<MCP.Playground/>
online
MCP ServerSTDIOOfficialv0.8.1

web-recon-agent MCP Server

Owned-target web security assessment MCP server for authenticated, high-friction apps.

io.github.joepangallo/web-recon-agent

Open in Agent StudioView sourceScan security
Hosted URL

https://github.com/joepangallo/web-recon-agent

Transport

STDIO

Auth

1 required env var

Connect to web-recon-agent

Hosted endpoint — paste into any MCP client.

https://github.com/joepangallo/web-recon-agent

Environment variables

Configuration this server reads at startup.

  • MCP_TARGET_ALLOWLISTRequired

    Comma-separated hostnames allowed for scanning. Required.

  • MCP_OWNED_TARGETS

    Comma-separated hostnames you explicitly own to unlock active and owned-aggressive scan modes.

  • MCP_JOB_STORE_PATH

    Optional path for persisted job metadata. Defaults to mcp-jobs.json in the current working directory.

  • MCP_MAX_CONCURRENT

    Optional maximum number of concurrent scan jobs. Defaults to 2.

  • MCP_CONFIG_PATH

    Optional path to a JSON config file that overrides allowlist and concurrency settings.

Resources

Where to find authoritative docs and source for web-recon-agent.

Try web-recon-agent with 30+ AI models

Open MCP Agent Studio and connect this server to Claude, GPT, Gemini, DeepSeek and more — no install required.

Open Agent Studio

Related servers

mcp-context-server

An MCP server that provides persistent multimodal context storage for LLM agents.

SmartMemory

Neuro-symbolic memory for LLMs (POC)

remote-mcp-server

Coupler.io remote MCP server

trip-planner

AI-native trip planning with flights, activities, accommodations, tasks, and maps.

More on MCP Playground