Metadata-Version: 2.4
Name: iflow-mcp_cybersecurityup-offensive-mcp-ai
Version: 0.1.1
Summary: Offensive MCP AI - Red Team Tools for MCP
Author-email: cybersecurityup <noreply@github.com>
License: MIT
Project-URL: Homepage, https://github.com/cybersecurityup/offensive-mcp-ai
Project-URL: Repository, https://github.com/cybersecurityup/offensive-mcp-ai
Project-URL: Issues, https://github.com/cybersecurityup/offensive-mcp-ai/issues
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Security
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Requires-Dist: modelcontextprotocol>=0.9.0
Requires-Dist: fastmcp>=0.4.0
Requires-Dist: pydantic>=2.0.0

# Offensive-MCP-AI

## 🔮 Future Work Using MCP and AI

1. **Autonomous Red Team Agents**  
   Build LLM-driven agents that autonomously conduct reconnaissance, payload generation, exploitation and reporting, all orchestrated via MCP tools.

2. **AI-Powered SOC Analyst**  
   Integrate Wazuh + Suricata + Zeek logs and use MCP to let Claude analyze incidents, detect lateral movement, and recommend response actions in real-time.

3. **Malware Dev Studio (LLM + MCP)**  
   Use Claude + MCP to automate shellcode generation, obfuscation, sandbox evasion, and EDR bypass strategies through tools like Capstone, Donut, and Sliver.

4. **Threat Hunting Automation**  
   Develop proactive AI workflows that analyze logs, correlate indicators, and hunt based on threat intelligence feeds via MCP `resources` and `tools`.

5. **Agent-Based Purple Team Simulator**  
   Combine MCP with ATT&CK simulations, where Claude orchestrates both Red and Blue side techniques (Atomic Red Team, Caldera, Sigma/YARA rule generation).

6. **CI/CD + DevSecOps Integration**  
   Use MCP to review code pushed to GitHub, scan secrets, trigger security tools (Trufflehog, Gitleaks), and send secure alerts or PR recommendations.

7. **Auto Incident Report Generator**  
   Claude consumes logs and tool outputs via MCP and generates full incident reports (including diagrams and mitigations) in Markdown or PDF formats.

8. **Cybersecurity Tutor / Trainer Mode**  
   Claude explains what each tool does, simulates attacks in safe lab environments, and evaluates user responses via MCP simulation tools.

---

## 🔗 Installation & Integration Links

### ✅ Install MCP CLI and SDK (Python)
```bash
pip install modelcontextprotocol
```

Docs:  
🔗 https://modelcontextprotocol.io/quickstart/server  
GitHub:  
🔗 https://github.com/jlowin/fastmcp  

---

### 🧠 Claude Desktop Configuration (Mac, Linux, Windows)

1. Install Claude for Desktop  
🔗 https://www.anthropic.com/index/claude-desktop

2. Edit config file:

#### macOS/Linux
```bash
nano ~/Library/Application\ Support/Claude/claude_desktop_config.json
```

#### Windows
```bash
notepad %AppData%\Claude\claude_desktop_config.json
```

3. Add your MCP server:
```json
{
  "mcpServers": {
    "my-wazuh-agent": {
      "command": "/full/path/to/python",
      "args": [
        "mcp_wazuh_server.py"
      ]
    }
  }
}
```

4. Restart Claude Desktop — you’ll see the **connector icon (⚡)** for prompts and the **tools icon (🛠)** for tool invocation.

---

### 🧪 Test Locally with Inspector

Run your server with debugging:
```bash
npx @modelcontextprotocol/inspector python mcp_wazuh_server.py
```

This opens a local UI where you can test `@mcp.tool()` and `@mcp.prompt()` before linking with Claude.
