ROADrecon Analyzer MCP server

The ROADrecon MCP Server provides AI assistants like Claude with access to your ROADRecon Azure AD data for security analysis. It enables you to perform security assessments on your Azure AD environment by letting Claude interact directly with your collected data.

Prerequisites

• Python 3.8+
• A running ROADRecon instance with the web GUI accessible
• MCP-compatible client (Claude Desktop, etc.)

Installation

1. Clone the repository
2. Install dependencies:

   pip install -r requirements.txt
   

Running the Server

1. Make sure your ROADRecon GUI is running (default: http://localhost:5000)

2. Run the MCP server:

   python roadrecon_mcp_server.py
   

3. To specify a different ROADRecon URL:

   ROADRECON_URL=http://localhost:8080 python roadrecon_mcp_server.py
   

Connecting with Claude Desktop

1. Open Claude Desktop
2. Go to Settings → Servers → Add Server
3. Select "Add from running server"
4. The server should appear in the list - click "Install"

More details on this step can be found here: https://modelcontextprotocol.io/quickstart/server

Using in Claude

Once connected, Claude can:

• Access Azure AD data via resources (e.g., roadrecon://users)
• Run security analysis with tools (e.g., find_privileged_users)
• Use pre-built prompts for common security tasks

Example Queries

• "Analyze the MFA status of users in this Azure AD tenant"
• "Find all users with privileged roles"
• "Check for applications with secrets or certificates"
• "Analyze the overall security posture of this Azure AD environment"

Available Resources

• roadrecon://stats - Summary statistics
• roadrecon://users - All users
• roadrecon://users/{id} - User details
• roadrecon://groups - All groups
• roadrecon://groups/{id} - Group details
• roadrecon://applications - All applications
• roadrecon://applications/{id} - Application details
• roadrecon://serviceprincipals - All service principals
• roadrecon://serviceprincipals/{id} - Service principal details
• roadrecon://devices - All devices
• roadrecon://mfa - MFA status for all users
• roadrecon://directoryroles - All directory roles
• roadrecon://roledefinitions - All role definitions
• roadrecon://approles - All app role assignments
• roadrecon://oauth2permissions - All OAuth2 permission grants
• roadrecon://tenantdetails - Tenant details

Available Tools

• find_privileged_users() - Find users with high-privilege roles
• analyze_mfa_status() - Analyze MFA deployment across users
• find_applications_with_secrets() - Find applications with secrets/certificates
• analyze_groups() - Analyze group types and membership
• identify_stale_accounts() - Find accounts that haven't logged in recently
• analyze_pim_implementation() - Assess Privileged Identity Management implementation
• analyze_service_principal_credentials() - Find over-permissioned service principals
• analyze_legacy_authentication() - Identify risks from legacy authentication protocols
• analyze_conditional_access_policies(file_path: str = "") - Analyze conditional access policies

Available Prompts

• analyze_security_posture - Comprehensive security analysis
• analyze_privileged_access - Analysis of privileged access model
• investigate_application_risks - Application security risk assessment
• analyze_identity_security - Identity security configuration analysis
• analyze_stale_accounts - Analysis of inactive user accounts
• analyze_privileged_access_management - PIM implementation assessment
• analyze_service_principal_security - Service principal credential risk analysis
• analyze_legacy_authentication_risks - Legacy authentication protocol risk assessment
• analyze_conditional_access - Analysis of conditional access policies
• comprehensive_security_review - Complete security review of the environment

How to install this MCP server

For Claude Code

To add this MCP server to Claude Code, run this command in your terminal:

claude mcp add-json "roadrecon-analyzer" '{"command":"python","args":["roadrecon_mcp_server.py"]}'

See the official Claude Code MCP documentation for more details.

For Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "roadrecon-analyzer": {
            "command": "python",
            "args": [
                "roadrecon_mcp_server.py"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.

For Claude Desktop

To add this MCP server to Claude Desktop:

1. Find your configuration file:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json
• Linux: ~/.config/Claude/claude_desktop_config.json

2. Add this to your configuration file:

{
    "mcpServers": {
        "roadrecon-analyzer": {
            "command": "python",
            "args": [
                "roadrecon_mcp_server.py"
            ]
        }
    }
}

3. Restart Claude Desktop for the changes to take effect