Back to MCP Catalog

ROADrecon Azure AD Analyzer MCP Server

SecurityPython
Analyze Azure AD security data collected by ROADrecon
Available Tools

find_privileged_users

Find users with high-privilege roles in Azure AD

analyze_mfa_status

Analyze MFA deployment across users in the tenant

find_applications_with_secrets

Find applications with secrets or certificates

analyze_groups

Analyze group types and membership

identify_stale_accounts

Find accounts that haven't logged in or changed password within a specified period

analyze_pim_implementation

Assess Privileged Identity Management implementation

analyze_service_principal_credentials

Find over-permissioned service principals with long-lived credentials

analyze_legacy_authentication

Identify risks from legacy authentication protocols that bypass MFA

analyze_conditional_access_policies

Analyze conditional access policies from an HTML file

file_path

The ROADrecon Azure AD Analyzer provides AI assistants with access to Azure AD data collected by the ROADtools suite for comprehensive security analysis. This MCP server enables detailed examination of user accounts, applications, service principals, directory roles, and other critical Azure AD components to identify security risks and compliance issues. With this tool, security professionals can leverage AI to quickly analyze MFA status, privileged access, application secrets, conditional access policies, and more. The server bridges the gap between ROADrecon's powerful data collection capabilities and AI-assisted security analysis.

ROADrecon Azure AD Analyzer

This MCP server provides AI assistants like Claude with access to your ROADRecon Azure AD data for comprehensive security analysis.

Prerequisites

Before installing the ROADrecon Azure AD Analyzer, ensure you have:

  • Python 3.8 or higher installed
  • A running ROADRecon instance with web GUI accessible (typically at http://localhost:5000)
  • An MCP-compatible client (such as Claude Desktop)

Installation

  1. Clone the repository:
git clone https://github.com/atomicchonk/roadrecon_mcp_server.git
cd roadrecon_mcp_server
  1. Install the required dependencies:
pip install -r requirements.txt

Running the Server

  1. Ensure your ROADRecon GUI is running (default: http://localhost:5000)

  2. Start the MCP server:

python roadrecon_mcp_server.py
  1. If your ROADRecon instance is running on a different URL, you can specify it:
ROADRECON_URL=http://localhost:8080 python roadrecon_mcp_server.py

Connecting with Claude Desktop

  1. Open Claude Desktop
  2. Navigate to Settings → Servers → Add Server
  3. Select "Add from running server"
  4. The server should appear in the list - click "Install"

For more detailed instructions on connecting MCP servers, visit: https://modelcontextprotocol.io/quickstart/server

Available Resources

The server provides access to various Azure AD resources:

  • roadrecon://stats - Summary statistics
  • roadrecon://users - All users
  • roadrecon://users/{id} - User details
  • roadrecon://groups - All groups
  • roadrecon://groups/{id} - Group details
  • roadrecon://applications - All applications
  • roadrecon://applications/{id} - Application details
  • roadrecon://serviceprincipals - All service principals
  • roadrecon://serviceprincipals/{id} - Service principal details
  • roadrecon://devices - All devices
  • roadrecon://mfa - MFA status for all users
  • roadrecon://directoryroles - All directory roles
  • roadrecon://roledefinitions - All role definitions
  • roadrecon://approles - All app role assignments
  • roadrecon://oauth2permissions - All OAuth2 permission grants
  • roadrecon://tenantdetails - Tenant details

Example Queries

Once connected, you can ask Claude to perform various security analyses:

  • "Analyze the MFA status of users in this Azure AD tenant"
  • "Find all users with privileged roles"
  • "Check for applications with secrets or certificates"
  • "Analyze the overall security posture of this Azure AD environment"
  • "Identify stale accounts that haven't logged in recently"
  • "Analyze the implementation of Privileged Identity Management"
  • "Check for service principals with long-lived credentials"
  • "Analyze conditional access policies"

Analyzing Conditional Access Policies

For conditional access policy analysis, the server looks for a file at "C:\Temp\caps.html" by default. You can specify a different file path when using the analyze_conditional_access_policies tool.

Troubleshooting

If you encounter issues:

  1. Ensure ROADRecon GUI is running and accessible
  2. Check that you're using the correct URL for your ROADRecon instance
  3. Verify that all dependencies are installed correctly
  4. Check the server logs for any error messages

Related MCPs

Netskope NPA
SecurityTypeScript

Manage Netskope Network Private Access infrastructure through natural language

DNStwist
SecurityJavaScript

Detect typosquatting, phishing, and domain impersonation with DNS fuzzing

Maigret OSINT Tool
SecurityJavaScript

Search for usernames across social networks and analyze URLs for OSINT research

About Model Context Protocol

Model Context Protocol (MCP) allows AI models to access external tools and services, extending their capabilities beyond their training data.

Generate Cursor Documentation

Save time on coding by generating custom documentation and prompts for Cursor IDE.