# sectora MCP server Threat intel + your scans/findings/Shield posture. CVE, EPSS, KEV, package vuln lookup, DAST. ## Links - Registry page: https://www.getdrio.com/mcp/io-github-megabrainee-sectora - Repository: https://github.com/BraineeTech/sectora - Website: https://sectora.io/mcp ## Install - Endpoint: https://mcp.sectora.io/mcp - Auth: Not captured ## Setup notes - Remote endpoint: https://mcp.sectora.io/mcp ## Tools - lookup_cve - Get full threat intelligence enrichment for a CVE including EPSS score, CISA KEV status, public exploits, Nuclei templates, risk level, and risk factors. Input must be a valid CVE ID. Endpoint: https://mcp.sectora.io/mcp - assess_tech_risk - Assess security risk for a list of technologies. Returns known CVEs affecting each technology with severity breakdown. Input: comma-separated technology names only. Endpoint: https://mcp.sectora.io/mcp - search_cves - Search for CVEs by keyword, severity, or other filters. Query must be alphanumeric text. Endpoint: https://mcp.sectora.io/mcp - get_kev_recent - Get recently added entries to the CISA Known Exploited Vulnerabilities (KEV) catalog. Endpoint: https://mcp.sectora.io/mcp - get_trending_cves - Get currently trending CVEs based on recent KEV additions, high EPSS scores, and exploit availability. Endpoint: https://mcp.sectora.io/mcp - get_weaponization_score - Get the weaponization score (0-100) for a CVE. Factors in EPSS, KEV status, exploit availability, Nuclei templates, and CVSS. Input must be a valid CVE ID. Endpoint: https://mcp.sectora.io/mcp - lookup_ip_reputation - Look up community IP reputation from Sectora Shield WAF network. Shows if an IP has been reported for attacks. Input must be a valid IPv4 address. Endpoint: https://mcp.sectora.io/mcp - get_threat_stats - Get statistics about the Sectora threat intelligence database including counts of EPSS scores, KEV entries, Nuclei templates, and exploits. No input required. Endpoint: https://mcp.sectora.io/mcp - list_my_findings - List the API key owner's open security findings across all scans. Use this to answer "what's my current exposure?" Filter by severity, status, or domain. Returns finding summaries; call get_scan for full detail. Requires API key. Endpoint: https://mcp.sectora.io/mcp - list_my_scans - List the API key owner's recent scans with summary counts. Requires API key. Endpoint: https://mcp.sectora.io/mcp - get_scan - Get a scan with all its findings (full detail: title, description, evidence, remediation, CVSS). Requires API key. Endpoint: https://mcp.sectora.io/mcp - scan_url - Kick off a DAST security scan against a public URL the API key owner controls. Two-step flow: first call returns a preview (target, profile, ETA, quota remaining); confirm by calling again with confirm:true to actually start the scan. Returns scan_id; poll status with get_scan. Domain must be verified in the Sectora account. Daily quota: 25 scans/24h per user. Requires API key. Endpoint: https://mcp.sectora.io/mcp - get_my_posture - Get Shield WAF posture score and breakdown for a domain registered under this account. Returns 0-100 score, letter grade, per-component breakdown (origin lock, virtual patching, TLS, etc.), and edge_health (whether Shield is actually intercepting traffic). Requires API key. Endpoint: https://mcp.sectora.io/mcp - assess_dependency - Check a single package@version for known vulnerabilities via OSV.dev (npm, PyPI, Go, Maven, NuGet, RubyGems, Packagist, crates.io, etc.). Returns advisories with CVE IDs, severity, fixed versions, and references. Free tier eligible. Endpoint: https://mcp.sectora.io/mcp ## Resources Not captured ## Prompts Not captured ## Metadata - Owner: io.github.megabrainee - Version: 1.1.0 - Runtime: Streamable Http - Transports: HTTP - License: Not captured - Language: Not captured - Stars: Not captured - Updated: Apr 26, 2026 - Source: https://registry.modelcontextprotocol.io