- Home
- MCP servers
- SpiderFoot
SpiderFoot
- python
3
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
You can expose SpiderFoot OSINT automation as MCP tools that enable AI assistants and other MCP clients to control scans, fetch results, and manage data. This MCP server bridges SpiderFoot capabilities with your automated workflow, making it easy to start scans, monitor progress, and export results from your preferred client.
How to use
Turn on the MCP server to expose SpiderFoot functionality to MCP clients. Start the server with the spiderfoot-mcp command in a Python environment where SpiderFoot is installed. The server presents a suite of tools your MCP client can call to manage scans, retrieve results, and configure SpiderFoot.
Configure your MCP client to connect to the local server. Use the default HTTP URL http://localhost:5001 for remote requests and provide the admin credentials you set in the environment variables. With the client connected, you can start scans, check statuses, fetch results, export data, and review logs through the available tools.
How to install
Prerequisites: you need Python 3.8 or newer and a running SpiderFoot instance. You also need the SpiderFoot MCP integration package.
Install the MCP server package and set up authentication for SpiderFoot. Run the following commands in order.
Additional configuration and usage notes
Set environment variables to configure the connection to SpiderFoot. Create a .env file or export variables in your shell: SPIDERFOOT_URL=http://localhost:5001, SPIDERFOOT_USERNAME=admin, and SPIDERFOOT_PASSWORD=your_password. These values are used by the MCP server to authenticate with SpiderFoot.
To connect from an MCP client, use a configuration block similar to the following to register the MCP server. This enables the client to invoke SpiderFoot features through the MCP interface.
Notes on security and maintenance
Protect the credentials you configure for SpiderFoot authentication. Do not expose the internal MCP server URL or credentials in untrusted environments. Regularly update dependencies and monitor access to the MCP server to prevent unauthorized scans or data exfiltration.
If you need to change how SpiderFoot is accessed, update the environment variables or the MCP client configuration accordingly, and restart the MCP server to apply changes.
Available tools
start_scan
Start a new SpiderFoot scan from an MCP client.
get_scan_status
Retrieve the current status of a running or completed scan.
list_scans
List all scans tracked by the MCP server.
stop_scan
Stop a currently running scan.
delete_scan
Delete a scan and its associated data.
get_scan_results
Fetch results produced by a scan.
get_scan_summary
Obtain a summary overview of scan results.
wait_for_scan_completion
Block until a scan finishes processing.
export_scan_results
Export scan results in supported formats.
get_available_modules
List SpiderFoot modules available for scans.
search_scan_results
Search across stored scan results for matching data.
get_scan_log
Retrieve log entries for a specific scan.
get_active_scans_summary
Get a summary of scans currently tracked by the server.
ping
Test connectivity to the SpiderFoot MCP server.