mcpmap

mcpmap is a network scanner designed to discover MCP (Model Context Protocol) servers across IP ranges, functioning similarly to a specialized version of nmap for MCP deployments. It performs a sequence of steps to identify MCP servers, enumerate available tools, and optionally run low- to high-risk security checks in a controlled manner. The tool supports passive discovery by default and can operate in an active mode to perform more intrusive probing with safety limits in place. Use it to quickly map MCP-capable hosts in a given subnet and assess potential security postures and exposed tools.

Typical usage involves providing a target CIDR range, optionally enabling enumeration and active probing, and choosing whether to pin, verify, or output in JSON for CI/CD pipelines. The command-line interface exposes flags to list discovered tools, perform limited tool calls, and save or verify tool hashes for baseline comparisons. Outputs can be verbose or concise depending on the requested format.

Prerequisites:

• Docker installed (recommended for the official image) or use an alternative supported deployment method if available.
• Access to a terminal with network access to pull the image or build locally if provided.

Installation (Docker):

1. Run the MCP server image with your target range:

   docker run --rm ghcr.io/canack/mcpmap:latest 192.168.1.0/24

2. Optionally pass additional flags after the image name to customize behavior (examples in the README):

   docker run --rm ghcr.io/canack/mcpmap:latest 192.168.1.0/24 --enumerate docker run --rm ghcr.io/canack/mcpmap:latest 192.168.1.0/24 --enumerate --active

3. If you build from source or use a different distribution method, follow the project’s normal build/install steps as documented in the repo (e.g., cargo install for Rust builds) and invoke the binary with the target range.

Prerequisites (alternative builds):

• Rust toolchain for cargo builds
• Basic familiarity with the MCP server’s CLI options

Notes:

• The tool supports both passive discovery and active probing; active modes enable more aggressive checks but are bounded by safety limits (e.g., max calls per tool, total probes, timeouts).
• For baseline comparisons, you can use --pin to save tool/resource hashes and --verify to compare against a saved baseline.
• If using Docker, ensure the container has network access to the target ranges and appropriate permissions to access the network.
• The tool provides a JSON output mode (--json) suitable for CI/CD integration.
• Be mindful of potential legal and ethical considerations when scanning networks you do not own or have explicit authorization to test.