Skip to content

Discover

Find tools for your stack. Pick an audience — we handle the noise.

Discover picks for MCP Security & Auth

See all tools in MCP Security & Auth →

On Hacker News

Ranked by discussion

tailscale

Healthy
1

The easiest, most secure way to use WireGuard and 2FA.

Open Source

CyberChef

Mixed

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Open Source

caddy

At Risk
1

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

Open Source

netbird

Mixed
1

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

Open Source

pocketbase

Healthy
3

Open Source realtime backend in 1 file

Open Source

opensnitch

At Risk

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Open Source

pangolin

Healthy
0

Identity-aware VPN and proxy for remote access to anything, anywhere.

Open Source

Maigret

Mixed
0

♂ Collect a dossier on a person by username from 3000+ sites

Open Source

certificates

Mixed

A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Open Source

keycloak

Healthy
0

Open Source Identity and Access Management For Modern Applications and Services

Open Source

mitmproxy

Healthy
0

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Open Source

headscale

At Risk

An open source, self-hosted implementation of the Tailscale control server

Open Source

Trending now

See all →

  1. UPinar/contrastapi

    Security intelligence API with 31 MCP tools for CVE/EPSS/KEV lookup, domain recon (DNS/WHOIS/SSL/subdomains/CT logs), IOC/threat intel, OSINT (email/phone/username), and code security scanning (secrets, injection). Free 100 req/hr.

    Healthy
    7

  2. Pantheon-Security/notebooklm-mcp-secure

    Security-hardened NotebookLM MCP with post-quantum encryption (ML-KEM-768), GDPR/SOC2/CSSF compliance, and 14 security layers. Query Google's Gemini-grounded research from Claude and AI agents.

    Healthy
    1

  3. icoretech/warden-mcp

    MCP server for Bitwarden and Vaultwarden vault management. Search, create, edit, and organize logins, notes, cards, identities, SSH keys, folders, collections, attachments, and Sends via the official `bw` CLI.

    Healthy
    1

  4. goklab/guardvibe

    Security MCP for vibe coding with 330 rules and 29 tools. Purpose-built for AI-generated code — scans Next.js, Supabase, Clerk, Stripe, Prisma, Hono, GraphQL, and 25+ modules. Cross-file taint analysis, host security audit, auto-fix, SARIF export, pre-commit hook, and CVE version detection. Zero config, runs locally.

    Healthy
    1

  5. bx33661/Wireshark-MCP

    Wireshark network packet analysis MCP Server with capture, protocol stats, field extraction, and security analysis capabilities.

    Healthy
    0

  6. girste/mcp-cybersec-watchdog

    Comprehensive Linux server security audit with 89 CIS Benchmark controls, NIST 800-53, and PCI-DSS compliance checks. Real-time monitoring with anomaly detection across 23 analyzers: firewall, SSH, fail2ban, Docker, CVE, rootkit, SSL/TLS, filesystem, network, and more.

    At Risk

  7. panther-labs/mcp-panther

    MCP server that enables security professionals to interact with Panther's SIEM platform using natural language for writing detections, querying logs, and managing alerts.

    Mixed

  8. shyshlakov/pci-dss-mcp

    PCI DSS v4.0.1 static-analysis MCP server for Go payment codebases. 12 scanners detect PAN/CVV exposure, weak crypto, missing audit logs, vulnerable deps, TLS misconfig, auth weaknesses, plus CycloneDX 1.6 SBOM generation - each finding mapped to the exact PCI requirement. AI-assisted triage via triage_findings. Keyless-signed multi-arch Docker image on ghcr.io.

    Healthy

  9. StacklokLabs/osv-mcp

    Access the OSV (Open Source Vulnerabilities) database for vulnerability information. Query vulnerabilities by package version or commit, batch query multiple packages, and get detailed vulnerability information by ID.

    Healthy

  10. intruder-io/intruder-mcp

    MCP server to access Intruder, helping you identify, understand, and fix security vulnerabilities in your infrastructure.

    At Risk

  11. casdoor

    An open-source AI-first Identity and Access Management (IAM) /AI MCP & agent gateway and auth server with web UI supporting MCP, A2A, OAuth 2.1, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

    Healthy

  12. DigiCatalyst-Systems/dep-diff-mcp

    Translates a lockfile diff (npm, PyPI) into a human-readable upgrade plan. Point it at a Dependabot PR and get back semver classification, breaking changes from GitHub release notes, CVEs fixed in range, migration links, and a per-package recommendation. Bulk tool ranks up to 50 changes by risk (security > caution > review > likely-safe > safe)

    Healthy

Beta — feedback welcome: [email protected]