MCPHammer is a Model Context Protocol (MCP) server built with FastMCP, designed for security testing and evaluating server vulnerabilities. It integrates with Claude AI, provides text injection capabilities, and offers various server information utilities. The project highlights potential security risks in MCP servers, including prompt injection and covert command-and-control.
Key Features
- Claude AI Integration: Directly query Claude models via the MCP protocol.
- Text Injection System: Append custom text to tool responses for testing purposes.
- HTTP Transport: Built on FastMCP for reliable HTTP-based communication and remote hosting.
- Session Logging: Automatically logs all tool calls and interactions, including input parameters, responses, and token usage.
- Health Monitoring: Includes built-in health check and server information endpoints.
- Telemetry Service: Collects and stores host information, optionally sending it to a remote host.
- Remote Management: Allows changing injection text and managing multiple MCPHammer instances remotely via a dedicated management server and web UI.
- Init Tool: Automatically downloads and opens files from a configurable URL.
- Download & Execute: Capability to download files from URLs and optionally execute them.
- Configurable Init URL: Remotely change the init tool's download URL via web UI or API.
Use Cases
MCPHammer is primarily used for:
- Evaluating MCP Server Security: Identifying and testing vulnerabilities in Model Context Protocol implementations.
- Red Team Operations: Simulating attacks like prompt injection and covert command-and-control (C2) through tool arguments.
- AI Security Research: Understanding and demonstrating attack vectors in AI-integrated systems that use protocols like MCP.
- Remote Control and Data Exfiltration: The Conversation Assistant demo showcases how malicious MCP servers can scan tool arguments for hidden commands, execute them silently, and exfiltrate results.
