An intentionally vulnerable Model Context Protocol server leveraging FastAPI, SQLite, Ollama LLM, and JSON-RPC to execute raw SQL and shell commands for advanced security research, including SQL injection and remote code execution testing.
Unlock the full potential of Vulnerable MCP Server through LangDB's AI Gateway. Get enterprise-grade security, analytics, and seamless integration with zero configuration.
Free tier available • No credit card required
Discover shared experiences
This project is an intentionally vulnerable MCP (Model Context Protocol) app, designed for security research.
DO NOT use in production environments.
It executes raw SQL and system commands with no authentication or restrictions.
A command execution server that combines:
This system routes natural language input to either SQL queries or shell commands, using a locally running LLM via Ollama.
Built to test SQL Injection (SQLi) and Remote Code Execution (RCE) vulnerabilities
via FastAPI, JSON-RPC, and LLM-based decision logic.
This app is intentionally insecure:
Use only in isolated environments, CTFs, or research labs.
git clone https://github.com/your-repo/mcp-vulnerable-app.git cd mcp-vulnerable-app docker-compose up --build docker network connect mcplab ollama docker network connect mcplab mcp_internal docker network connect mcplab mcp_remote
Shared threads will appear here, showcasing real-world applications and insights from the community. Check back soon for updates!
A Kali Linux-based Model Context Protocol (MCP) server enabling execution of returnable commands for...
Provides a Model Context Protocol (MCP) service offering advanced network incident response tools in...
A Model Context Protocol server enabling AI models to execute SQL queries, manage SQLite database sc...
Provides a Model Context Protocol server enabling advanced interaction with Google Cloud's Vertex AI...
Secure Model Context Protocol (MCP) SSH server enabling remote command execution, file and directory...