MCP Catalogs
HomeMCPScan screenshot

MCPScan

by sahiloj·22·Score 45

MCPScan is an offensive security auditor for MCP servers, detecting tool poisoning, credential leaks, RCE vectors, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

securitydeveloper-toolsops-infra
7
Forks
0
Open issues
2 mo ago
Last commit
2d ago
Indexed

Overview

MCPScan is the first dedicated offensive security tool for MCP servers, providing comprehensive protection against known attack vectors. It implements 8 check categories covering the full MCP attack surface, including tool poisoning, credential leaks, RCE vectors, and supply chain vulnerabilities. The tool supports multiple transport protocols (stdio, HTTP, SSE) and offers various output formats including terminal, JSON, and SARIF for integration with security workflows.

Try asking AI

After installing, here are 7 things you can ask your AI assistant:

you:Auditing MCP servers for security vulnerabilities before deployment
you:Continuous integration security checks in CI/CD pipelines
you:Security research on MCP protocol attack vectors
you:Discovering exposed MCP servers on local networks
you:What types of MCP servers can MCPScan audit?
you:Can I integrate MCPScan into my CI/CD pipeline?
you:How often is MCPScan updated with new vulnerability checks?

When to choose this

Choose MCPScan when you need to proactively audit MCP servers for security vulnerabilities before deployment or when integrating MCP into production systems. It's ideal for security teams and developers building MCP applications who want to identify potential risks.

When NOT to choose this

Don't choose MCPScan if you need a general-purpose security scanner for non-MCP systems or if you require protection against client-side attacks (MCPScan focuses on server-side vulnerabilities).

Tools this server exposes

2 tools extracted from the README
  • scan

    Scans MCP servers for security vulnerabilities across stdio, HTTP, and SSE transports

  • discover

    Discovers MCP servers without running security scans

Note: Tools inferred from CLI usage examples and command structure, as no explicit tool documentation section was found in the README.

Comparable tools

owasp-mcp-security-checkermcp-security-auditmcp-vulnerability-scanner

Installation

# Requires Node.js ≥ 18
git clone https://github.com/sahiloj/MCPScan.git
cd MCPScan
npm install
npm run build

# Link globally
npm link

# Run from anywhere
mcpscan --help

**Claude Desktop Integration:** MCPScan automatically discovers Claude Desktop configurations at standard locations:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Linux: ~/.config/claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

FAQ

What types of MCP servers can MCPScan audit?
MCPScan can audit stdio, HTTP, and SSE transport MCP servers. It can directly scan servers, scan from AI client configurations, or probe localhost ports for exposed servers.
Can I integrate MCPScan into my CI/CD pipeline?
Yes. MCPScan supports JSON and SARIF output formats and exits with different codes based on severity (code 2 for critical findings, code 1 for high findings) for easy integration into automated security workflows.
How often is MCPScan updated with new vulnerability checks?
MCPScan is actively maintained with updates based on new research and CVEs. The architecture allows for easy addition of new check modules as new attack vectors are discovered.

Compare MCPScan with

MCPScan vs mcp-server-chartMCPScan vs everythingMCPScan vs filesystemMCPScan vs timeMCPScan vs sequentialthinking
GitHub →

Last updated · Auto-generated from public README + GitHub signals.