – Rapid reconnaissance of targets under authorized testing.
- Penetration testers – Automate data collection before manual exploitation.
- DevOps / developers – Verify the security posture of own services and deployments.
- Students & trainers – Hands‑on learning of common security tooling via natural‑language prompts.
FAQ from the AynOps
Q: Do I need an internet connection? A: Yes, for external data sources (WHOIS, DNS, NVD, AbuseIPDB, crt.sh) the server contacts the internet, but all processing runs locally.
Q: Is my data safe? A: The server runs entirely on your machine; no data is sent to external services beyond the public APIs required for lookups.
Q: Which ports can I scan?
A: Use the port_scan tool with types (basic, service, os, full, vuln). Scanning should be limited to assets you own or have explicit permission to test.
Q: Do I need API keys for every tool?
A: Only ip_reputation (AbuseIPDB) and asn_lookup (IP‑API) require keys. Other tools rely on publicly available data.
Q: Can I run AynOps in Docker?
A: Yes, a Dockerfile is provided. Build the image and run the container, exposing the MCP port as needed.
AynOps's README
What is this?
Claude by default has zero native cybersecurity tooling. No WHOIS. No DNS enumeration. No port scanning. No SSL inspection.
This MCP server fixes that — extending Claude with real-world security tools that run live against any domain or IP. Reconnaissance that normally requires multiple specialized tools and 20+ minutes of manual work becomes a single prompt.
This is a local MCP server — it runs entirely on your machine. Your data never leaves your computer. It is also listed on glama mcp registry.
Tools Available
| Tool | Description |
|---|---|
whois_lookup |
Domain registration data — owner, registrar, creation date, expiry, name servers |
dns_enumeration |
A, AAAA, MX, NS, TXT, CNAME, SOA records + common subdomain brute-forcing |
port_scan |
Nmap-powered scanner with service/version detection and security warnings |
ssl_inspect |
SSL/TLS certificate — issuer, expiry, cipher strength, SANs, TLS version |
headers_analyzer |
Analyzes HTTP security headers — checks HSTS, CSP, X-Frame-Options, and more with severity ratings and misconfiguration details |
tech_stack_detect |
Web server, CMS, JS frameworks, CDN, analytics, and security header scoring |
cert_transparency |
Subdomain discovery via crt.sh Certificate Transparency logs with an automatic fallback to HackerTarget passive DNS on timeouts |
asn_lookup |
Autonomous System Number (ASN) and network ownership lookup — identifies hosting provider, ISP, organization, geolocation, and infrastructure ownership for domains or IP addresses |
full_recon |
Runs all core tools in parallel and returns combined results for Claude to analyze |
cve_lookup |
Search NVD for known CVEs by software name and version (no API key required) |
ip_reputation |
Check if an IP is flagged as malicious via AbuseIPDB (api key requied) |
📸 Demo
Single tool — CVE lookup
You: Look up CVEs for apache 2.4.49
Claude: Found 2 critical CVEs for Apache 2.4.49:
CVE-2021-41773 (Score: 9.8 CRITICAL) — Path traversal vulnerability
allowing remote code execution if CGI is enabled. Actively exploited
in the wild...
Full recon
You: Do a complete security recon on reddit.com
Claude: [calls full_recon → runs 6 tools in parallel → delivers full analysis]
📋 Prerequisites
- Python 3.12+ — download
- Claude Desktop — download
- Nmap — required for port scanning (download)
- Git — download
⚙️ Installation
Step 1 — Clone the repository
git clone https://github.com/AynOps/AynOps
cd AynOps
Step 2 — Install Python dependencies
pip install -r requirements.txt
Step 3 — Install Nmap
Windows:
- Download from nmap.org/download.html and run the installer
- Manually add Nmap to PATH:
- Press
Win + S→ search "Environment Variables" - Under System Variables → find Path → click Edit
- Click New → add
C:\Program Files (x86)\Nmap - Click OK on all windows
- Press
- Restart your terminal and verify:
nmap --version
Mac:
brew install nmap
Linux:
sudo apt install nmap
Step 4 — Connect to Claude Desktop
Open your Claude Desktop config file:
| OS | Path |
|---|---|
| Windows | %APPDATA%\Claude\claude_desktop_config.json |
| Mac | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Linux | ~/.config/Claude/claude_desktop_config.json |
Add this configuration:
Windows:
{
"mcpServers": {
"AynOps": {
"command": "C:\\full\\path\\to\\AynOps\\.venv\\Scripts\\python.exe",
"args": ["C:\\full\\path\\to\\AynOps\\server.py"],
"env": {
"ABUSEIPDB_API_KEY": "your-api-key-here",
"IP_API_KEY": "your-api-key-here"
}
}
}
}
Mac/Linux:
{
"mcpServers": {
"AynOps": {
"command": "/full/path/to/AynOps/.venv/bin/python3",
"args": ["/full/path/to/AynOps/server.py"],
"env": {
"ABUSEIPDB_API_KEY": "your-api-key-here",
"IP_API_KEY": "your-api-key-here"
}
}
}
}
⚠️ Always use the full absolute path to your
.venvPython executable — not justpythonorpython3. Claude Desktop may use a different Python installation otherwise.
