MCP Tool · Validation

cred_leak_confirm

Passively checks whether emails associated with an asset appear in known breach datasets (HIBP v3). No passwords are retrieved or replayed — read-only breach metadata only.

Input

Name	Type	Required	Description
asset_id	string	yes	UUID of the asset whose associated email addresses will be checked.

REST API

curl -H "Authorization: Bearer sic_..." \
  -H "Content-Type: application/json" \
  -X POST https://sicenter.io/api/tools/cred_leak_confirm \
  -d '{"asset_id":"<string>"}'

MCP server

# MCP — call from Claude Desktop, Cursor, or any MCP client
{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "cred_leak_confirm",
    "arguments": {
        "asset_id": "<string>"
    }
  }
}

Endpoint: https://sicenter.io/api/mcp. See /mcp for connection guides for Claude Desktop, Cursor, and custom orchestrators.

More tools in Validation

subdomain_takeover_checkGiven a subdomain, resolve its CNAME and test whether the target is a dangling third-party service (GitHub Pages, Heroku, S3, Fastly, Shopify, Pantheon, Ghost, Tumblr, Wufoo, Tilda).
spoofing_simulatorOffline SPF/DMARC/DKIM analysis for an asset — computes a spoof-risk score (0-100) and a safe/mitigated/vulnerable verdict with no email sent.
exposure_confirmRe-validates a finding's exposed port with a single TCP connect (no payload). Returns whether the service is still publicly reachable.
cloud_config_auditDetect cloud misconfigurations via passive HTTP header inspection: CDN fingerprints, direct-S3 serving, overly permissive CORS. HEAD + OPTIONS only — no authentication required.

Browse the full MCP server documentation or jump to the API key management page in your dashboard.