Show HN: Mcpwn – treating MCP servers as the attack surface they are

Category: security

Tags: mcp, security, cli-tool

Score: 6.8/10 (Innovation: 6, Technical: 7, Documentation: 8, Utility: 6)

Mcpwn is a CLI tool for red-teaming MCP (Model Context Protocol) servers, enabling reconnaissance, exploitation, and proxy integration. It stands out by treating MCP servers as an attack surface with features like sqlmap bridge and Burp proxy funneling, making it interesting for security research.

Target audience: security researchers, penetration testers, devops

Repository: https://github.com/D0rs4n/mcpwn · Python · Apache-2.0 · 5 stars

View on Hacker News