mcp_server_redteam
Verified Safeby akumar0205
Overview
A Python-based red teaming scanner designed to detect common security vulnerabilities in MCP (Model Context Protocol) servers through deterministic vulnerability probes and full transcript capture.
Installation
mcp-redteam demo --suite suites/baseline --out artifacts/demo --tool-server benignEnvironment Variables
- MCP_INTERNAL_TOKEN
Security Notes
The scanner is designed for 'Authorized Security Testing Only' and explicitly includes a 'vulnerable local lab'. It uses `subprocess.Popen(cmd, shell=True)` within `StdioTransport` to interact with target servers, which is a necessary function for a scanner to test command injection or similar vulnerabilities, but implies the CLI argument `--cmd` is provided by a trusted operator. The included demo and vulnerable servers are clearly marked and designed for controlled testing environments. There is no obfuscation or hardcoded sensitive production secrets, only test-specific canary values.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-watch
A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.
mcp-server-fuzzer
Fuzzing and security testing of Model Context Protocol (MCP) servers across multiple transport protocols (HTTP, SSE, Stdio) to validate functionality, robustness, and protocol compliance.
pentesting-mcp-servers-checklist
Provides a comprehensive checklist for security practitioners to pentest Model Context Protocol (MCP) servers and AI agents.