mcp-security-hub

The mcp-security-hub project provides a production-ready collection of MCP (Model Context Protocol) servers packaged as Docker images. Each server exposes a set of security tooling capabilities (for example port scanning with Nmap, web fuzzing with nuclei, secret scanning with gitleaks, and binary analysis with radare2) that can be orchestrated through MCP clients like Claude. To use these tools, you run the corresponding Docker containers (or docker-compose configured services) and point your MCP client to the container image via the provided command and arguments. The README includes an example Claude Desktop/Claude Code configuration that maps mcp server names to docker run invocations, enabling Claude to send natural-language prompts to specific security tools and receive structured responses. This setup allows you to combine multiple tools into cohesive workflows without needing to install each tool locally.

Prerequisites:

• Docker and Docker Compose installed on your machine
• Git installed

Step-by-step:

1. Clone the repository: git clone https://github.com/FuzzingLabs/mcp-security-hub cd mcp-security-hub

2. Build all MCP server images (Docker): docker-compose build

3. Start specific MCP servers (example): docker-compose up nmap-mcp nuclei-mcp -d

4. Verify that containers are running: docker-compose ps

Notes:

• If you plan to use Claude Desktop, ensure images are built before configuring Claude as shown in the README.
• Adjust volume mounts in your environment (e.g., /path/to/repos, /path/to/binaries) to suit your local filesystem layout.

Tips and caveats:

• Ensure you have enough system resources (CPU, memory) for running multiple security tools concurrently.
• Some containers require privileged access or additional capabilities (e.g., NET_RAW). Use the provided flags (as shown in the config) to enable these features safely.
• When integrating with Claude or other MCP clients, follow the exact command and volume mappings shown in the example mcpServers configuration to avoid misconfigurations.
• Regularly pull updated images and rebuild to incorporate security fixes and new tools.
• For project-level configuration, you can place an .mcp.json at your project root and reference the same server definitions when running in CI/CD pipelines.