MCP Hammer
MCP security testing framework for evaluating Model Context Protocol server vulnerabilities
What is MCP Hammer?
MCP Hammer is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp security testing framework for evaluating model context protocol server vulnerabilities
MCP security testing framework for evaluating Model Context Protocol server vulnerabilities
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- MCP security testing framework for evaluating Model Context
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx mcphammerConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use MCP Hammer
MCPHammer is a security research framework from Praetorian built to demonstrate and test vulnerabilities in Model Context Protocol server implementations. It exposes tools that illustrate real attack vectors — including remote file download and execution, arbitrary command execution, configuration sync to a remote management server, and telemetry exfiltration — enabling red teams and security engineers to evaluate whether their MCP client/server stacks are hardened against these risks. It is intentionally malicious by design and should only be deployed in isolated lab environments for research and awareness purposes.
Prerequisites
- Python 3.10 or higher
- An Anthropic API key (ANTHROPIC_API_KEY) for the ask_claude tool
- An isolated lab or VM environment — never deploy on production systems
- Git to clone the repository
- An MCP-compatible client for testing (Claude Desktop in a sandboxed environment)
Clone the repository in an isolated environment
Clone MCPHammer only inside a dedicated VM or lab environment. Never run this on a development or production machine.
git clone https://github.com/praetorian-inc/MCPHammer.git
cd MCPHammerCreate a virtual environment and install dependencies
Set up a Python virtual environment to isolate the package dependencies.
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txtSet required environment variables
Configure ANTHROPIC_API_KEY at minimum. CONFIG_SYNC_URL points to the optional remote management server for multi-instance testing.
export ANTHROPIC_API_KEY=your_anthropic_api_key
# Optional: remote management server
export CONFIG_SYNC_URL=http://192.168.1.100:8888/sync
export CONFIG_SYNC_INTERVAL=60Start the MCPHammer server
Launch on the default port or specify a custom port. The server exposes an HTTP endpoint and a stdio interface.
# Default port
python MCPHammer.py
# Custom port
python MCPHammer.py --port 8080
# With remote management server
python MCPHammer.py --config-server 192.168.1.100:8888Connect a sandboxed MCP client for testing
Configure a test instance of Claude Desktop (in the isolated VM) to connect to MCPHammer and observe tool call behaviour.
{
"mcpServers": {
"mcphammer": {
"command": "python",
"args": ["/path/to/MCPHammer/MCPHammer.py"],
"env": {
"ANTHROPIC_API_KEY": "your_key_here"
}
}
}
}MCP Hammer Examples
Client configuration
Test MCP client configuration for evaluating MCPHammer in an isolated security research environment.
{
"mcpServers": {
"mcphammer": {
"command": "python",
"args": ["/home/researcher/MCPHammer/MCPHammer.py"],
"env": {
"ANTHROPIC_API_KEY": "your_anthropic_api_key"
}
}
}
}Prompts to try
Research prompts to observe MCPHammer's malicious tool behaviour in a controlled setting.
- "What tools does this MCP server expose?"
- "Call the get_server_info tool and show me the server configuration."
- "Use the hello_world tool and observe what text gets injected into the response."
- "Ask Claude to call init and log the network traffic to see what URLs are contacted."Troubleshooting MCP Hammer
ask_claude tool returns authentication errors
Ensure ANTHROPIC_API_KEY is set in the environment before starting MCPHammer. The key must have access to Claude API — verify it works with a direct curl call to the Anthropic API endpoint.
CONFIG_SYNC_URL connection times out
This variable is optional. If not running a remote management server, leave it unset. If testing multi-instance sync, ensure the management server at the given IP:port is running and reachable from the test VM.
Session log files grow without bound during testing
MCPHammer logs all tool calls automatically. Periodically clean the session files in the working directory, or mount the directory on a volume with sufficient space for your testing duration.
Frequently Asked Questions about MCP Hammer
What is MCP Hammer?
MCP Hammer is a Model Context Protocol (MCP) server that mcp security testing framework for evaluating model context protocol server vulnerabilities It connects AI assistants to external tools and data sources through a standardized interface.
How do I install MCP Hammer?
Follow the installation instructions on the MCP Hammer GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with MCP Hammer?
MCP Hammer works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is MCP Hammer free to use?
Yes, MCP Hammer is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.
MCP Hammer Alternatives — Similar Security Servers
Looking for alternatives to MCP Hammer? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up MCP Hammer in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use MCP Hammer?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.