Damn Vulnerable MCP Server
a year ago
- #education
- #vulnerability
- #security
- DVMCP is an educational project demonstrating security vulnerabilities in MCP implementations.
- Contains 10 challenges of increasing difficulty showcasing various attack vectors.
- Target audience includes security researchers, developers, and AI safety professionals.
- MCP is a protocol for providing structured context to Large Language Models (LLMs).
- Vulnerabilities demonstrated include Prompt Injection, Tool Poisoning, and Excessive Permissions.
- Other vulnerabilities: Rug Pull Attacks, Tool Shadowing, and Indirect Prompt Injection.
- Additional risks: Token Theft, Malicious Code Execution, and Remote Access Control.
- Project structure includes challenges categorized by difficulty (easy, medium, hard).
- Includes documentation, setup guides, and solution guides for educational purposes.
- Licensed under MIT License, created by Harish Santhanalakshmi Ganesan.