Stop Copying Commands. Start Having Conversations.
WAFtester's built-in MCP server gives AI agents 27 security testing tools. Claude, Copilot, Cursor, n8n — connect once, test forever.
The Problem
Copy-Paste Security
Security engineers copy CLI commands from docs, paste into terminals, manually parse JSON output, then copy results into reports. Every step is manual.
API Wrapper Tax
Integrating security tools into AI pipelines means writing custom API wrappers, parsing output formats, and handling errors. Every tool needs its own adapter.
AI Can't Use Security Tools
Most security tools have no concept of AI agents. Your AI assistant can explain WAF testing, but it can't actually run one. Until now.
Why MCP, Not REST
MCP (Model Context Protocol) lets the AI decide which tools to use, chain them intelligently, and reason about results. A REST API requires the human to orchestrate. MCP lets the AI orchestrate.
Without MCP (Traditional)
- 1. Human reads docs, picks tool
- 2. Human crafts CLI command
- 3. Human runs command, waits
- 4. Human parses JSON output
- 5. Human decides next step
- 6. Human repeats for each test
- 7. Human writes report manually
7 manual steps per assessment
With MCP (WAFtester)
- 1. Human says "audit my WAF"
- 2. AI picks tools automatically
- 3. AI chains recon → scan → assess
- 4. AI interprets results, explains
- 5. AI suggests next steps
- 6. AI generates the report
1 human input. AI handles the rest.
Workflow 1: IDE Integration
Add WAFtester to VS Code Copilot, Claude Desktop, or Cursor. Ask questions in natural language. The AI runs scans and explains results in context.
{
"mcpServers": {
"waf-tester": {
"command": "npx",
"args": ["-y", "@waftester/cli", "mcp"]
}
}
}"Before I deploy to production, test the staging WAF for SQL injection and XSS bypasses. Focus on the /api/v2 endpoints."
AI Agent
I'll start by detecting the WAF vendor, then run targeted scans on your API endpoints.
detect_waf → AWS WAF v2 (95% confidence)
scan → categories: sqli,xss | path: /api/v2/* | tampers: auto
→ 7 bypasses found: 5 XSS (reflected), 2 SQLi (union-based)
→ Recommendation: tighten regex on Rule Group "api-protection"
VS Code / Copilot
MCP via stdio transport
Claude Desktop
MCP via stdio transport
Cursor
MCP via stdio transport
Workflow 2: n8n Automation
Schedule nightly WAF regression scans. WAFtester's HTTP/SSE transport connects directly to n8n's MCP Client node. Async tasks handle long-running scans within n8n's timeout limits.
$ npx -y @waftester/cli mcp --http 0.0.0.0:8080
[MCP] HTTP server listening on 0.0.0.0:8080
[MCP] SSE endpoint: /sse (n8n compatible)
[MCP] Health check: /health
[MCP] Ready for connections...
Schedule Trigger
Nightly at 2:00 AM UTC
WAFtester MCP Client
scan → assess → report
Slack / Teams Alert
If bypasses > threshold
n8n MCP Client Node
Point n8n's MCP Client node at your WAFtester server URL. The AI agent inside n8n uses WAFtester's tools exactly like a human would in Claude Desktop.
Async Task Handling
Long-running scans (scan, assess, bypass, discover) return a task ID immediately. The AI polls with get_task_status using long-poll to stay within n8n's timeout limits.
Ready-to-Import Workflow Templates
Three production-ready n8n workflows. Download the JSON, import into n8n, configure credentials, done.
AI WAF Security Agent
Chat Trigger + AI Agent + MCP Client. Ask security questions in natural language, get tool-backed answers.
Scheduled WAF Audit
Weekly cron + WAF detect + assess + Slack routing. Automated regression testing with alert/all-clear notifications.
Post-Deploy WAF Gate
CI/CD webhook gate. Scans after deploy, returns HTTP 200 (pass) or 422 (fail) to your pipeline.
All three templates include a Docker Compose file for local development. See the n8n-templates directory for setup instructions.
Workflow 3: Autonomous Agent Loop
WAFtester ships 7 guided prompts that structure multi-step workflows. The AI follows each phase end-to-end with zero human input after the initial request.
security_audit prompt: 5-phase autonomous audit
Recon
probe → TLS version, server headers, WAF fingerprints, CDN detection
Discovery
discover → crawl, JS analysis, Wayback Machine, robots.txt, sitemap, brute-force
Test Plan
learn → maps endpoints to OWASP categories, prioritizes by risk, generates attack matrix
Scan
scan → fire payloads with smart tamper selection, find bypasses
Assess & Report
assess → F1 score, MCC, detection rate, false positive rate, letter grade (A+ through F), remediation guidance
waf_bypass
6-step bypass discovery: detect vendor → select tampers → mutation matrix → validate chains → rank by severity
full_assessment
Enterprise assessment with OWASP compliance mapping, CWE references, and executive summary generation
discovery_workflow
Attack surface mapping: crawl → JS analysis → Wayback → generate prioritized test plan
evasion_research
Systematic evasion research: test 90+ tamper x 49 mutator combinations, find novel bypass chains
template_scan
Nuclei template-based testing: load CVE/vulnerability templates, test WAF coverage against known exploits
27 MCP Tools
Every capability WAFtester has is exposed as an MCP tool. The AI agent picks the right tools and chains them based on context.
