Exposes the Acunetix Scanner API as a streamable HTTP MCP server.
Acunetix MCP Server
This project exposes the Acunetix Scanner API as a streamable HTTP MCP server.
Request Transport Map
flowchart LR
client[GhostReconRev or another MCP client] -->|HTTP MCP requestsoptional Bearer auth| http[Streamable HTTP transport]
http --> core[MCP server]
core --> spec[Spec loader + schema validation]
core --> acclient[Acunetix client]
acclient --> acunetix[Acunetix Scanner API]
Docker Topology
flowchart LR
subgraph dockerhost["Docker host"]
subgraph dreamland["Shared bridge network: dreamland"]
ghost[ghostreconrev-app]
mcp[acunetix-mcp-server]
end
end
ghost -->|/healthz and /mcpoptional Bearer auth| mcp
mcp -->|https://<Acunetix host>:3443/api/v1| acunetix[Acunetix Scanner API]
Tool Inventory
The full generated inventory is in docs/tool-inventory.md.
Configuration
Copy `.env.example` into .env.
The following settings are required.
ACUNETIX_BASE_URL: Full Acunetix API base URL, for examplehttps://host.docker.internal:3443/api/v1when the scanner runs on the Docker host.ACUNETIX_API_KEY: Acunetix API key sent as theX-Authheader.
Docker
Use Docker Compose.
cp .env.example .env
docker compose build --no-cache
docker compose up
GhostReconRev Integration
When both stacks run on the shared dreamland bridge, the integration works
as follows.
- GhostReconRev reaches MCP at
http://acunetix-mcp-server:3000/mcp. - GhostReconRev health-checks MCP at
http://acunetix-mcp-server:3000/healthz. - The MCP container then reaches the Acunetix API defined by
ACUNETIX_BASE_URL.
GhostReconRev resolves required MCP tool names dynamically against the runtime tool inventory.
Tools (1)
acunetix_scanner_apiProvides access to the Acunetix Scanner API for security scanning operations.Environment Variables
ACUNETIX_BASE_URLrequiredFull Acunetix API base URL (e.g., https://host.docker.internal:3443/api/v1)ACUNETIX_API_KEYrequiredAcunetix API key sent as the X-Auth headerConfiguration
{"mcpServers": {"acunetix": {"command": "docker", "args": ["run", "-i", "--rm", "-e", "ACUNETIX_BASE_URL=...", "-e", "ACUNETIX_API_KEY=...", "acunetix-mcp-server"]}}}