appsecco

vulnerable-mcp-servers-lab

Name: appsecco/vulnerable-mcp-servers-lab
Author: appsecco

View on GitHub

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

MCP Servers253 stars46 forks● JavaScriptMITUpdated 4mo ago

ClaudeWave Trust Score

87/100

✓ Trusted

Passed

✓Open-source license (MIT)
✓Healthy fork ratio
✓Clear description
✓Topics declared

Last scanned: 4/14/2026

Install in Claude Desktop

Method detected: Manual

{
  "mcpServers": {
    "vulnerable-mcp-servers-lab": {
      "command": "node",
      "args": ["/path/to/vulnerable-mcp-servers-lab/dist/index.js"]
    }
  }
}

1. Copy the snippet above.

2. Paste into ~/Library/Application Support/Claude/claude_desktop_config.json (Mac) or %APPDATA%\Claude\claude_desktop_config.json (Windows).

3. Replace any <placeholder> values with your API keys or paths.

4. Restart Claude Desktop. The MCP server appears automatically.

💡 Clone https://github.com/appsecco/vulnerable-mcp-servers-lab and follow its README for install instructions.

Use cases

🛠️ Dev Tools 🔬 Research 🔐 Security

About

MCP Servers overview

README preview not available. Visit the repo on GitHub for full documentation.

Topics

ai-red-teamingai-researchappseccobugbountyhackinglearning-pentestingmcpmcp-clientmcp-serverpentestingvulnerable-labs

Frequently asked

What people ask about vulnerable-mcp-servers-lab

What is appsecco/vulnerable-mcp-servers-lab?

appsecco/vulnerable-mcp-servers-lab is mcp servers for the Claude AI ecosystem. A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers. It has 253 GitHub stars and was last updated 4mo ago.

How do I install vulnerable-mcp-servers-lab?

You can install vulnerable-mcp-servers-lab by cloning the repository (https://github.com/appsecco/vulnerable-mcp-servers-lab) or following the README instructions on GitHub. ClaudeWave also provides quick install blocks on this page.

Is appsecco/vulnerable-mcp-servers-lab safe to use?

Our security agent has analyzed appsecco/vulnerable-mcp-servers-lab and assigned a Trust Score of 87/100 (tier: Trusted). See the full breakdown of passed checks and flags on this page.

Who maintains appsecco/vulnerable-mcp-servers-lab?

appsecco/vulnerable-mcp-servers-lab is maintained by appsecco. The last recorded GitHub activity is from 4mo ago, with 1 open issues.

Are there alternatives to vulnerable-mcp-servers-lab?

Yes. On ClaudeWave you can browse similar mcp servers at /categories/mcp, sorted by popularity or recent activity.

1-click deploy

Deploy vulnerable-mcp-servers-lab to your cloud

Ship this repo to production in minutes. Each platform spins up its own environment with editable env vars.

Vercel Railway Render

Embeddable badge

Maintain this repo? Add a badge to your README

Drop the badge into your GitHub README to show it's tracked on ClaudeWave. Each badge links back to this page and reflects the live Trust Score.

Markdown (README)

[![Featured on ClaudeWave](https://claudewave.com/api/badge/appsecco-vulnerable-mcp-servers-lab)](https://claudewave.com/repo/appsecco-vulnerable-mcp-servers-lab)

HTML

<a href="https://claudewave.com/repo/appsecco-vulnerable-mcp-servers-lab"><img src="https://claudewave.com/api/badge/appsecco-vulnerable-mcp-servers-lab" alt="Featured on ClaudeWave — appsecco/vulnerable-mcp-servers-lab" width="320" height="64" /></a>