kenhuangus_mcp-vulnerable-server-demo

kenhuangus_mcp-vulnerable-server-demo

3.1
security

If you are the rightful owner of kenhuangus_mcp-vulnerable-server-demo and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

This project demonstrates a vulnerable MCP server and multiple clients, including a proof-of-concept attack client and also a good client.

The Insecure MCP Demo is an educational project designed to showcase potential security vulnerabilities in a Model Context Protocol (MCP) server. It includes a vulnerable MCP server and multiple clients, such as a proof-of-concept attack client and a good client. The project structure consists of a vulnerable server script, a good client script for normal interactions, an attack client script to demonstrate exploitation, and a requirements file for dependencies. The project highlights several vulnerabilities, including SQL injection, arbitrary code execution, sensitive data exposure, and lack of access control. It also provides mitigation strategies to secure a real-world MCP server, such as using parameterized queries, restricting dangerous tools, implementing authentication and authorization, validating and sanitizing input, limiting environment variable access, auditing and monitoring usage, and adhering to the principle of least privilege. The project is intended for educational purposes only and should not be deployed in production environments.

Features

  • insert_record: Inserts a name/address record into the database. Vulnerability: Prone to SQL injection due to direct string interpolation of user input into SQL queries.
  • query_records: Lists all records in the database. Vulnerability: Exposes all data without authentication or access control.
  • execute_sql: Executes arbitrary SQL queries provided by the client. Vulnerability: Allows any SQL command, including destructive ones (e.g., data exfiltration, schema changes).
  • get_env_variable: Returns the value of any environment variable requested. Vulnerability: Leaks sensitive environment variables (e.g., secrets, API keys).

Related MCP Servers

View all security servers →
gateway

gateway

4.0

by centralmind

CentralMind Gateway is a tool designed to expose databases to AI agents via MCP or OpenAPI protocols, providing secure, LLM-optimized APIs.

databases
osv-mcp

osv-mcp

3.7

by StacklokLabs

An MCP server providing access to the OSV database for querying vulnerability information.

databases
win-cli-mcp-server

win-cli-mcp-server

3.6

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation
BloodHound-MCP-AI

BloodHound-MCP-AI

3.6

by MorDavid

BloodHound-MCP is a Model Context Protocol Server integration for BloodHound, enabling natural language analysis of Active Directory data.

security
ida-mcp-server-plugin

ida-mcp-server-plugin

3.6

by taida957789

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface.

developer_tools
apktool-mcp-server

apktool-mcp-server

3.6

by zinja-coder

apktool-mcp-server is a fully automated MCP server built on top of apktool to analyze Android APKs using LLMs like Claude, providing live reverse engineering support.

security
BloodHound-MCP

BloodHound-MCP

3.6

by stevenyu113228

BloodHound MCP is an extension of the BloodHound tool that enables LLMs to interact with and analyze Active Directory environments using natural language queries.

security
mcp-openapi-proxy

mcp-openapi-proxy

3.5

by matthewhand

mcp-openapi-proxy is a Python package that implements a Model Context Protocol (MCP) server, designed to dynamically expose REST APIs—defined by OpenAPI specifications—as MCP tools.

developer_tools
dynatrace-mcp

dynatrace-mcp

3.5

by dynatrace-oss

This remote MCP server allows interaction with the Dynatrace observability platform, bringing real-time observability data directly into your development workflow.

monitoring
mcp-shodan

mcp-shodan

3.5

by BurtTheCoder

A Model Context Protocol (MCP) server for querying the Shodan API and Shodan CVEDB, providing access to network intelligence and security services.

security
web3-mcp

web3-mcp

3.5

by strangelove-ventures

A Model-Context-Protocol server for interacting with multiple blockchains including Solana, Ethereum, THORChain, XRP Ledger, TON, Cardano, and UTXO chains.

finance
MCP-Kali-Server

MCP-Kali-Server

3.5

by Wh0am123

Kali MCP Server is a lightweight API bridge that connects MCP Clients to the API server, allowing execution of commands on a Linux terminal.

security
remote-mcp-functions-dotnet

remote-mcp-functions-dotnet

3.5

by Azure-Samples

This document provides a quickstart guide to building and deploying a remote Model Context Protocol (MCP) server using Azure Functions with .NET/C#.

cloud_platforms
VibeShift

VibeShift

3.5

by GroundNG

VibeShift is an intelligent security agent designed to integrate seamlessly with AI coding assistants, acting as an automated security engineer to analyze code, identify vulnerabilities, and facilitate AI-driven remediation.

security
jadx-mcp-plugin

jadx-mcp-plugin

3.5

by mobilehackinglab

The Jadx MCP Plugin provides a Java-based plugin for Jadx, exposing its API over HTTP to enable interaction with MCP clients like Claude, facilitating AI-assisted security analysis of Android apps.

security
auth0-mcp-server

auth0-mcp-server

3.5

by auth0

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language.

developer_tools
sonarqube-mcp-server

sonarqube-mcp-server

3.5

by sapientpants

A Model Context Protocol (MCP) server that integrates with SonarQube to provide AI assistants with access to code quality metrics, issues, and analysis results.

developer_tools
Wazuh-MCP-Server

Wazuh-MCP-Server

3.5

by gensecaihq

Wazuh MCP Server is an AI-powered security operations platform that integrates conversational AI with traditional SIEM operations.

security
nutrient-dws-mcp-server

nutrient-dws-mcp-server

3.5

by PSPDFKit

A Model Context Protocol (MCP) server implementation that integrates with the Nutrient Document Web Service (DWS) Processor API, providing powerful PDF processing capabilities for AI assistants.

developer_tools
binja-lattice-mcp

binja-lattice-mcp

3.5

by Invoke-RE

BinjaLattice is a secure communication protocol for Binary Ninja that enables interaction with external Model Context Protocol (MCP) servers and tools.

developer_tools
vercel-mcp-server

vercel-mcp-server

3.5

by Quegenx

A powerful Model Context Protocol (MCP) server for managing Vercel deployments with comprehensive features.

cloud_platforms
mcp_zoomeye

mcp_zoomeye

3.5

by zoomeye-ai

A Model Context Protocol (MCP) server that provides network asset information based on query conditions.

research_and_data
ExternalAttacker-MCP

ExternalAttacker-MCP

3.5

by MorDavid

ExternalAttacker is a Model Context Protocol (MCP) server designed for external attack surface management, integrating automated scanning with a natural language interface.

security
shodan-mcp-server

shodan-mcp-server

3.5

by Cyreslab-AI

A Model Context Protocol (MCP) server that provides access to Shodan API functionality and CVE database, allowing AI assistants to query information about internet-connected devices, services, and vulnerabilities.

research_and_data
NGCBot-MCP

NGCBot-MCP

3.5

by ngc660sec

NGCBot-MCP-Server is a WeChat bot based on the HOOK mechanism, supporting various features like security news push, AI responses, and more.

communication
onepassword-mcp-server

onepassword-mcp-server

3.5

by dkvdm

This MCP server is a proof of concept for educational purposes, utilizing the 1Password Python SDK to securely retrieve credentials.

security
Rootly-MCP-server

Rootly-MCP-server

3.5

by Rootly-AI-Labs

An MCP server for Rootly API that integrates with MCP-compatible editors to resolve production incidents efficiently.

developer_tools