MCP - Shield is a security tool for scanning MCP server vulnerabilities, which can detect security risks such as tool poisoning attacks, data leakage channels, and cross - domain violations.

This project is an M365 MCP server that implements the CISA BOD 25 - 01 security controls. It manages Microsoft 365 security settings through the Microsoft Graph API and provides functions such as blocking legacy authentication, risk - based access control, MFA management, application registration control, and password policy management.

A website security scanning tool based on the MCP protocol, integrating dirsearch directory scanning and firecrawl crawler technology, capable of automatically identifying the website technology stack and classifying vulnerability risk levels

MCP Bridge is a lightweight, LLM-independent RESTful proxy for connecting to multiple Model Context Protocol (MCP) servers and exposing their functions through a unified REST API. It solves the problem that platforms such as edge devices, mobile devices, and web browsers cannot efficiently run MCP servers, and provides optional risk-based execution levels, including security controls such as standard execution, confirmation workflows, and Docker isolation.

This project demonstrates the security risks of using AI agent tools through extendable-agents, especially the potential leakage of sensitive information caused by tool sharing under the MCP protocol, and provides security usage suggestions.

This project is an MCP toolkit for educational purposes, demonstrating social platform content analysis techniques and their security risks. It includes data extraction and analysis tools for Reddit and LinkedIn.

The Enkrypt AI MCP Server is a server for integrating red team testing, prompt auditing, and AI security analysis. It is compatible with the Model Context Protocol (MCP) standard and supports functions such as real - time prompt risk analysis and adversarial prompt generation. It can be seamlessly integrated with MCP clients such as Claude Desktop and Cursor IDE.

This project demonstrates an MCP server and client with security vulnerabilities for educational purposes, showing security risks such as SQL injection and arbitrary code execution.

Lilith Shell is an enhanced MCP server that allows AI assistants to execute commands in the terminal, providing security controls and testing capabilities. It should be used in a virtual machine or a resettable development environment due to security risks.

The MCP Network Sentinel is a tool for monitoring the network activities of MCP servers, used to identify potential security risks, record all network communications, and detect suspicious behaviors.

An intentionally vulnerable MCP server project for security research, containing risks of SQL injection and remote code execution, suitable for test environments.

A tool for executing bash commands through an MCP server, allowing client applications to remotely execute commands and obtain output results. Pay attention to security risks.

A demonstration project showing security vulnerabilities in MCP servers, demonstrating the risk of remote code execution through simple addition operations.

CloudSword is an open-source tool that helps public cloud tenants discover and fix risks in the cloud environment, and supports multi-platform asset management and security protection.