{"_id":"@iflow-mcp/operantlabs-operant-mcp","name":"@iflow-mcp/operantlabs-operant-mcp","dist-tags":{"latest":"1.0.1"},"versions":{"1.0.1":{"name":"@iflow-mcp/operantlabs-operant-mcp","version":"1.0.1","mcpName":"io.github.operantlabs/operant-mcp","description":"Security testing MCP server with 51 tools for penetration testing, forensics, and vulnerability assessment","type":"module","bin":{"iflow-mcp-operantlabs-operant-mcp":"dist/index.js"},"main":"./dist/index.js","scripts":{"build":"tsc","start":"node dist/index.js","dev":"tsc --watch","prepublishOnly":"npm run build"},"keywords":["mcp","security","pentest","vulnerability","forensics","model-context-protocol"],"license":"MIT","dependencies":{"@modelcontextprotocol/sdk":"^1.12.1","zod":"^3.24.0"},"devDependencies":{"@types/node":"^22.0.0","typescript":"^5.7.0"},"types":"./dist/index.d.ts","_id":"@iflow-mcp/operantlabs-operant-mcp@1.0.1","_integrity":"sha512-yLmn625AtNuBtN/r0NC+21D57l8HanRz9UgALcRmWuzLpS5mz2nvDScP6XUysE0DHK6qRTL/mUDgepdB2zsEbw==","_resolved":"/app/auto-mcp-upload/data/27592/iflow-mcp-operantlabs-operant-mcp-1.0.1.tgz","_from":"file:/app/auto-mcp-upload/data/27592/iflow-mcp-operantlabs-operant-mcp-1.0.1.tgz","_nodeVersion":"24.14.1","_npmVersion":"11.11.0","dist":{"integrity":"sha512-yLmn625AtNuBtN/r0NC+21D57l8HanRz9UgALcRmWuzLpS5mz2nvDScP6XUysE0DHK6qRTL/mUDgepdB2zsEbw==","shasum":"29183c378693b44de0b2bc762e8fc57d55fbb00a","tarball":"https://registry.npmjs.org/@iflow-mcp/operantlabs-operant-mcp/-/operantlabs-operant-mcp-1.0.1.tgz","fileCount":111,"unpackedSize":708037,"signatures":[{"keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U","sig":"MEUCIQCI/2gA5mnpbFtKPhB6hNE0TaowEA/C3r9ewd/sqphd/wIgRvLPn5aIeJjoz45MdvYSBV6moUMO4cf1xx1zLXZvgMg="}]},"_npmUser":{"name":"chatflowdev","email":"chatflowdev@gmail.com"},"directories":{},"maintainers":[{"name":"chatflowdev","email":"chatflowdev@gmail.com"},{"name":"qystart","email":"987472953@qq.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages-npm-production","tmp":"tmp/operantlabs-operant-mcp_1.0.1_1776316550230_0.07104841979918297"},"_hasShrinkwrap":false}},"time":{"created":"2026-04-16T05:15:50.104Z","1.0.1":"2026-04-16T05:15:50.471Z","modified":"2026-04-16T05:15:50.755Z"},"maintainers":[{"name":"chatflowdev","email":"chatflowdev@gmail.com"},{"name":"qystart","email":"987472953@qq.com"}],"description":"Security testing MCP server with 51 tools for penetration testing, forensics, and vulnerability assessment","keywords":["mcp","security","pentest","vulnerability","forensics","model-context-protocol"],"license":"MIT","readme":"# operant-mcp\n\n[![NPM Version](https://img.shields.io/npm/v/operant-mcp?color=red)](https://www.npmjs.com/package/operant-mcp) [![npm downloads](https://img.shields.io/npm/dw/operant-mcp)](https://www.npmjs.com/package/operant-mcp) [![GitHub stars](https://img.shields.io/github/stars/operantlabs/operant-mcp?style=social)](https://github.com/operantlabs/operant-mcp) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) [![TypeScript](https://img.shields.io/badge/TypeScript-5.7-blue.svg)](https://www.typescriptlang.org/) ![MCP Server](https://badge.mcpx.dev?type=server&features=tools,prompts 'MCP Server with Tools and Prompts') [![smithery badge](https://smithery.ai/badge/operant-mcp)](https://smithery.ai/server/operant-mcp)\n\n[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install_Server-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://insiders.vscode.dev/redirect/mcp/install?name=operant-mcp&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyIteSIsIm9wZXJhbnQtbWNwIl19) [![Install in Cursor](https://img.shields.io/badge/Cursor-Install_Server-000000?style=flat-square&logo=cursor&logoColor=white)](https://cursor.com/en/install-mcp?name=operant-mcp&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyIteSIsIm9wZXJhbnQtbWNwIl19)\n\n<a href=\"https://glama.ai/mcp/servers/operantlabs/operant-mcp\">\n  <img width=\"380\" height=\"200\" src=\"https://glama.ai/mcp/servers/operantlabs/operant-mcp/badge\" alt=\"operant-mcp MCP server\" />\n</a>\n\nSecurity testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.