What servers are in the Cybersecurity Stack?

The Cybersecurity Stack includes 5 servers: Semgrep MCP, SonarQube MCP, Trivy MCP, Shodan MCP, VirusTotal MCP. Total token usage: 20,000.

Is the Cybersecurity Stack good for beginners?

The Cybersecurity Stack is rated advanced. It is best suited for developers already familiar with MCP servers, API integrations, and complex toolchain configurations.

How do I install the Cybersecurity Stack?

Copy the config for your editor (Claude Code, Cursor, VS Code, Windsurf, Claude Desktop, or Continue) from the config generator above. Replace the YOUR_ placeholders with your actual API keys.

Advanced

Cybersecurity Stack

SAST scanning, container security, threat intelligence, and malware analysis. Semgrep, SonarQube, Trivy, Shodan, and VirusTotal in one config.

5 servers20.0K tokens10% of context

Token Budget

20.0K used (10.0%)180.0K remaining

SonarQube MCP6.5K (3.3%)

VirusTotal MCP4.0K (2.0%)

Semgrep MCP3.5K (1.8%)

Shodan MCP3.5K (1.8%)

Trivy MCP2.5K (1.3%)

Moderate token usage. You will have good room for prompts but watch if adding more servers.

Config

Paste in ~/.claude.json

json

{
  "mcpServers": {
    "sonarqube-mcp": {
      "command": "docker",
      "args": [
        "run",
        "--init",
        "--pull=always",
        "-i",
        "--rm",
        "mcp/sonarqube"
      ],
      "env": {
        "SONARQUBE_TOKEN": "YOUR_SONARQUBE_TOKEN",
        "SONARQUBE_URL": "YOUR_SONARQUBE_URL",
        "SONARQUBE_ORG": "YOUR_SONARQUBE_ORG"
      }
    },
    "virustotal-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@burtthecoder/mcp-virustotal"
      ],
      "env": {
        "VIRUSTOTAL_API_KEY": "YOUR_VIRUSTOTAL_API_KEY"
      }
    },
    "semgrep-mcp": {
      "command": "uvx",
      "args": [
        "semgrep-mcp"
      ]
    },
    "shodan-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@burtthecoder/mcp-shodan"
      ],
      "env": {
        "SHODAN_API_KEY": "YOUR_SHODAN_API_KEY"
      }
    },
    "trivy-mcp": {
      "command": "trivy",
      "args": [
        "mcp"
      ]
    }
  }
}

Included Servers

Semgrep MCP

Semgrep

security

Static analysis security scanning with custom rules, AST analysis, and multi-language vulnerability detection. Official Semgrep implementation.

6470/wk3.5K tokens(2%)Official5mo ago

Your first line of defense. Scan code for vulnerabilities with 2,000+ built-in rules or write custom ones. Catches SQL injection, XSS, and hardcoded secrets before they ship.

SonarQube MCP

SonarSource

security

Code quality analysis, security hotspot detection, and vulnerability tracking from SonarQube Cloud or Server. Official SonarSource implementation.

4560/wk6.5K tokens(3%)Officialyesterday

Continuous code quality and security analysis. Track security hotspots, review vulnerability trends, and enforce quality gates across your projects.

Trivy MCP

Aqua Security

security

Container image scanning, filesystem vulnerability detection, and infrastructure misconfiguration analysis. Official Aqua Security implementation.

370/wk2.5K tokens(1%)Official3mo ago

Scan container images and filesystems for CVEs before deployment. Catches vulnerable dependencies in Docker images and IaC misconfigurations in Terraform/CloudFormation.

Shodan MCP

BurtTheCoder

security

Internet-connected device search, IP reconnaissance, CVE lookups, and DNS intelligence via the Shodan API.

1200/wk3.5K tokens(2%)6d ago

Reconnaissance and attack surface monitoring. Look up exposed services, check IP reputation, and search for CVEs affecting your infrastructure.

VirusTotal MCP

BurtTheCoder

security

Malware detection, file and URL analysis, IP and domain reputation checks, and threat relationship mapping via the VirusTotal API.

1090/wk4.0K tokens(2%)2mo ago

Analyze suspicious files, URLs, IPs, and domains against 70+ antivirus engines. Map threat relationships to understand attack vectors and indicators of compromise.