mcp-external-recon

This MCP server provides a lightweight external reconnaissance toolkit. It exposes capabilities such as DNS record enumeration (A, AAAA, MX, NS, SOA, TXT, SRV), DNS zone transfer attempts, subdomain discovery/bruteforcing, WHOIS lookups, HTTP header analysis, and a basic email security assessment. The server is designed to be run via a prebuilt Claude for Desktop integration, where you can select the external-recon prompt and provide a target domain. Once invoked, the server will perform the configured reconnaissance tasks against the specified domain and return structured results for further inspection.

To use it, first make sure the MCP server is wired into Claude for Desktop (as described in the README). Then choose the external-recon prompt, supply your target domain, and let the tools enumerate DNS records, gather WHOIS data, inspect HTTP headers, and review SSL-related information. The included subdomain wordlist can be used to drive brute-force subdomain discovery, and you can swap it out with your own wordlist if needed.

Prerequisites:

• A system with a supported shell environment (macOS, Windows, or Linux).
• uv (Python-based tooling) installed via the official installer: curl -LsSf https://astral.sh/uv/install.sh | sh
• A working copy of the MCP server repository (mcp-external-recon).

Installation steps:

1. Install uv following the official guide: curl -LsSf https://astral.sh/uv/install.sh | sh
2. Obtain this MCP server repository and place it in a folder structure you control. The configuration in Claude expects the server to be accessible at a path like /ABSOLUTE/PATH/TO/PARENT/FOLDER/mcp-external-recon-server.
3. Configure Claude for Desktop to load the MCP server, using the provided config snippet and replacing PLACEHOLDER paths with your actual absolute paths. Example configuration content in claude_desktop_config.json: { "mcpServers": { "external-recon": { "command": "/ABSOLUTE/PATH/TO/PARENT/FOLDER/uv", "args": [ "--directory", "/ABSOLUTE/PATH/TO/PARENT/FOLDER/mcp-external-recon-server", "run", "external-recon.py" ] } } }
4. Restart Claude for Desktop to apply the new MCP server configuration.
5. Open Claude and select the external-recon server prompt, then provide the target domain to begin reconnaissance.

Notes and tips:

• The tool performs OS commands under the hood; ensure you have authorization to test the target domain.
• The dns-wordlist.txt can be swapped for a different list if you need deeper subdomain enumeration, but very long lists may cause performance issues.
• Ensure that required system utilities (dig, whois, dnsrecon) are available on the host running the MCP server.
• If you encounter path or permission issues, verify that the absolute path to the mcp-external-recon-server directory and the external-recon.py script is correct in the configuration.
• There is an explicit caution in the README about not targeting systems you do not own or have permission to test.
• Logging and error messages from uv/Claude integration can help troubleshoot configuration mismatches or missing dependencies.