https://github.com/copyleftdev/mcp_subfinder_server
Model Context Protocol (MCP) server that wraps ProjectDiscovery's subfinder tool for powerful subdomain enumeration through a JSON-RPC API.
Science Score: 13.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
○.zenodo.json file
-
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (13.7%) to scientific vocabulary
Keywords
Repository
Model Context Protocol (MCP) server that wraps ProjectDiscovery's subfinder tool for powerful subdomain enumeration through a JSON-RPC API.
Basic Info
Statistics
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
- Releases: 0
Topics
Metadata Files
README.md
MCP Subfinder Server
A Model Context Protocol (MCP) server that wraps ProjectDiscovery's subfinder tool for powerful subdomain enumeration through a JSON-RPC API.
Architecture
mermaid
flowchart LR
Client([Client]) -->|JSON-RPC| MCP[MCP Server]
MCP -->|Initialize/Tools List| Client
MCP -->|Handles Request| SF[Subfinder Wrapper]
SF -->|Configuration| CFG[provider-config.yaml]
SF -->|Calls| PD[ProjectDiscovery Subfinder]
PD -->|Passive Sources| API1[Public & Private APIs]
PD -->|Results| SF
SF -->|Processed Results| MCP
MCP -->|JSON Response| Client
Credit
All the heavy lifting for subdomain enumeration is done by ProjectDiscovery's subfinder. This project is simply a MCP server wrapper around their excellent tool.
Overview
MCP Subfinder Server provides:
- JSON-RPC API to enumerate subdomains for a given domain
- Support for recursive subdomain discovery
- Source filtering capabilities
- Configurable timeouts and threading
- Detailed logging for troubleshooting
Installation
```bash
Clone the repository
git clone https://github.com/copyleftdev/mcp-subfinder-server.git cd mcp-subfinder-server
Build the server using the Makefile
make build ```
Usage
The server can be run using the Makefile, which provides several helpful commands:
```bash
Run the server on the default port (8080)
make run
Run the server on a custom port
PORT=9090 make run
Specify a different provider config file
PROVIDER_CONFIG=my-custom-config.yaml make run ```
Available Makefile Commands
```bash
Show all available commands
make help
Run tests
make test
Run integration tests
make integration-test
Run live subfinder tests
make live-test
Generate test coverage report
make coverage
Format the code
make fmt
Build for Linux
make build-linux
Clean the project
make clean ```
Configuration
For optimal results, add your API keys to the provider-config.yaml file. This allows subfinder to use premium sources for better subdomain discovery.
The provider-config.yaml file is checked automatically when running the server with make run.
API Usage
The server exposes a JSON-RPC API at http://localhost:8080/mcp.
Basic Usage Examples with curl
1. Initialize Connection
bash
curl -X POST http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {
"protocolVersion": "0.3"
}
}'
2. List Available Tools
bash
curl -X POST http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 2,
"method": "tools.list"
}'
3. Basic Subdomain Enumeration
bash
curl -X POST http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 3,
"method": "tools.call",
"params": {
"name": "enumerateSubdomains",
"arguments": {
"domain": "example.com"
}
}
}'
4. Advanced Subdomain Enumeration
bash
curl -X POST http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 4,
"method": "tools.call",
"params": {
"name": "enumerateSubdomains",
"arguments": {
"domain": "example.com",
"timeout": 120,
"recursive": true,
"maxDepth": 2,
"sourcesFilter": "github,dnsdumpster,alienvault"
}
}
}'
5. Enumeration with Source Exclusion
bash
curl -X POST http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 5,
"method": "tools.call",
"params": {
"name": "enumerateSubdomains",
"arguments": {
"domain": "example.com",
"timeout": 60,
"excludeSourcesFilter": "waybackarchive,threatcrowd"
}
}
}'
6. Health Check
bash
curl -X GET http://localhost:8080/health
Available Options
When calling the enumerateSubdomains tool, the following options are available:
| Option | Type | Description | Default | |--------|------|-------------|---------| | domain | string | The domain to enumerate subdomains for (required) | - | | timeout | int | Timeout in seconds for the enumeration process | 120 | | recursive | bool | Whether to recursively check discovered subdomains | false | | maxDepth | int | Maximum depth for recursive enumeration | 2 | | sourcesFilter | string | Comma-separated list of sources to use | - | | excludeSourcesFilter | string | Comma-separated list of sources to exclude | - |
Docker Support
The project includes Docker support through the Makefile:
```bash
Build a Docker image
make docker
Run the server in Docker
make docker-run
Run with custom port
PORT=9090 make docker-run ```
Testing
Run tests using the Makefile:
```bash
Run all tests
make test
Run with test coverage
make coverage ```
A Postman collection is included in the docs folder for easy testing of all API endpoints.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Author
Owner
- Name: Donald Johnson
- Login: copyleftdev
- Kind: user
- Location: Los Angeles
- Repositories: 39
- Profile: https://github.com/copyleftdev
GitHub Events
Total
- Watch event: 2
- Push event: 8
- Create event: 2
Last Year
- Watch event: 2
- Push event: 8
- Create event: 2
Issues and Pull Requests
