MCP & API

Drive ASMHunter from your AI client.

ASMHunter ships asmhunter-mcp, a local Model Context Protocol server. Connect it once and your entire workspace becomes a toolset that Claude, Cursor, or any MCP client can call — discover fresh scope, spin up targets, run recon and scans, read back the attack surface and findings, organize a hunt, and draft reports, all in plain language.

What it is honestly good at: automating the ~80% grind and putting you first on newly-added scope. It does not find the high-value manual bugs for you — IDOR, business logic, and auth bypass are still your job. The MCP server buys you the time to do that work.

Requirements

  • Python 3.12 or newer.
  • An ASMHunter Hunter tier or above — Personal Access Tokens and the scanner tools are tier-gated.
  • A Personal Access Token. Mint one at asmhunter.app → Settings → API Tokens; it looks like asm_live_….

Install

uv tool install asmhunter-mcp
# or:  pip install asmhunter-mcp

The package is published on PyPI as asmhunter-mcp.

Connect from Claude Code

Add it with the CLI:

claude mcp add asmhunter \
  --env ASMHUNTER_TOKEN=asm_live_YOUR_TOKEN_HERE \
  -- uvx asmhunter-mcp

Or add it to your MCP config (Claude Desktop's claude_desktop_config.json, Cursor, or any MCP client):

{
  "mcpServers": {
    "asmhunter": {
      "command": "uvx",
      "args": ["asmhunter-mcp"],
      "env": {
        "ASMHUNTER_TOKEN": "asm_live_YOUR_TOKEN_HERE"
      }
    }
  }
}

ASMHUNTER_API_URL defaults to https://asmhunter.app — only set it to override, for example a staging instance.

Environment variables

VariableDescriptionDefault
ASMHUNTER_TOKENPersonal Access Token (asm_live_…)required
ASMHUNTER_API_URLAPI base URLhttps://asmhunter.app

The 34 tools

Once connected, your AI client can call any of these. They map one-to-one onto the ASMHunter API, with tier, quota, and access rules enforced server-side.

  • Intel — search programs, get program detail, recommend programs, get watchlist, get scope changes.
  • Scanner — list and create targets, list workflows, trigger a scan (with a local confirm gate), get scan status, get findings, list assets.
  • Hunt sessions — create, list, get, update, and delete goal-driven sessions.
  • Entries — add leads, findings, tested items, and notes; bulk-add, list, update, delete, and promote entries.
  • Reports — draft, list, update, and delete reports.
  • Stats & attribution — get your stats, get a value receipt, list wins, add a win.

Drive a hunt — example prompt

You do not call tools by hand. Ask for the loop in plain language:

“Show me programs with recent scope changes. Pick one with genuinely fresh scope, add its new domain as a target, list the available scan workflows and run a recon and subdomain-enum scan (confirm it). When it finishes, summarize the newly-discovered assets and any findings by severity, flag which ones are worth manual testing, and draft a report skeleton for the most promising one.”

Your AI client chains the tools — scope changes, create target, list workflows, trigger scan, poll status, read assets and findings, log a lead, draft a report — and hands you a prioritized surface. You do the creative manual testing on top of it, and keep targets under continuous monitoring so the Telegram and email alerts tell you the moment something changes.

Run it directly

ASMHUNTER_TOKEN=asm_live_... asmhunter-mcp

Ready to connect it? Start free, mint a token from Settings once you are on the Hunter tier, and see pricing for what each tier unlocks.