manthanghasadiya/mcpsec

An AI-driven dynamic protocol fuzzer for the Model Context Protocol (MCP). Prove runtime exploitability by discovering state violations, transport crashes, and application-layer logic flaws (SSRF, LFI) before your AI agents do.

33
/ 100
Emerging

Combines runtime protocol fuzzing with 149 static Semgrep rules to test live MCP servers over stdio/HTTP transports, generating 800+ malformed payloads across 22 fuzzing strategies (type confusion, protocol violations, injection attacks). Includes AI-powered mutation, SQL injection fingerprinting, tool chain analysis, and a rogue server for testing client-side MCP implementations, integrated with SARIF output for CI/CD pipelines.

Available on PyPI.

Maintenance 10 / 25
Adoption 3 / 25
Maturity 20 / 25
Community 0 / 25

How are scores calculated?

Stars

3

Forks

Language

Python

License

MIT

Category

security-testing-mcp

Last pushed

Mar 05, 2026

Commits (30d)

0

Dependencies

7

GitHub PyPI
Security Testing MCP · 265 servers

Get this data via API

curl "https://pt-edge.onrender.com/api/v1/quality/mcp/manthanghasadiya/mcpsec"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

Higher-rated alternatives

Wh0am123/MCP-Kali-Server

MCP configuration to connect AI agent to a Linux machine.

67

DMontgomery40/pentest-mcp

NOT for educational purposes: An MCP server for professional penetration testers including...

65

BurtTheCoder/mcp-shodan

MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...

64

cyproxio/mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like...

62

0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...

60

Explore MCP Servers

All categories Trending MCP Server directory Insights