Last synced: 11 months ago
All Time
- Total issues: 0
- Total pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Total issue authors: 0
- Total pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Past Year
- Issues: 0
- Pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Issue authors: 0
- Pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels
Dependencies
- actions/checkout v4 composite
- actions/checkout v4 composite
- actions/setup-go v4 composite
- aead.dev/minisign v0.2.0
- github.com/Masterminds/semver/v3 v3.2.1
- github.com/Mzack9999/gcache v0.0.0-20230410081825-519e28eab057
- github.com/Mzack9999/go-http-digest-auth-client v0.6.1-0.20220414142836-eb8883508809
- github.com/VividCortex/ewma v1.2.0
- github.com/akrylysov/pogreb v0.10.1
- github.com/alecthomas/chroma/v2 v2.14.0
- github.com/andybalholm/brotli v1.0.6
- github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
- github.com/aymanbagabas/go-osc52/v2 v2.0.1
- github.com/aymerick/douceur v0.2.0
- github.com/bits-and-blooms/bitset v1.13.0
- github.com/charmbracelet/glamour v0.8.0
- github.com/charmbracelet/lipgloss v0.13.0
- github.com/charmbracelet/x/ansi v0.3.2
- github.com/cheggaaa/pb/v3 v3.1.4
- github.com/cloudflare/circl v1.3.7
- github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08
- github.com/corpix/uarand v0.2.0
- github.com/dimchansky/utfbom v1.1.1
- github.com/dlclark/regexp2 v1.11.4
- github.com/docker/go-units v0.5.0
- github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5
- github.com/fatih/color v1.15.0
- github.com/gaissmai/bart v0.9.5
- github.com/go-ole/go-ole v1.2.6
- github.com/golang/protobuf v1.5.3
- github.com/golang/snappy v0.0.4
- github.com/google/go-github/v30 v30.1.0
- github.com/google/go-querystring v1.1.0
- github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
- github.com/google/uuid v1.3.1
- github.com/gorilla/css v1.0.1
- github.com/hako/durafmt v0.0.0-20210316092057-3a2c319c1acd
- github.com/json-iterator/go v1.1.12
- github.com/klauspost/compress v1.17.4
- github.com/klauspost/pgzip v1.2.5
- github.com/lib/pq v1.10.9
- github.com/logrusorgru/aurora v2.0.3+incompatible
- github.com/lucasb-eyer/go-colorful v1.2.0
- github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0
- github.com/mattn/go-colorable v0.1.13
- github.com/mattn/go-isatty v0.0.20
- github.com/mattn/go-runewidth v0.0.16
- github.com/mholt/archiver/v3 v3.5.1
- github.com/microcosm-cc/bluemonday v1.0.27
- github.com/miekg/dns v1.1.56
- github.com/minio/selfupdate v0.6.1-0.20230907112617-f11e74f84ca7
- github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
- github.com/modern-go/reflect2 v1.0.2
- github.com/muesli/reflow v0.3.0
- github.com/muesli/termenv v0.15.3-0.20240618155329-98d742f6907a
- github.com/nwaples/rardecode v1.1.3
- github.com/pierrec/lz4/v4 v4.1.2
- github.com/pkg/errors v0.9.1
- github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c
- github.com/projectdiscovery/blackrock v0.0.1
- github.com/projectdiscovery/cdncheck v1.1.0
- github.com/projectdiscovery/chaos-client v0.5.2
- github.com/projectdiscovery/dnsx v1.2.2
- github.com/projectdiscovery/fastdialer v0.3.0
- github.com/projectdiscovery/goflags v0.1.72
- github.com/projectdiscovery/gologger v1.1.44
- github.com/projectdiscovery/hmap v0.0.80
- github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983
- github.com/projectdiscovery/networkpolicy v0.1.1
- github.com/projectdiscovery/ratelimit v0.0.70
- github.com/projectdiscovery/retryabledns v1.0.94
- github.com/projectdiscovery/retryablehttp-go v1.0.99
- github.com/projectdiscovery/subfinder/v2 v2.7.0
- github.com/projectdiscovery/utils v0.4.11
- github.com/refraction-networking/utls v1.6.7
- github.com/rivo/uniseg v0.4.7
- github.com/rs/xid v1.5.0
- github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d
- github.com/shirou/gopsutil/v3 v3.23.7
- github.com/shoenig/go-m1cpu v0.1.6
- github.com/syndtr/goleveldb v1.0.0
- github.com/tidwall/btree v1.6.0
- github.com/tidwall/buntdb v1.3.0
- github.com/tidwall/gjson v1.14.4
- github.com/tidwall/grect v0.1.4
- github.com/tidwall/match v1.1.1
- github.com/tidwall/pretty v1.2.1
- github.com/tidwall/rtred v0.1.2
- github.com/tidwall/tinyqueue v0.1.1
- github.com/tklauser/go-sysconf v0.3.12
- github.com/tklauser/numcpus v0.6.1
- github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
- github.com/ulikunitz/xz v0.5.11
- github.com/weppos/publicsuffix-go v0.30.1
- github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8
- github.com/yuin/goldmark v1.7.4
- github.com/yuin/goldmark-emoji v1.0.3
- github.com/yusufpapurcu/wmi v1.2.4
- github.com/zcalusic/sysinfo v1.0.2
- github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248
- github.com/zmap/zcrypto v0.0.0-20230422215203-9a665e1e9968
- go.etcd.io/bbolt v1.3.7
- go.uber.org/multierr v1.11.0
- golang.org/x/crypto v0.31.0
- golang.org/x/exp v0.0.0-20230420155640-133eef4313cb
- golang.org/x/mod v0.17.0
- golang.org/x/net v0.33.0
- golang.org/x/oauth2 v0.11.0
- golang.org/x/sync v0.10.0
- golang.org/x/sys v0.28.0
- golang.org/x/term v0.27.0
- golang.org/x/text v0.21.0
- golang.org/x/time v0.5.0
- golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d
- google.golang.org/appengine v1.6.7
- google.golang.org/protobuf v1.33.0
- gopkg.in/djherbis/times.v1 v1.3.0
- gopkg.in/yaml.v3 v3.0.1
- 308 dependencies