Defense MCP

I thought about naming it ShieldsUP! or HardenSoft but I figure I'll just keep it simple at Defense MCP. I'm a total noob when it comes to serious system hardening. Every time I spun up a new Linux box I'd end up down the same rabbit hole — Googling iptables syntax, forgetting how to configure PAM, staring at endless Reddit tutorial posts. So I built this thing. Defense MCP Server packs 31 security tool modules with 250+ actions into one MCP server. Hook it up to Claude Desktop, Cursor, or any MCP client and just tell it what you want in plain English. It calls the right tool with the right flags so you don't have to. I mainly just ask it to do a full security audit. Takes a bit and then it'll spit out a huge report. Then you can pick and choose what you want it to harden or fix and get your LLM to do exactly that. What's in the box: Firewalls (iptables/nftables/UFW) · kernel & host hardening · CIS/HIPAA/SOC2 compliance checks · patch management · SSH & PAM access control · ClamAV malware scanning · YARA rules · file integrity with AIDE · auditd & fail2ban logging · TLS/LUKS/GPG encryption · container security (AppArmor/seccomp) · network defense & packet capture · secrets scanning · incident response & forensics · eBPF/Falco · SBOM & supply chain verification · zero trust (WireGuard/mTLS) · DNS security · vuln scanning (nmap/nikto) · WAF management · threat intel feeds · cloud security (AWS/GCP/Azure) · API security · honeypots · wireless auditing. Won't blow up your box: Everything runs dry-run by default. There's a command allowlist (no shell interpreters ever touch your system), input sanitization against injection, automatic backups before any changes, and rate limiting. If a tool like ClamAV isn't installed yet, the server grabs it from your package manager automatically. Built by a noob, for fresh installs. If I can use it, you can too. Requires: Linux (Debian/Ubuntu/RHEL/Arch), Node.js 22+