Note:
ABUSEIPDB_API_KEYis only required for theip_reputationtool. Get a free key at abuseipdb.com.IP_API_KEYis only required for theasn_lookuptool. get a free key at ipapi.com
Step 5 — Restart Claude Desktop
Fully quit and reopen Claude Desktop — closing the window is not enough. Check the system task manager and quit from there.
Verify tools are connected by asking Claude:
What cybersecurity tools do you have available?
Claude should list all tools.
📦 Listed On
| Registry | Link |
|---|---|
| Official MCP Registry | registry.modelcontextprotocol.io |
| Glama | glama.ai/mcp/servers/... |
🚀 Usage
Basic tool usage
Do a WHOIS lookup on example.com
Run DNS enumeration on github.com
Scan ports on scanme.nmap.org
Inspect the SSL certificate of stripe.com
Analyze HTTP security headers for github.com
Detect the tech stack of wordpress.org
Look up CVEs for apache 2.4.49
Look up CVEs for log4j 2.14.1
Check the reputation of IP 1.2.3.4
ASN Lookup for google.com
Port scan types
| Type | Description | Speed |
|---|---|---|
basic |
Top 100 ports | Fast (~5s) |
service |
Service & version detection | Medium (~15s) |
os |
OS detection (requires admin) | Medium |
full |
All 65535 ports | Slow (~5min) |
vuln |
Vulnerability scripts | Slow (~30s) |
Scan scanme.nmap.org with service detection
Full recon
Do a complete security recon on reddit.com
Claude will run all core tools in parallel and deliver a full security analysis.
Follow-up analysis
Based on the recon, what are the top security risks?
What do the open ports mean from an attacker's perspective?
Is this SSL configuration strong enough for a financial services company?
Cross-reference the open ports with known CVEs for the detected services.
⚠️ Legal & Ethical Usage
Only scan domains and IPs you own or have explicit written permission to scan.
- All tools use public data — safe on any domain
- Port scanning should only target your own infrastructure or authorized systems
- The only public host officially permitted for Nmap testing is
scanme.nmap.org - Unauthorized port scanning may be illegal in your jurisdiction
Intended for:
- Security researchers
- Penetration testers (on authorized targets)
- Developers auditing their own infrastructure
- Students learning cybersecurity concepts
🗂️ Project Structure
├── .github/ # GitHub Actions workflows and templates
├── tests/ # Unit tests
├── tools/ # MCP tool implementations
├── utils/ # Shared helper utilities
├── server.py # MCP server entry point
├── pyproject.toml # Project metadata and dependencies
├── requirements.txt # Python dependencies
├── mcp.json # MCP server metadata
├── glama.json # Glama MCP metadata
├── Dockerfile # Docker image definition
├── SECURITY.md # Security policy
├── CONTRIBUTING.md # Contribution guidelines
└── README.md # Project documentation
Glama MCP Scoring
PyPI Package
mcp-name: io.github.AynOps/AynOps Link:- https://pypi.org/project/AynOps/
🤝 Contributing
Pull requests are welcome! Check contributing.md for guidelines and a list of open issues ready to pick up.
📜 License
MIT License — free to use, modify, and distribute.
👤 Author
Built by Gaohar Imran
- GitHub: @gaoharimran29-glitch
- LinkedIn: Gaohar Imran
⭐ If this project helped you, consider giving it a star on GitHub!
AynOps Reviews
Login Required
Please log in to share your review and rating for this MCP.
Similar MCP Servers like AynOps
Explore related MCPs that share similar capabilities and solve comparable challenges
SafeLine
by chaitin
A self‑hosted web application firewall and reverse proxy that protects web applications from attacks and exploits by filtering, monitoring, and blocking malicious HTTP/S traffic.
Snyk Agent Scan
by snyk
Scans installed AI agent components, MCP servers, and skill files for prompt‑injection, tool poisoning, toxic flows, hard‑coded secrets and other supply‑chain risks.
SafeDep Vet
by safedep
Provides enterprise‑grade open source software supply chain security by scanning source code, dependencies, containers and SBOMs, detecting vulnerabilities and malicious packages, and enforcing policy as code.
Semgrep MCP Server
by semgrep
Offers an MCP server that lets LLMs, agents, and IDEs run Semgrep scans to detect security vulnerabilities in source code.
Burp MCP Server
by PortSwigger
Enables Burp Suite to communicate with AI clients via the Model Context Protocol, providing an MCP server and bundled stdio proxy.
Wazuh MCP Remote Server
by gensecaihq
Provides AI‑driven conversational access to Wazuh SIEM data, allowing natural‑language queries, threat analysis, incident triage, and compliance checks through a Model Context Protocol‑compliant remote server.
Cycode CLI
by cycodehq
Boost security in the development lifecycle via SAST, SCA, secrets, and IaC scanning.
Bugsy
by mobb-dev
Provides automatic security vulnerability remediation for code via a command‑line interface and an MCP server, leveraging findings from popular SAST tools such as Checkmarx, CodeQL, Fortify, and Snyk.
Keycloak MCP Server
by ChristophEnglisch
Provides AI‑powered administration of Keycloak users and realms through the Model Context Protocol, enabling automated creation, deletion, and listing of users and realms from MCP clients such as Claude Desktop.