Detect MCP, A2A Agents, and Open LLM Interfaces Using AgentScan
AgentScan extends traditional port scanning by identifying MCP servers, A2A agents, and open LLM interfaces, revealing available tools, agent capabilities, model lists, and authentication status, with detailed usage commands and configurable parameters.
Traditional port scanners only report that an HTTP service exists. AgentScan adds a second layer by determining whether the service is an MCP server, an A2A Agent, or an open LLM interface, and it outputs available tools, agent capabilities, model lists, and authentication status.
Capabilities
MCP Server : detects streamable HTTP, legacy HTTP+SSE, provides tool/resource/prompt lists, authentication status, and honeypot signals.
A2A Agent : extracts Agent Card, skills, interfaces, unauthenticated JSON‑RPC reachability, and private‑network address leakage.
LLM Open Interfaces : supports Ollama, vLLM, SGLang, TGI, llama.cpp, Xinference, LiteLLM, FastChat, LocalAI, LM Studio, LMDeploy.
Usage examples
# Scan a domain or IP
./agentscan scan example.com
# Scan an internal subnet
./agentscan scan 192.168.1.0/24
# Skip port scan, validate known host:port list
./agentscan scan -f targets.txt --skip-port-scanCombined workflow with masscan:
# masscan discovers ports, AgentScan performs AI protocol identification
masscan 10.0.0.0/8 -p 80,443,8000,8080,11434 --rate 100000 -oL open_ports.txt
awk '/open/ {print $4 ":" $3}' open_ports.txt > targets.txt
agentscan scan -f targets.txt --skip-port-scan
# Re‑validate results from a mapping platform
agentscan scan -f fofa_export.txt --skip-port-scan --mcp-threads 200Common parameters
-f, --file FILE read targets from file (one per line)
-T, --threads N TCP scan concurrency (default 500)
--timeout MS TCP timeout (default 2000 ms)
--skip-port-scan treat input as already open host:port
--proxy URL socks5/socks4/https/http proxy
-o, --output FILE write JSON; A2A/LLM automatically write _a2a.json / _llm.json
-v, --verbose show detection detailsProject repository: https://github.com/7anX/AgentScan
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