\n\n## Quick Start\n\n```bash\nnpx operant-mcp\n```\n\nOr install globally:\n\n```bash\nnpm install -g operant-mcp\noperant-mcp\n```\n\n## Usage with Claude Code\n\nAdd to your MCP config:\n\n```json\n{\n  \"mcpServers\": {\n    \"operant\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"operant-mcp\"]\n    }\n  }\n}\n```\n\n## Tools (51)\n\n### SQL Injection (6)\n- `sqli_where_bypass` — Test OR-based WHERE clause bypass\n- `sqli_login_bypass` — Test login form SQL injection\n- `sqli_union_extract` — UNION-based data extraction\n- `sqli_blind_boolean` — Boolean-based blind SQLi\n- `sqli_blind_time` — Time-based blind SQLi\n- `sqli_file_read` — Read files via LOAD_FILE()\n\n### XSS (2)\n- `xss_reflected_test` — Test reflected XSS with 10 payloads\n- `xss_payload_generate` — Generate context-aware XSS payloads\n\n### Command Injection (2)\n- `cmdi_test` — Test OS command injection\n- `cmdi_blind_detect` — Blind command injection via sleep timing\n\n### Path Traversal (1)\n- `path_traversal_test` — Test directory traversal with encoding variants\n\n### SSRF (2)\n- `ssrf_test` — Test SSRF with localhost bypass variants\n- `ssrf_cloud_metadata` — Test cloud metadata access via SSRF\n\n### PCAP/Network Forensics (8)\n- `pcap_overview` — Protocol hierarchy and endpoint stats\n- `pcap_extract_credentials` — Extract FTP/HTTP/SMTP credentials\n- `pcap_dns_analysis` — DNS query analysis\n- `pcap_http_objects` — Export HTTP objects\n- `pcap_detect_scan` — Detect port scanning\n- `pcap_follow_stream` — Follow TCP/UDP streams\n- `pcap_tls_analysis` — TLS/SNI analysis\n- `pcap_llmnr_ntlm` — Detect LLMNR/NTLM attacks\n\n### Reconnaissance (7)\n- `recon_quick` — Quick recon (robots.txt, headers, common dirs)\n- `recon_dns` — Full DNS enumeration\n- `recon_vhost` — Virtual host discovery\n- `recon_tls_sans` — Extract SANs from TLS certificates\n- `recon_directory_bruteforce` — Directory brute-force\n- `recon_git_secrets` — Search git repos for secrets\n- `recon_s3_bucket` — Test S3 bucket permissions\n\n### Memory Forensics (3)\n- `volatility_linux` — Linux memory analysis (Volatility 2)\n- `volatility_windows` — Windows memory analysis (Volatility 3)\n- `memory_detect_rootkit` — Linux rootkit detection\n\n### Malware Analysis (2)\n- `maldoc_analyze` — Full OLE document analysis pipeline\n- `maldoc_extract_macros` — Extract VBA macros\n\n### Cloud Security (2)\n- `cloudtrail_analyze` — CloudTrail log analysis\n- `cloudtrail_find_anomalies` — Detect anomalous CloudTrail events\n\n### Authentication (3)\n- `auth_csrf_extract` — Extract CSRF tokens\n- `auth_bruteforce` — Username enumeration + credential brute-force\n- `auth_cookie_tamper` — Cookie tampering test\n\n### Access Control (2)\n- `idor_test` — Test for IDOR vulnerabilities\n- `role_escalation_test` — Test privilege escalation\n\n### Business Logic (2)\n- `price_manipulation_test` — Test price/quantity manipulation\n- `coupon_abuse_test` — Test coupon stacking/reuse\n\n### Clickjacking (2)\n- `clickjacking_test` — Test X-Frame-Options/CSP\n- `frame_buster_bypass` — Test frame-busting bypass\n\n### CORS (1)\n- `cors_test` — Test CORS misconfigurations\n\n### File Upload (1)\n- `file_upload_test` — Test file upload bypasses\n\n### NoSQL Injection (2)\n- `nosqli_auth_bypass` — MongoDB auth bypass\n- `nosqli_detect` — NoSQL injection detection\n\n### Deserialization (1)\n- `deserialization_test` — Test insecure deserialization\n\n### GraphQL (2)\n- `graphql_introspect` — Full schema introspection\n- `graphql_find_hidden` — Discover hidden fields\n\n## Prompts (8)\n\nMethodology guides for structured security assessments:\n\n- `web_app_pentest` — Full web app pentest methodology\n- `pcap_forensics` — PCAP analysis workflow\n- `memory_forensics` — Memory dump analysis (Linux/Windows)\n- `recon_methodology` — Reconnaissance checklist\n- `malware_analysis` — Malware document analysis\n- `cloud_security_audit` — CloudTrail analysis workflow\n- `sqli_methodology` — SQL injection testing guide\n- `xss_methodology` — XSS testing guide\n\n## System Requirements\n\nTools require various CLI utilities depending on the module:\n\n- **Most tools**: `curl`\n- **PCAP analysis**: `tshark` (Wireshark CLI)\n- **DNS recon**: `dig`, `host`\n- **Memory forensics**: `volatility` / `vol.py` / `vol3`\n- **Malware analysis**: `olevba`, `oledump.py`\n- **Cloud analysis**: `jq`\n- **Secrets scanning**: `git`\n\n## License\n\nMIT\n","readmeFilename":"README.md","_rev":"1-60f74cfd4f0dd3f07ef790ae5b2be80d"}