Mcpwn is an automated security scanner for MCP servers. It analyzes the tooling exposed by MCP implementations to detect command injection (RCE), path traversal, prompt injection, and protocol-related vulnerabilities, and can produce structured reports (JSON/SARIF) suitable for AI analysis and CI/CD pipelines. You can run scans against any MCP server by invoking Mcpwn and pointing it at the target server’s tooling arguments; Mcpwn will perform semantic and side-channel checks, accumulate findings, and categorize them by severity. The tool supports different operation modes, including quick scans, RCE-only mode, safe mode to skip destructive tests, and production security profiles via a paranoid.json profile for stricter testing.

Usage options include: scanning a specific MCP server tool chain, controlling timeouts, enabling parallel testing, and exporting reports in JSON, HTML, or SARIF formats. For example, you can run a basic scan against a server-filesystem tool by executing the Mcpwn CLI with the target payloads, or generate a SARIF report suitable for CI/CD pipelines.

Key capabilities you get with Mcpwn:

• Semantic detection of RCE patterns, file reads, and timing-based weaknesses in tool arguments.
• Side-channel detection (timing, size, behavioral anomalies) to reveal non-crash vulnerabilities.
• Production-security profiling via configurable profiles (e.g., paranoid.json) to apply stricter checks.
• Structured reporting with severity aggregation and SARIF export for integration with security tooling.
• Safe mode to skip destructive tests like protocol fuzzing, with options for quick scans and custom timeouts.

Prerequisites:

• Python 3.8+ (pure Python / stdlib)
• No external dependencies required

Installation steps:

1. Clone the repository: git clone https://github.com/Teycir/Mcpwn.git cd Mcpwn

2. Ensure the script is executable (optional on some platforms): chmod +x mcpwn.py

3. Run a test/help to verify installation: python3 mcpwn.py --help

4. (Optional) Create a virtual environment and install any local development dependencies if needed during customization: python3 -m venv venv source venv/bin/activate

   Install dependencies if you modify the project (not required for stock stdlib-based run)

Notes:

• The project is designed to run with Python 3.8+ using the standard library; there are no runtime dependencies to install for baseline usage.

Tips and common considerations:\n- Use --profile profiles/paranoid.json to enable production-security-like checks that include side-channel detection.\n- Use --output-json, --output-html, and/or --output-sarif to produce machine-readable reports suitable for CI/CD pipelines.\n- In safe mode, destructive tests such as protocol fuzzing are skipped. This is useful when evaluating a live MCP server.\n- For quick scans, use --quick to limit scan time and stop on the first tool injection finding.\n- If you encounter timeouts, you can raise the timeout with --timeout to accommodate slower targets.\n- If you’re integrating Mcpwn into automation, capture the SARIF output and feed it into your security workflow.\n- The documentation and help output (python mcpwn.py --help) describe all available flags and modes.