io.github.megabrainee/sectora
io.github.megabrainee/sectora · v1.1.0 · MCP 2025-03-26
Threat intel + your scans/findings/Shield posture. CVE, EPSS, KEV, package vuln lookup, DAST.
Reachability
reachable
checked 2026-07-14 04:10 UTC
Registry status active
Tools pinned 14
b653f411adbb
Tools last changed
unchanged since first capture 2026-07-14
Provenance
Registry namespace io.github.megabrainee
(GitHub-account verified by the official registry)
Repository
github.com/braineetech/sectora
Website
https://sectora.io/mcp
Remote endpoints
https://mcp.sectora.io/mcp (streamable-http)
Observed changes
| When (UTC) | Event | Detail |
|---|---|---|
| 2026-07-14 04:10 | first capture | 14 tools pinned |
Pinned tool definitions (14)
| Tool | Description |
|---|---|
| lookup_cve | Get full threat intelligence enrichment for a CVE including EPSS score, CISA KEV status, public exploits, Nuclei templates, risk level, and risk factors. Input must be a valid CVE ID. |
| assess_tech_risk | Assess security risk for a list of technologies. Returns known CVEs affecting each technology with severity breakdown. Input: comma-separated technology names only. |
| search_cves | Search for CVEs by keyword, severity, or other filters. Query must be alphanumeric text. |
| get_kev_recent | Get recently added entries to the CISA Known Exploited Vulnerabilities (KEV) catalog. |
| get_trending_cves | Get currently trending CVEs based on recent KEV additions, high EPSS scores, and exploit availability. |
| get_weaponization_score | Get the weaponization score (0-100) for a CVE. Factors in EPSS, KEV status, exploit availability, Nuclei templates, and CVSS. Input must be a valid CVE ID. |
| lookup_ip_reputation | Look up community IP reputation from Sectora Shield WAF network. Shows if an IP has been reported for attacks. Accepts IPv4 or IPv6 (the Shield network sees both). |
| get_threat_stats | Get statistics about the Sectora threat intelligence database including counts of EPSS scores, KEV entries, Nuclei templates, and exploits. No input required. |
| list_my_findings | List the API key owner's open security findings across all scans. Use this to answer "what's my current exposure?" Filter by severity, status, or domain. Returns finding summaries; call get_scan for full detail. Requires API key. |
| list_my_scans | List the API key owner's recent scans with summary counts. Requires API key. |
| get_scan | Get a scan with all its findings (full detail: title, description, evidence, remediation, CVSS). Requires API key. |
| scan_url | Kick off a DAST security scan against a public URL the API key owner controls. Two-step flow: first call returns a preview (target, profile, ETA, quota remaining); confirm by calling again with confirm:true to actually start the scan.... |
| get_my_posture | Get Shield WAF posture score and breakdown for a domain registered under this account. Returns 0-100 score, letter grade, per-component breakdown (origin lock, virtual patching, TLS, etc.), and edge_health (whether Shield is actually... |
| assess_dependency | Check a single package@version for known vulnerabilities via OSV.dev (npm, PyPI, Go, Maven, NuGet, RubyGems, Packagist, crates.io, etc.). Returns advisories with CVE IDs, severity, fixed versions, and references. Free tier eligible. |
Status badge
[](https://toolpin.dev/servers/io.github.megabrainee/sectora)
Maintain this server? Add the badge to your README — it links your users to this live status page.