Wazuh-MCP-Server and mcp-security-hub
These are complements: Wazuh-MCP-Server provides defensive SIEM analysis and incident response, while mcp-security-hub provides offensive security tools (reconnaissance, vulnerability scanning, exploitation testing), so they address different phases of a comprehensive security testing workflow that could be used together.
About Wazuh-MCP-Server
gensecaihq/Wazuh-MCP-Server
AI-powered security operations for Wazuh SIEM—use any MCP-compatible client to ask security questions in plain English. Faster threat detection, incident triage, and compliance checks with real-time monitoring and anomaly spotting. Production-ready MCP server for conversational SOC workflows.
This project helps security operations teams manage their Wazuh SIEM more efficiently. It allows security analysts to ask plain English questions about alerts, threats, and vulnerabilities, and receive actionable responses. By connecting to any AI assistant, security teams can investigate security events, hunt for threats, and perform incident response actions using natural language.
About mcp-security-hub
FuzzingLabs/mcp-security-hub
A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.
This project provides pre-configured servers that connect popular offensive security tools like Nmap and Ghidra to AI assistants such as Claude. It takes natural language commands as input from your AI assistant, executes the specified security scan or analysis, and returns the results to the assistant. This is designed for cybersecurity professionals, penetration testers, and security researchers looking to leverage AI for automating security assessments and vulnerability discovery.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work