Sign in
← Back to search
github Active

Repository profile

appsecco/vulnerable-mcp-servers-lab

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

JavaScript MIT main Stack scanned README.md
Sign in to like appsecco/vulnerable-mcp-servers-lab
Open GitHub
Stars
263
Forks
50
Watchers
4
Issues
1
Commits
12
Awesome lists
1

Repository updates

Follow repository updates

Get generated appsecco/vulnerable-mcp-servers-lab development summaries by email, or follow the weekly and monthly RSS feeds.

Weekly RSS Monthly RSS

Sign in to subscribe by email. RSS feeds are public.

Sign in to subscribe

Activity and growth

Tracked growth, recent movement, and commit velocity from stored repository snapshots.

Latest capture 2026-06-24 13:08

Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
Stars since baseline
0
Snapshot coverage
1

Tracked growth

1 capture since 2026-06-24

Stars from baseline 0

Time horizon

All tracked data

Stars history

Total stars

Commits history

Default branch commits

Detected stack

Frameworks, package managers, ecosystems, and dependency manifests found during catalog scans.

Scanned 2026-06-24 13:08

Stack signals
1
Package managers
1
Manifest files
14
Dependencies
645

Frameworks and tools

  • Express web framework · high confidence
npm javascript

Dependency files

14 manifests
  • vulnerable-mcp-server-indirect-prompt-injection-remote-mcp/package.json javascript ecosystem, 2 dependencies
  • vulnerable-mcp-server-indirect-prompt-injection/package.json javascript ecosystem, 1 dependency
  • vulnerable-mcp-server-malicious-code-exec/package.json javascript ecosystem, 3 dependencies
  • vulnerable-mcp-server-malicious-tools/package.json javascript ecosystem, 3 dependencies
  • vulnerable-mcp-server-namespace-typosquatting/package.json javascript ecosystem, 3 dependencies
  • vulnerable-mcp-server-outdated-pacakges/package.json javascript ecosystem, 31 dependencies
  • vulnerable-mcp-server-secrets-pii/package.json javascript ecosystem, 3 dependencies
  • vulnerable-mcp-server-indirect-prompt-injection-remote-mcp/package-lock.json javascript ecosystem, 118 dependencies
  • 6 more files

Classification

Searchable topics, generated tags, and stack labels that explain where this repository fits.

Topics
11
Tags
0
Stacks
1

Topics

#ai-red-teaming #ai-research #appsecco #bugbounty #hacking #learning-pentesting #mcp #mcp-client #mcp-server #pentesting #vulnerable-labs

Generated tags

No generated tags yet.

Stack labels

Express

AI development signals

Agent instructions and tool configuration paths found in the repository tree.

0 paths
No AI development config files detected.

Similar repositories

Nearest indexed repositories by embedding similarity.

vinkius-labs/mcpfusion

MCP Fusion - The TypeScript framework for secure MCP servers.

253 stars
TypeScript 1 awesome list

IBM/mcp

A collection of Model Context Protocol (MCP) servers, clients and developer tools by IBM.

384 stars
1 awesome list

AIM-Intelligence/AIM-MCP

AIM MCP Server :: Guard and Protect your MCPs & AI Chatting

20 stars
TypeScript 1 awesome list

Metadata

Language
JavaScript
License
MIT
Default branch
main
Created
2025-12-18
First commit
2025-12-18
Last pushed
2025-12-18
GitHub updated
2026-06-11
Last synced
2026-06-24 13:08
Stack detected
2026-06-24 13:08
Archived
no

Links and files

GitHub README

Appears in

1