MCP security testing framework for evaluating Model Context Protocol server vulnerabilities
☆34Feb 17, 2026Updated 4 months ago
Alternatives and similar repositories for MCPHammer
Users that are interested in MCPHammer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DevSecOps for the AI-era CI/CD pipeline. Catches the bugs your AI coding assistant introduces — before they reach production.☆20Updated this week
- AATMF | An Open Source - Adversarial AI Threat Modeling Framework☆25Jun 1, 2026Updated last month
- This directory focuses exclusively on Threat Modeling Tools—software, code, libraries, or services that automate, guide, or support the d…☆24May 2, 2026Updated 2 months ago
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆25Dec 17, 2025Updated 6 months ago
- ProxyWatch☆64Apr 25, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Organizational asset discovery tool with 20+ plugins covering certificate transparency, passive DNS, and all 5 Regional Internet Registri…☆85Updated this week
- Modular OSINT and attack surface analysis platform for authorized security research, with risk scoring, attack paths, and report generati…☆24Jun 4, 2026Updated last month
- Host Internal Static Website on AWS☆17Dec 6, 2023Updated 2 years ago
- A list of useful payloads and bypass for Web Application Security☆14Nov 26, 2023Updated 2 years ago
- Tyche is a Mythic HTTPX Profile Generator used to create Malleable C2 Profiles.☆46Mar 28, 2026Updated 3 months ago
- Shroudware is a compile-time obfuscation library implemented entirely in the C preprocessor.☆27Apr 12, 2026Updated 3 months ago
- AWS SSO Device-Code Phishing Toolkit for Red / Purple Teams☆23Mar 10, 2026Updated 4 months ago
- ☆13Mar 14, 2022Updated 4 years ago
- MODBUS Penetration Testing Framework☆12Jul 2, 2017Updated 9 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.☆163Updated this week
- MCPwned is a companion extension that enables pentesters to effectively test MCP servers. It recognizes MCP-like endpoints, provies a sca…☆20Jul 3, 2026Updated last week
- A personal RAG system for offensive security knowledge☆127Updated this week
- Windows named pipe hooking toolkit☆44Mar 20, 2026Updated 3 months ago
- Secrets scanner with a twist... this is for getting threat actor credentials from MALWARE. Acquire TA creds from FLOSS exports, memdumps…☆37Jun 19, 2026Updated 3 weeks ago
- ☆19Dec 18, 2024Updated last year
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- Blast credentials across all 10 NetExec protocols in parallel — live hits, auto-skip timeouts, clean summaries. Built for fast iterative …☆16Mar 10, 2026Updated 4 months ago
- Arbitrary file read exploit for the Windows UPnP Device Host service.☆20Jun 5, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Maturity Model Collaborative project☆15Feb 27, 2023Updated 3 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Jul 9, 2023Updated 3 years ago
- Anvil is a runtime-first attack surface assessment tool for Windows thick client applications, built for penetration testers and security…☆37Mar 16, 2026Updated 4 months ago
- API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs☆107Updated this week
- Check your AWS CLI commands for security risks before you run them.☆33Apr 1, 2026Updated 3 months ago
- New exploitation tricks for hardened .NET Remoting servers☆33Aug 5, 2025Updated 11 months ago
- Semgrep Pro Rules to ensure code using LLMs is following best practices☆71Mar 25, 2026Updated 3 months ago
- USRLINKS v1.0 - The Ultimate Username Reconnaissance Tool☆24Oct 6, 2025Updated 9 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆26Jun 27, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only.☆56Updated this week
- Analyzes software dependencies across GitHub repositories to identify security vulnerabilities and health risks in your supply chain.☆125May 26, 2026Updated last month
- A POC tool for exploring dev-tunnels☆66May 5, 2026Updated 2 months ago
- Notes Template/Checklist for PEN-300 OSEP☆20Nov 20, 2021Updated 4 years ago
- Simple LLM service identification - translate IP:Port to Ollama, vLLM, LiteLLM, or 60+ other AI services in seconds☆76Updated this week
- Monitoring tool to detect patterns or IOCs (strings, regex, VirusTotal) and alert you and your team via console, Telegram or SMS written …☆17Feb 17, 2026Updated 4 months ago
- Notes about the YouTube playlist: Red Team Operations with Cobalt Strike (2019)☆21Feb 16, 2021Updated 5 years ago