fofa-mcp-server
mcp
Warn
Health Warn
- No license — Repository has no license file
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 7 GitHub stars
Code Pass
- Code scan — Scanned 2 files during light audit, no dangerous patterns found
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This tool is an MCP server that provides an interface to the FOFA API (a cyberspace search engine). It allows AI models to query network asset data, retrieve host information, and check FOFA user account details.
Security Assessment
The overall risk is rated as Low to Medium. The automated code scan found no dangerous patterns, malicious code, hardcoded secrets, or dangerous system permissions. The server functions by making outbound network requests to the FOFA API, which requires the user to provide their own FOFA API key via environment variables. However, there is an inherent risk in the tool's purpose: it acts as a bridge allowing an AI model to execute user-generated search queries against a powerful external reconnaissance service. If integrated into an agentic workflow without strict human oversight, it could inadvertently be used to run unauthorized lookups or rapidly consume your FOFA API credits.
Quality Assessment
The project is relatively new and has low community visibility, evidenced by only 7 GitHub stars. It was recently active (last push was today), indicating it is under current maintenance. A major concern for enterprise or open redistribution is the complete lack of a license file, which legally restricts how the code can be used or modified.
Verdict
Use with caution—while the code itself appears safe and free of obvious malware, users should be aware of the missing license and the potential for unchecked AI-driven queries to consume API limits.
This tool is an MCP server that provides an interface to the FOFA API (a cyberspace search engine). It allows AI models to query network asset data, retrieve host information, and check FOFA user account details.
Security Assessment
The overall risk is rated as Low to Medium. The automated code scan found no dangerous patterns, malicious code, hardcoded secrets, or dangerous system permissions. The server functions by making outbound network requests to the FOFA API, which requires the user to provide their own FOFA API key via environment variables. However, there is an inherent risk in the tool's purpose: it acts as a bridge allowing an AI model to execute user-generated search queries against a powerful external reconnaissance service. If integrated into an agentic workflow without strict human oversight, it could inadvertently be used to run unauthorized lookups or rapidly consume your FOFA API credits.
Quality Assessment
The project is relatively new and has low community visibility, evidenced by only 7 GitHub stars. It was recently active (last push was today), indicating it is under current maintenance. A major concern for enterprise or open redistribution is the complete lack of a license file, which legally restricts how the code can be used or modified.
Verdict
Use with caution—while the code itself appears safe and free of obvious malware, users should be aware of the missing license and the potential for unchecked AI-driven queries to consume API limits.
基于 MCP (Model Control Protocol)的 FOFA API 查询服务器,提供简单易用的 FOFA 数据查询接口。
README.md
README
FOFA MCP Server
基于 MCP (Model Control Protocol)的 FOFA API 查询服务器,提供简单易用的 FOFA 数据查询接口。
功能特点
- 支持 FOFA API 的基础查询功能
- 提供完整的字段信息查询选项
- 支持查询账户信息
- 基于异步 HTTP 客户端,性能优异
- 使用 MCP 协议,便于与其他系统集成
环境要求
- Python >= 3.11
- FOFA API 密钥
- cline
安装
- 克隆项目到本地:
git clone https://github.com/intbjw/fofa-mcp-server.git
cd fofa-mcp-server
- 安装依赖:
pip install -r requirements.txt
或者使用 Poetry:
poetry install
配置
- 下载插件
使用 cline 进行配置,在 vscode 中下载插件
- 进行模型配置
我这里选择的阿里云的qwen-coder,也可以使用本地大模型。
- 配置fofa-mcp-server
编写配置文件
{
"mcpServers": {
"fofa-mcp-server": {
"command": "python3",
"args": [
"/path/to/fofa-mcp-server/main.py"
],
"env": {
"FOFA_KEY": "API KEY"
}
}
}
}
提示fofa-mcp-server MCP server connected 配置成功
使用演示
API 说明
1. FOFA 查询
fofa_search_tool(query: str, fields: str = "", size: int = 50) -> dict
参数说明:
query: FOFA 查询语句fields: 查询字段,可选值:- ""(默认):返回基础字段信息
- "all":返回所有可用字段信息
size: 返回结果数量,默认 50 条
返回数据格式:
{
"summary": str, # 查询统计信息
"data": List[Dict] # 查询结果列表
}
2. 查询账户信息
fofa_userinfo_tool() -> dict
返回 FOFA 账户的详细信息。
字段说明
基础字段(默认)
- IP
- 端口
- 协议
- 主机名
- 域名
- ICP 备案号
- 网站标题
- 产品名
- 版本号
- 最后更新时间
完整字段(fields="all")
包含基础字段,以及:
- 国家代码
- 国家名
- 地区
- 城市
- 经度
- 纬度
- ASN 编号
- ASN 组织
- 操作系统
- 服务器
- JARM 指纹
- Header
- Banner
- 基础协议
- URL 链接
- 证书相关信息
- JA3S 指纹
- TLS 版本
- 产品分类
- 域名 CNAME
注意事项
- 请确保 FOFA API 密钥有效且具有足够的查询权限
- 注意遵守 FOFA 的 API 使用限制和规范
- 建议合理设置查询结果数量,避免消耗过多积分
TODO
- 查询账号信息
- 执行用户输入语句
- 支持大模型生成查询语句
- 模糊语句查询
许可证
贡献
欢迎提交 Issue 和 Pull Request!
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found