dechonet-mcp

DechoNet MCP Server

Domain security reconnaissance tools for AI agents via Model Context Protocol.

13 security tools — DNS, SSL, HTTP headers, email auth, port scan, propagation, reverse DNS, ASN/BGP, RDAP/WHOIS, subnet calc, and comprehensive security scan — callable from Claude Desktop and any MCP-compatible AI agent.

Part of DechoNet. Every tool here is also a free web tool at dechonet.com — no sign-up, no API key — backed by error-fix guides. This package brings the same checks to AI agents.

Quick Start (Claude Desktop)

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "dechonet": {
      "command": "npx",
      "args": ["-y", "dechonet-mcp"]
    }
  }
}

Or if installed locally:

{
  "mcpServers": {
    "dechonet": {
      "command": "node",
      "args": ["/path/to/dechonet/mcp/build/index.js"]
    }
  }
}

Config file location:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json

Restart Claude Desktop. You'll see the DechoNet tools icon in the input area.

Install

# Via npx (no install needed)
npx dechonet-mcp

# Or install globally
npm install -g dechonet-mcp

Available Tools

Tool	Description
security_scan	Comprehensive scan — 9 checks in parallel, 0-100 Health Score, A-F grade
dns_lookup	DNS records + DNSSEC + SPF/DMARC validation
ssl_check	SSL/TLS certificate, chain, TLS version, A-F grade
http_security	HTTP redirect trace + 10 security headers audit, A-F grade
email_auth	SPF, DMARC, DKIM, BIMI, MTA-STS, DANE + blacklist check
port_scan	Open TCP ports with service identification
dns_propagation	DNS propagation across 8+ global resolvers
reverse_dns	PTR record + FCrDNS verification
asn_lookup	ASN/BGP network identification + abuse contact
whois_lookup	RDAP/WHOIS domain registration data
ip_info	Public IP, ISP, ASN, proxy detection
email_header_analysis	Email delivery route tracing + auth results
subnet_calc	CIDR subnet calculator (offline)

Example Prompts

Once connected, try asking Claude:

• "Check the security posture of example.com"
• "Is the SSL certificate for mysite.com about to expire?"
• "What DNS records does example.com have?"
• "Scan the open ports on my-server.com"
• "Analyze these email headers: [paste headers]"
• "What's the ASN for 8.8.8.8?"
• "Calculate the subnet for 10.0.0.0/16"

SSE Transport (Remote)

For remote/HTTP-based MCP connections:

cd mcp
npm run start:sse
# Server runs on http://localhost:3100
# SSE endpoint: http://localhost:3100/sse

Development

cd mcp
npm install
npm run build    # TypeScript → build/
npm run dev      # Run with tsx (stdio)
npm run start:sse # Run SSE server

How It Works

The MCP server calls DechoNet's public API (https://dechonet.com/api/util/*) — the same backend as the dechonet.com web tools — and returns structured results with:

• Status (ok/warn/bad)
• KPIs (key performance indicators per tool)
• Issues with severity (critical/warning/info) and confidence levels
• Actionable remediation steps
• Raw data (full JSON)

All data comes from public sources (DNS, HTTP headers, SSL certificates, RDAP). No active exploitation.

Environment Variables

Variable	Default	Description
DECHONET_URL	https://dechonet.com	API base URL
DECHONET_LOCALE	en	Response language (en or ko)
PORT	3100	SSE server port

About DechoNet

DechoNet is a domain security reconnaissance platform — distributed observation, cross-verification. The same diagnostics ship three ways: free web tools, error-fix guides, and this MCP server.

• 🌐 Web tools (free, no sign-up): https://dechonet.com
• 📘 Guides (fix common DNS/SSL/HTTP/email errors): https://dechonet.com/guides
• 🐦 X: https://x.com/Dechonetwork

MIT licensed. Issues and PRs welcome.