# Beagle Security MCP

> Beagle Security MCP connects your AI agent directly to high-fidelity web application security audits. Automate penetration testing, monitor real-time threats, and generate detailed vulnerability reports for any configured API or web endpoint using natural language commands.

## Overview
- **Category:** fort-knox
- **Price:** Free
- **Tags:** penetration-testing, cybersecurity, api-security, web-application-security, automated-audits, vulnerability-management

## Description

Running automated cybersecurity checks used to involve jumping between multiple dashboards or writing complex scripts just to track progress. Now, your agent handles the entire audit cycle conversationally. You tell it what you need tested—whether it's an entire application directory or a specific API endpoint—and it takes care of the heavy lifting. It programs high-fidelity penetration tests directly through natural chat commands and provides real-time alerts as threats are found. Instead of sifting through disorganized audit logs, your agent compiles complete vulnerability reports in JSON format, letting you instantly see exactly what's wrong with your application architecture. Because Vinkius hosts this MCP, you connect once to access all the security testing tools required for thorough coverage. It turns a multi-day manual effort into a few simple prompts.

## Tools

### get_application
Retrieves specific operational details for a single configured web application.

### get_running_tests
Lists the status and activity of all currently executing security tests.

### get_test_result
Fetches the complete, detailed vulnerability report for a specific test run in JSON format.

### get_test_sessions
Lists all previous and current security testing sessions recorded by the system.

### get_test_status
Checks and returns the current progress percentage and status of an active test run.

### list_applications
Retrieves a full list of all web applications configured for testing.

### list_projects
Lists all high-level security projects and application groups managed by the user.

### start_test
Initiates a new, automated penetration test against a specified web application or API.

### stop_test
Immediately halts any running security audit test that needs to be canceled or modified.

## Prompt Examples

**Prompt:** 
```
List all security applications configured in my Beagle account.
```

**Response:** 
```
I've retrieved your application directory. You currently have 3 configured endpoints, including 'Main Website' and 'API v1'. Would you like to check the last test session for any of them?
```

**Prompt:** 
```
Start a new penetration test for the current application.
```

**Response:** 
```
Security audit triggered! I've initiated a new high-fidelity penetration test for your application. The test is now running in the cloud. I'll monitor the progress and notify you of any critical threats.
```

**Prompt:** 
```
What is the status of the current security test?
```

**Response:** 
```
Fetching status... The current test is 'In Progress' (45% complete). So far, I've identified 2 low-risk items and 0 critical vulnerabilities. Shall I retrieve the real-time activity logs?
```

## Capabilities

### Audit Application Directory
Lists and manages every configured security project and application endpoint.

### Start Targeted Testing Runs
Triggers new, high-fidelity penetration tests against a specified web application or API.

### Monitor Live Audit Progress
Provides real-time status updates on active security scans and alerts the user to immediate threats.

### Retrieve Detailed Findings
Fetches comprehensive vulnerability reports, including detailed metadata for every test session.

### Review Historical Compliance Data
Accesses records of past test results and current running tests to maintain security oversight.

## Use Cases

### Verifying Post-Deployment Security
A DevOps team member connects the MCP and asks their agent to start a new penetration test for the newly updated API v1. The agent executes the `start_test` tool, monitors progress using `get_test_status`, and once done, retrieves all findings via `get_test_result` so they can confirm the deployment didn't introduce any critical flaws.

### Auditing a New Endpoint
A Security Engineer receives instructions to check an old but crucial internal web application. Instead of manually navigating, they ask their agent to list all applications using `list_applications`, identify the endpoint, and then use `get_application` to confirm its existence before running a targeted audit.

### Investigating Past Failures
A CISO needs proof of compliance for last quarter's audits. They instruct their agent to list all security projects using `list_projects`, then ask the agent to pull up historical results from `get_test_sessions` and summarize any vulnerabilities found.

### Handling a Crisis Audit
The team detects suspicious activity. The engineer immediately asks the agent to check all currently running tests using `get_running_tests`. If an outdated test is wasting resources, they can use `stop_test` before starting a fresh, targeted audit.

## Benefits

- Stop manual dashboard hopping. Your agent handles the entire audit cycle, letting you trigger tests using simple natural language commands.
- Get instant vulnerability intelligence. The MCP provides complete high-fidelity reports in JSON format, removing guesswork from complex findings.
- Stay current on security status. You can monitor active audits and retrieve real-time alerts without logging into a separate monitoring tool.
- Manage everything in one place. Use the agent to list all projects or applications so you always know your entire audit infrastructure is accounted for.
- Review history easily. The MCP lets you access historical records of past test results, guaranteeing constant security oversight and compliance checks.

## How It Works

The bottom line is: You talk to your AI client, and it executes complex, multi-step penetration tests against your live web apps.

1. Subscribe to this MCP, then retrieve your Access Token and Application Token from the Beagle Security dashboard.
2. Connect these credentials to your AI agent via any compatible client.
3. Use natural conversation to tell the agent what security test you need—for instance, listing all applications or initiating a new audit.

## Frequently Asked Questions

**How do I start using Beagle Security MCP for penetration testing?**
You must first subscribe to the MCP and retrieve your Access Token and Application Token from the dashboard. Then, you can prompt your agent to initiate a test run using `start_test`.

**Can I check if my applications are configured for testing?**
Yes, use the `list_applications` tool. This will give you a full inventory of all web apps and endpoints that are ready to be audited by your agent.

**Does Beagle Security MCP show me historical audit data?**
Absolutely. You can use `get_test_sessions` to list past tests, and then retrieve the deep findings for any specific date using `get_test_result`.

**What if I need to stop a test that's running?**
If an audit needs to be halted early or changed scope, use the `stop_test` tool. This immediately terminates the current security scan for you.

**Is this MCP better than just using my AI client's built-in browsing tools?**
Yes. Built-in tools are general; Beagle Security runs highly specialized, high-fidelity penetration tests that go far beyond simple web browsing or basic vulnerability checks.