| Tool | Type | What It Does |
|---|---|---|
| detect_waf | Sync | Fingerprint WAF vendor and CDN (197 signatures) |
| scan | Async | Fire payloads at target, report bypasses and detection rate |
| assess | Async | Enterprise scoring: F1, MCC, FPR with letter grades (A+ to F) |
| bypass | Async | Mutation matrix: encoder x location x evasion combinatorial testing |
| discover | Async | Crawl, JS analysis, Wayback, robots.txt, sitemap, brute-force |
| learn | Sync | Generate prioritized test plan from discovery results |
| probe | Sync | TLS version, headers, server fingerprinting (read-only) |
| mutate | Sync | Offline payload encoding: URL, double-URL, Unicode, HTML hex |
| generate_cicd | Sync | Generate pipeline YAML for GitHub, GitLab, Azure, Jenkins, CircleCI, Tekton |
| list_payloads | Sync | Browse 2,800+ attack payloads by category and severity |
| get_task_status | Sync | Poll async tasks with long-poll support |
| cancel_task | Sync | Cancel a running async task |
| list_tasks | Sync | View all active, completed, and failed tasks |
| validate_spec | Sync | Parse and validate OpenAPI, Postman, HAR, AsyncAPI specs |
| list_spec_endpoints | Sync | Extract endpoints from parsed spec with group filtering |
| describe_spec_auth | Sync | Describe authentication schemes defined in spec |
| export_spec | Sync | Export parsed spec as normalized JSON |
| plan_spec | Sync | Generate intelligent scan plan from spec analysis |
| preview_spec_scan | Sync | Preview scan plan as formatted table before execution |
| scan_spec | Async | Execute spec-driven security scan across all endpoints |
| spec_intelligence | Sync | Run 8-layer intelligence analysis on parsed spec |
| compare_baselines | Sync | Diff scan findings between baseline and current run |
| list_tampers | Sync | List available tamper scripts and encoders (90+) |
| discover_bypasses | Async | Automated tamper chain combination testing for bypass discovery |
| event_crawl | Async | DOM event crawling with headless Chromium for SPA discovery |
| list_templates | Sync | Browse 35 bundled templates by category |
| show_template | Sync | Read full content of a bundled template |
12 MCP Resources
Resources provide context the AI needs to make informed decisions. Read-only data that grounds the AI's reasoning.
waftester://version
Server version, tool inventory, vendor list
waftester://payloads
Full payload catalog with severity/category stats
waftester://guide
WAF testing methodology guide
waftester://waf-signatures
12 vendor signatures with detection and bypass tips
waftester://evasion-techniques
Encoder catalog with effectiveness ratings
waftester://owasp-mappings
OWASP Top 10 2021 categories with CWE refs
waftester://config
Default config values and recommendations
waftester://templates
Bundled template catalog
waftester://payloads/{category}
Payloads for a specific category (sqli, xss, traversal, etc.)
waftester://payloads/unified
Combined stats from JSON payloads and Nuclei templates
waftester://spec-formats
Supported API spec formats and their capabilities
waftester://intelligence-layers
8-layer intelligence engine for auto-selecting attacks per endpoint
Deploy Options
Run the MCP server alongside your AI infrastructure. Two transports cover every integration pattern.
stdio Transport
For IDE integrations. The AI spawns WAFtester as a subprocess and communicates via stdin/stdout.
Used by: Claude Desktop, VS Code, Cursor
HTTP/SSE Transport
For remote integrations. A persistent server with streamable HTTP and legacy SSE endpoints.
Used by: n8n, Langflow, custom agents
services:
waftester-mcp:
image: qandil/waftester:latest
command: ["mcp", "--http", "0.0.0.0:8080"]
ports:
- "8080:8080"
environment:
- WAF_TESTER_PAYLOAD_DIR=/payloads
- WAF_TESTER_TEMPLATE_DIR=/templates
healthcheck:
test: ["CMD", "wget", "-q", "--spider", "http://localhost:8080/health"]
interval: 30sWhy AI Teams Choose WAFtester
No Adapter Code
MCP is a standard protocol. No custom API wrappers, no output parsers, no error handling boilerplate. Add the JSON config and your AI agent has 27 security tools.
AI Reasons About Results
The AI doesn't just return raw JSON. It interprets F1 scores, explains bypass chains, and suggests WAF rule fixes. Context-aware security analysis.
Async-First Architecture
Long scans return task IDs immediately. The AI polls with long-poll support. Works within n8n's 60-second timeout. No dropped connections, no timeouts.
CORS + Security Headers
Built for real deployment. CORS middleware for browser-based clients, security headers on every response, structured logging with sensitive field redaction.
For quick MCP commands, see the AI & MCP cheat sheet. Full MCP server documentation is in the docs.
Ready to Try It?
One command to install. One command to scan. Real results in seconds.