A comprehensive database of Model Context Protocol vulnerabilities, security research, and exploits
☆35Feb 16, 2026Updated last month
Alternatives and similar repositories for vulnerablemcp
Users that are interested in vulnerablemcp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and res…☆33Apr 28, 2025Updated 10 months ago
- CDS Threat Modeling Tool MVP☆15Updated this week
- This repository is an open-source showcase of A2A-based AI agents that implement HTTP Message Signatures for authenticating their request…☆37Sep 25, 2025Updated 5 months ago
- An awesome and comprehensive list of LLM Securtiy Startups.☆15Nov 9, 2024Updated last year
- This repository demonstrates a security vulnerability in MCP (Model Context Protocol ) servers that allows for remote code execution and …☆21Apr 21, 2025Updated 11 months ago
- [EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction☆17Nov 9, 2024Updated last year
- A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654☆39Apr 21, 2024Updated last year
- Repository for CoSAI Workstream 4, Secure Design Patterns for Agentic Systems☆92Updated this week
- This projects provides a logger and a connected harlem shake js.☆20May 17, 2024Updated last year
- MCP security wrapper☆216Mar 2, 2026Updated 3 weeks ago
- Backdoor that leverages Nmap with setuid permissions to execute commands as root through a Lua-loaded C library☆52Oct 28, 2025Updated 4 months ago
- ☆29Jan 10, 2023Updated 3 years ago
- ATHI — An AI Threat Modeling Framework for Policymakers☆61Aug 21, 2023Updated 2 years ago
- Machine Learning Attack Series☆75May 17, 2024Updated last year
- Security tools for purple team, AI security, and M365/GWS. Authorized use only.☆71Mar 10, 2026Updated 2 weeks ago
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆20Feb 4, 2025Updated last year
- Tai-e的Web插件☆23Jun 11, 2024Updated last year
- LMAP (large language model mapper) is like NMAP for LLM, is an LLM Vulnerability Scanner and Zero-day Vulnerability Fuzzer.☆29Oct 16, 2024Updated last year
- ☆13Jul 25, 2023Updated 2 years ago
- Orchestrator managing Erlang containers and routing Erlang Distribution through itself.☆13Dec 19, 2025Updated 3 months ago
- ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.☆113Jan 4, 2024Updated 2 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆27Nov 23, 2017Updated 8 years ago
- Be able to execute memory snapshots so they can start running where they left off.☆36Apr 14, 2015Updated 10 years ago
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…☆123Dec 14, 2025Updated 3 months ago
- ☆25Jun 27, 2024Updated last year
- Using Shodan to get a breakdown of the most common key names in public Redis servers.☆13Dec 10, 2017Updated 8 years ago
- ☆12Aug 1, 2025Updated 7 months ago
- OmniMind: An open-source Python library for effortless MCP (Model Context Protocol) integration, AI Agents, AI workflows, and AI Automati…☆36Apr 19, 2025Updated 11 months ago
- A knowledge source about TTPs used to target GenAI-based systems, copilots and agents☆139Dec 22, 2025Updated 3 months ago
- PoC Reverse Text segment ELF File infector☆14Feb 28, 2020Updated 6 years ago
- Sample code for exfiltrating data through an XSS vulnerability. XSS Payload retrieves sensitive data in victim's browser, then breaks it …☆21May 11, 2021Updated 4 years ago
- Script for easy fetch ndk and sdk to compile apk with vab☆12Apr 30, 2024Updated last year
- Rate limiting for Ash actions.☆17Mar 12, 2026Updated last week
- Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly☆12Jun 13, 2016Updated 9 years ago
- Writeups of challenges and CTFs I participated in☆88Aug 25, 2025Updated 6 months ago
- Everything Application Security☆27Updated this week
- Automated Reverse TCP tunneling using a digitalocean instance and aploium's shootback repo (https://github.com/aploium/shootback)☆13Oct 30, 2018Updated 7 years ago
- A simple, easy-to-customize pipeline for local RAG evaluation. Starter prompts and metric definitions included.☆26Jan 14, 2026Updated 2 months ago
- A framework for TinTin++ using tmux☆12Jul 10, 2016Updated 9 years ago