spectral

spectral

MCP server for website reconnaissance. Gives Claude the ability to fingerprint tech stacks, audit security headers, map endpoints, analyze SSL certificates, enumerate DNS records, and scan ports.

Category
Visit Server

README

spectral

MCP server for website reconnaissance. Gives Claude the ability to fingerprint tech stacks, audit security headers, map endpoints, analyze SSL certificates, enumerate DNS records, and scan ports.

Install

git clone https://github.com/zohaiblazuli/spectral.git
cd spectral
npm install

Setup with Claude Desktop

Add this to your Claude Desktop config (claude_desktop_config.json):

{
  "mcpServers": {
    "spectral": {
      "command": "node",
      "args": ["/absolute/path/to/spectral/bin/spectral.js"]
    }
  }
}

Restart Claude Desktop. You'll see 6 new tools available.

Setup with Claude Code

Add to your project's .mcp.json:

{
  "mcpServers": {
    "spectral": {
      "command": "node",
      "args": ["/absolute/path/to/spectral/bin/spectral.js"]
    }
  }
}

Tools

analyze_url

Fingerprints a website's tech stack from response headers and HTML content.

Detects:

  • Frameworks: React, Next.js, Vue, Nuxt, Angular, Svelte, Remix, Astro, jQuery
  • CMS: WordPress, Drupal, Shopify, Squarespace, Wix, Ghost, Webflow
  • CDN: Cloudflare, Fastly, Akamai, CloudFront, Vercel, Netlify
  • Analytics: Google Analytics, GTM, Segment, Hotjar, Mixpanel, Plausible, PostHog
  • Servers: nginx, Apache, Express, IIS, LiteSpeed, Caddy, Deno
  • Security: reCAPTCHA, hCaptcha, Cloudflare Turnstile
> analyze_url({ url: "vercel.com" })

Tech Stack Report: https://vercel.com/
Status: 200

frameworks: React, Next.js
cdn: Vercel
analytics: Google Analytics

Server: not disclosed
X-Powered-By: not disclosed

check_headers

Audits security headers and returns a letter grade (A through F).

Checks: Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy, X-XSS-Protection, Cross-Origin-Opener-Policy, Cross-Origin-Resource-Policy.

> check_headers({ url: "github.com" })

Security Header Audit: https://github.com/
Grade: A

[PASS] Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
[PASS] Content-Security-Policy: Set (428 chars). Directives look reasonable.
[PASS] X-Content-Type-Options: nosniff
[PASS] X-Frame-Options: deny
[PASS] Referrer-Policy: strict-origin-when-cross-origin
[INFO] Permissions-Policy: Not set — all browser features available by default.
[INFO] X-XSS-Protection: Not set — fine if CSP is present.
[INFO] Cross-Origin-Opener-Policy: Not set.
[INFO] Cross-Origin-Resource-Policy: Not set.

map_endpoints

Crawls a page and extracts all links, forms, scripts, stylesheets, and API endpoint references.

> map_endpoints({ url: "example.com" })

Endpoint Map: https://example.com/

Internal links: 3
  /about
  /contact
  /docs

External links: 5
  https://cdn.example.com/...
  ...

API endpoints found: 2
  /api/v1/users
  /graphql

Forms: 1
  POST /api/login — 3 fields

Scripts: 4, Stylesheets: 2

ssl_info

Analyzes a hostname's TLS certificate — issuer, validity, expiry countdown, protocol, cipher, SAN list, chain.

> ssl_info({ hostname: "github.com" })

SSL/TLS Report: github.com:443

Subject: github.com
Issuer: DigiCert Global G2 TLS RSA SHA256 2020 CA1 (DigiCert Inc)
Valid from: 2024-03-07T00:00:00.000Z
Valid to: 2025-03-07T23:59:59.000Z
Days until expiry: 187
Protocol: TLSv1.3
Cipher: TLS_AES_128_GCM_SHA256
Serial: 0E8BF3770D92D196F0BB61F93C4166BE

SAN entries (2):
  github.com
  www.github.com

Certificate chain (3 certs):
  1. github.com (issued by: DigiCert Global G2 TLS RSA SHA256 2020 CA1)
  2. DigiCert Global G2 TLS RSA SHA256 2020 CA1 (issued by: DigiCert Global Root G2)
  3. DigiCert Global Root G2 (issued by: DigiCert Global Root G2)

dns_lookup

Enumerates DNS records for a hostname.

> dns_lookup({ hostname: "example.com" })

DNS Records: example.com

A:
  93.184.216.34
AAAA:
  2606:2800:220:1:248:1893:25c8:1946
MX:
  10 mail.example.com
NS:
  a.iana-servers.net
  b.iana-servers.net
TXT:
  v=spf1 -all
SOA:
  Primary NS: ns.icann.org
  Admin: noc.dns.icann.org
  Serial: 2024022834

port_scan

Quick TCP port scan with service identification.

Default ports: 21 (FTP), 22 (SSH), 80 (HTTP), 443 (HTTPS), 3000, 3306 (MySQL), 5432 (PostgreSQL), 6379 (Redis), 8080, 8443, 27017 (MongoDB).

> port_scan({ hostname: "example.com" })

Port Scan: example.com
Scanned 11 ports — 2 open, 9 closed

Open:
  80/tcp   open  HTTP
  443/tcp  open  HTTPS

Closed:
  21/tcp   closed  FTP
  22/tcp   closed  SSH
  ...

Custom ports:

> port_scan({ hostname: "10.0.0.1", ports: [22, 80, 443, 8080, 9090] })

How It Works

spectral is an MCP (Model Context Protocol) server that runs over stdio. When connected to Claude Desktop or Claude Code, it exposes 6 tools that Claude can call to gather information about websites and servers.

Under the hood:

  • Tech fingerprinting matches 50+ signatures against response headers, HTML meta tags, script sources, and inline patterns
  • Header auditing checks 9 security headers against best-practice rules and computes a weighted grade
  • Endpoint mapping uses cheerio to parse HTML and regex to extract API references from inline scripts
  • SSL analysis uses Node's tls.connect() to grab the peer certificate directly
  • DNS enumeration uses dns.promises to query all standard record types
  • Port scanning uses net.Socket with concurrent TCP connects and 2-second timeouts

No external APIs. No browser automation. No heavy dependencies. Just Node built-ins plus cheerio for HTML parsing.

Requirements

  • Node.js 18+ (for built-in fetch)
  • Claude Desktop or Claude Code (for MCP integration)

License

MIT

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured