MCP Hub
Back to servers

mcp-caido

A bridge between AI agents and the Caido security testing platform, enabling automated proxy traffic analysis, request forging, and vulnerability scanning.

glama
AI & MLAPIs & ServicesDevelopment Tools
Tools
1
Updated
Jan 11, 2026
View Source
Claim this server

Caido MCP Server

A Model Context Protocol (MCP) server that acts as a bridge to Caido, allowing AI Agents (like Claude, LangChain, etc.) to perform automated security testing and analysis.

🚀 Capabilities

This server connects to your local Caido instance (default port 8080) and exposes tools to:

  • View Request History: Analyze traffic captured by Caido proxy.
  • Send Requests: Forge and send HTTP requests via Caido's engine.
  • Scan for Mitigation: Run basic automated XSS/SQLi checks.
  • Get Findings: Retrieve reported vulnerabilities.

See MCP_CAPABILITIES.md for a detailed power list.

🛠️ Setup

  1. Prerequisites:

    • Node.js installed.
    • Caido running (usually on port 8080).
    • Caido API Token (Settings -> API).

  2. Installation:

    git clone https://github.com/FazcomIA/mcp-caido.git
cd mcp-caido
npm install

  3. Configuration: Create a .env file in the root:

    CAIDO_URL=http://127.0.0.1:8080/graphql
CAIDO_API_TOKEN=your_token_here
MCP_PORT=3000
MCP_API_KEY=mcp-dev-key

🏃 Usage

Start the server:

node server.js

Connect an AI Agent

The MCP server listens on http://localhost:3000/mcp/call. Required Header: X-API-Key: mcp-dev-key

Example Curl:

curl -X POST http://localhost:3000/mcp/call \
  -H "Content-Type: application/json" \
  -H "X-API-Key: mcp-dev-key" \
  -d '{"tool": "getStatus", "params": {}}'

🔒 Security

  • API Key: Protected by MCP_API_KEY.
  • Local Only: By default, runs locally. Be careful if exposing to a network.

Reviews

No reviews yet

Sign in to write a review