Alternatives and similar repositories for vulnerable-mcp-servers-lab

Users that are interested in vulnerable-mcp-servers-lab are comparing it to the libraries listed below

• dreadnode / burpference
  A research project to add some brrrrrr to Burp
  ☆196Updated 10 months ago
• Verizon / verizon_burp_extensions_ai
  Verizon Burp Extensions: AI Suite
  ☆141Updated 8 months ago
• spritz-group / QRFuzz
  QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applications
  ☆46Updated last year
• prjblk / wordpress-audit-automation
  Scripts to download every Wordpress plugin (updated in the last 2 years) and run Semgrep over the lot of it while storing output in a dat…
  ☆87Updated 10 months ago
• thisis0xczar / FrogPost
  FrogPost: postMessage Security Testing Tool
  ☆105Updated 3 weeks ago
• yacwagh / FAAST
  Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
  ☆67Updated 7 months ago
• jumpycastle / rre-burp
  Burp extension for Recursive Request Exploits (RRE) — DEFCON 2025
  ☆102Updated 4 months ago
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• ihrishikesh0896 / vulnreach
  ☆19Updated this week
• valeriyshevchenko90 / WhereToGo
  WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…
  ☆128Updated 3 years ago
• carlospolop / Blue-CloudPEASS
  ☆41Updated last week
• schwartz1375 / genai-security-training
  ☆215Updated this week
• assetnote / hopgoblin
  Adobe Experience Manager (AEM) hacking toolkit
  ☆100Updated 3 months ago
• PanosoikoGr / CloudTap
  Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…
  ☆48Updated 5 months ago
• hackvertor / repeat-strike
  ☆39Updated 5 months ago
• siamthanathack / Passkey-Raider
  Burp Suite extension for testing Passkey systems.
  ☆75Updated 8 months ago
• Neuvik / BucketHoarder
  ☆54Updated 2 years ago
• Tib3rius / Turbo-Intruder-Scripts
  A collection of Turbo Intruder scripts.
  ☆65Updated 10 months ago
• Hipapheralkus / AIAIAI
  An Incredibly Annoying, Insufferable Authentication Implementation
  ☆31Updated last year
• Arcanum-Sec / Scopify
  ☆192Updated 8 months ago
• ethiack / ai4eh
  AI for Ethical Hacking - Workshop
  ☆240Updated last month
• psiinon / open-source-llm-scanners
  ☆101Updated last month
• PawelKozy / mcp-breach-to-fix-labs
  Hands-on MCP security lab: 10 real incidents reproduced with vulnerable/secure MCP servers, pytest regressions, and Claude/Cursor battle-…
  ☆61Updated 3 weeks ago
• Adversis / NextjsServerActionAnalyzer
  A Burp Suite extension for analyzing Next.js Server Actions - server-side functions identified by hash IDs and `Next-Action` headers.
  ☆39Updated 4 months ago
• MorDavid / ExternalAttacker-MCP
  A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
  ☆71Updated 8 months ago
• Tib3rius / Copier
  A Burp extension to help pentesters copy requests / responses for reports.
  ☆50Updated 5 months ago
• 0ca / BoxPwnr
  An experimental project exploring the use of Large Language Models (LLMs) to solve HackTheBox machines autonomously.
  ☆187Updated last week
• xssdoctor / multidoc
  A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…
  ☆88Updated 6 months ago
• SirAppSec / bsides-shadow-api
  This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me
  ☆18Updated last year
• carlospolop / bf-aws-permissions
  ☆93Updated 5 months ago