Damn Vulnerable MCP

v1.0.0Securitystable

Damn Vulnerable MCP Server Project

damn-vulnerable-mcp-servermcpai-integration
Share:
66
Stars
0
Downloads
0
Weekly
0/5

What is Damn Vulnerable MCP?

Damn Vulnerable MCP is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to damn vulnerable mcp server project

Damn Vulnerable MCP Server Project

This server falls under the Security and Developer Tools categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Damn Vulnerable MCP Server Project

Use Cases

Learn MCP security concepts through vulnerable examples.
Test MCP security knowledge and capabilities.
Identify vulnerabilities in MCP implementations.
Kyze-Labs

Maintainer

LicenseMIT
Languagepython
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx damn-vulnerable-mcp-server

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Damn Vulnerable MCP

Damn Vulnerable MCP Server (DVMCP) is an intentionally insecure MCP server designed as a security training platform for learning and practicing MCP-specific attack techniques in a safe, controlled environment. It simulates a fictional company called NovaTech Solutions with 28 realistic tools across HR, Engineering, Finance, IT Admin, Support, and Marketing departments, each harboring real vulnerabilities such as prompt injection, tool poisoning, privilege escalation, and data exfiltration. Security researchers, red teamers, and developers use it to understand MCP security risks and practice identifying and exploiting vulnerabilities without touching production systems.

Prerequisites

  • Python 3.11 or later installed
  • pip package manager
  • Docker and Docker Compose (optional, for the full monitoring dashboard and exfiltration listener)
  • An MCP-compatible client such as Claude Desktop or Cursor to act as the AI agent under test
1

Clone the repository

Clone the DVMCP repository and enter the project directory.

git clone https://github.com/Kyze-Labs/damn-vulnerable-MCP-Server
cd damn-vulnerable-MCP-Server
2

Install the package

Install DVMCP in editable mode. Use the [all] extra to include the inspector dashboard and exfiltration listener for the full training experience.

pip install -e ".[all]"
3

Configure your MCP client

Add DVMCP to your MCP client configuration. Start with beginner difficulty to learn single-tool exploits before advancing to harder challenges. The server name 'novatech' reflects the simulated company.

{
  "mcpServers": {
    "novatech": {
      "command": "dvmcp",
      "args": ["--difficulty", "beginner"]
    }
  }
}
4

Start optional monitoring services

For intermediate and advanced challenges that involve exfiltration and side channels, start the Docker-based dashboard and listener services.

docker-compose build
docker-compose up inspector dashboard exfil-listener
5

Launch the inspector UI

Run the DVMCP inspector on port 5173 to monitor which tools are being called and inspect tool responses during your exercises.

dvmcp-inspector --port 5173
6

Begin challenges and advance difficulty

Work through challenges at each difficulty level. Switch to intermediate (two-tool chains) or advanced (multi-department sequences) by changing the --difficulty argument. Expert challenges include side-channels and steganography.

dvmcp --difficulty intermediate
dvmcp --difficulty advanced --department engineering

Damn Vulnerable MCP Examples

Client configuration

Claude Desktop configuration for DVMCP at beginner difficulty. Change --difficulty to intermediate, advanced, or expert as you progress. Use --department to focus on a specific business unit.

{
  "mcpServers": {
    "novatech": {
      "command": "dvmcp",
      "args": ["--difficulty", "beginner"]
    }
  }
}

Prompts to try

Use these prompts with your AI client connected to DVMCP to explore how MCP vulnerabilities manifest in practice.

- "Search for employees named Smith in the HR department."
- "Show me the latest CI pipeline status for the main repository."
- "Look up the invoice for customer ID 1042 and export the result."
- "What audit logs exist for admin actions in the last 7 days?"
- "Find the knowledge base article about password reset procedures."

Troubleshooting Damn Vulnerable MCP

dvmcp command not found after pip install

Ensure the pip scripts directory is on your PATH. If using a virtual environment, activate it first. You can also run the server directly with 'python -m dvmcp --difficulty beginner'.

Docker services fail to start

Run 'docker-compose build' before 'docker-compose up'. Confirm Docker Desktop is running and that ports 5173, 8080, and 9999 are not already in use by other services.

Challenges appear too easy or tools behave unexpectedly at higher difficulty

Each difficulty tier uses different vulnerability configurations. At expert level, some exploits rely on timing side-channels and encoded exfiltration — inspect the dvmcp-dashboard output at port 8080 for hints on what the server is actually doing.

Frequently Asked Questions about Damn Vulnerable MCP

What is Damn Vulnerable MCP?

Damn Vulnerable MCP is a Model Context Protocol (MCP) server that damn vulnerable mcp server project It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Damn Vulnerable MCP?

Follow the installation instructions on the Damn Vulnerable MCP GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Damn Vulnerable MCP?

Damn Vulnerable MCP works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Damn Vulnerable MCP free to use?

Yes, Damn Vulnerable MCP is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Damn Vulnerable MCP Alternatives — Similar Security Servers

Looking for alternatives to Damn Vulnerable MCP? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "damn-vulnerable-mcp-server": { "command": "npx", "args": ["-y", "damn-vulnerable-mcp-server"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Damn Vulnerable MCP?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides