SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context Protocol (MCP)](https://modelcontextprotocol.io/introduction). It proactively identifies threats like OAuth token leakage, prompt injection vulnerabilities, rogue MCP servers, and tool poisoning attacks.
☆138Jun 7, 2025Updated 8 months ago
Alternatives and similar repositories for SecureMCP
Users that are interested in SecureMCP are comparing it to the libraries listed below
Sorting:
- Manage / Proxy / Secure your MCP Servers☆192Aug 8, 2025Updated 6 months ago
- MCP security wrapper☆213Updated this week
- Minimum DevSecOps with Monitoring Options on Amazon EKS☆13Feb 20, 2026Updated last week
- A comprehensive framework and assessment toolkit for measuring and improving Cloud Native security maturity across 8 critical business fu…☆10Jun 24, 2025Updated 8 months ago
- An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcro…☆74Updated this week
- Harness the security superpowers of your cloud asset inventory☆11Sep 22, 2024Updated last year
- A functional type system for policy inspection, audit and enforcement.☆13Aug 17, 2023Updated 2 years ago
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆18Mar 3, 2021Updated 4 years ago
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆986Dec 28, 2025Updated 2 months ago
- Touti Cracker is a cross-platform ethical hacking toolkit for educational purposes, featuring password cracking, WiFi auditing, and rever…☆49Jan 9, 2026Updated last month
- SAMMY Open Source v2☆14Feb 6, 2025Updated last year
- A tool to generate datasets and models based on vulnerabilities descriptions from @Vulnerability-Lookup.☆23Feb 19, 2026Updated last week
- 🛡️ High-performance WAF & CDN detection tool with effectiveness testing suite. Identify protection layers (Cloudflare, Akamai, AWS) and …☆106Feb 22, 2026Updated last week
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…☆70Nov 27, 2025Updated 3 months ago
- Automation of VPC Traffic Mirror Sessions in AWS☆35Nov 15, 2025Updated 3 months ago
- A file system that mutates files☆14Jul 20, 2020Updated 5 years ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 3 months ago
- Dynamic netflow graphs for nfdump☆14Sep 3, 2015Updated 10 years ago
- ZAP scripts to implement ASVS L1 checking☆16Apr 28, 2022Updated 3 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- ☆16Apr 30, 2023Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆14Jul 3, 2025Updated 7 months ago
- An OpenAI API Compatible Honeypot Gateway☆17Mar 17, 2025Updated 11 months ago
- ☆39Jul 31, 2025Updated 7 months ago
- SEDATED® Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure)☆112Jan 29, 2025Updated last year
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆13Jan 5, 2026Updated last month
- ☆86Feb 4, 2026Updated 3 weeks ago
- ☆19Feb 11, 2026Updated 2 weeks ago
- Impacket☆49Updated this week
- Open source templates you can use to bootstrap your security programs☆890Dec 28, 2025Updated 2 months ago
- Binsec/Haunted is an extension of Binsec to verify speculative constant-time and detect Spectre attacks.☆17Oct 19, 2023Updated 2 years ago
- Detect drift. Defend cloud.☆36Feb 21, 2026Updated last week
- ☆20Dec 13, 2019Updated 6 years ago
- Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution☆20Sep 2, 2015Updated 10 years ago
- Windows anti-debugging sandbox☆40Dec 24, 2025Updated 2 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆104Oct 13, 2025Updated 4 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆111Jul 21, 2025Updated 7 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- Elevation of MLsec: a threat-modeling card game for machine learning systems☆29Nov 24, 2025Updated 3 months ago