Skip to content

m-q-t/mcp-server-scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

MCP Server Scanner

Overview

This tool detects MCP Servers running over Server-Sent Events (SSE) and enumerates its available tools.

⚠️ IMPORTANT: This is a quick prototype and is NOT production-ready. The code is intentionally sloppy as it was built for rapid feedback and as such it may miss some edge cases..

Purpose

This tool was created to test hypotheses about MCP Servers exposed to the internet. With ongoing discussions around MCP Authorization, it provides a way to:

  • Identify internet-exposed MCP servers
  • Determine if they implement proper security measures

Usage

Provide the base HTTP URL with an optional timeout parameter:

./mcp-scanner -url http://REDACTED -timeout 5                                       
2025/04/29 12:16:56 Initiating connection
2025/04/29 12:16:56 Processing SSE stream
2025/04/29 12:16:56 Waiting for messages
2025/04/29 12:16:56 Sending message: /messages?sessionId=4ac0f3be-619e-4fc2-8b5b-cda90df2392c
2025/04/29 12:16:56 Sent message: /messages?sessionId=4ac0f3be-619e-4fc2-8b5b-cda90df2392c
2025/04/29 12:16:56 Received message: /messages?sessionId=4ac0f3be-619e-4fc2-8b5b-cda90df2392c
2025/04/29 12:16:56 Found messages endpoint: messages?sessionId=4ac0f3be-619e-4fc2-8b5b-cda90df2392c
2025/04/29 12:16:56 Successfully got the messagesEndpoint: messages?sessionId=4ac0f3be-619e-4fc2-8b5b-cda90df2392c
2025/04/29 12:16:56 Sending message: {"result":{"protocolVersion":"2024-11-05","capabilities":{"tools":{},"resources":{}},"serverInfo":{"name":"mcp-sse-server","version":"1.0.0"}},"jsonrpc":"2.0","id":0}
2025/04/29 12:16:56 Sent message: {"result":{"protocolVersion":"2024-11-05","capabilities":{"tools":{},"resources":{}},"serverInfo":{"name":"mcp-sse-server","version":"1.0.0"}},"jsonrpc":"2.0","id":0}
2025/04/29 12:16:56 Received message: {"result":{"protocolVersion":"2024-11-05","capabilities":{"tools":{},"resources":{}},"serverInfo":{"name":"mcp-sse-server","version":"1.0.0"}},"jsonrpc":"2.0","id":0}
2025/04/29 12:16:56 Sending message: {"result":{"tools":[{"name":"add","inputSchema":{"type":"object","properties":{"a":{"type":"number"},"b":{"type":"number"}},"required":["a","b"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}},{"name":"search","inputSchema":{"type":"object","properties":{"query":{"type":"string"},"count":{"type":"number"}},"required":["query"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}]},"jsonrpc":"2.0","id":1}
2025/04/29 12:16:56 Sent message: {"result":{"tools":[{"name":"add","inputSchema":{"type":"object","properties":{"a":{"type":"number"},"b":{"type":"number"}},"required":["a","b"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}},{"name":"search","inputSchema":{"type":"object","properties":{"query":{"type":"string"},"count":{"type":"number"}},"required":["query"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}]},"jsonrpc":"2.0","id":1}
2025/04/29 12:16:56 Received message: {"result":{"tools":[{"name":"add","inputSchema":{"type":"object","properties":{"a":{"type":"number"},"b":{"type":"number"}},"required":["a","b"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}},{"name":"search","inputSchema":{"type":"object","properties":{"query":{"type":"string"},"count":{"type":"number"}},"required":["query"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}]},"jsonrpc":"2.0","id":1}
2025/04/29 12:16:56 Tools: {"result":{"tools":[{"name":"add","inputSchema":{"type":"object","properties":{"a":{"type":"number"},"b":{"type":"number"}},"required":["a","b"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}},{"name":"search","inputSchema":{"type":"object","properties":{"query":{"type":"string"},"count":{"type":"number"}},"required":["query"],"additionalProperties":false,"$schema":"http://json-schema.org/draft-07/schema#"}}]},"jsonrpc":"2.0","id":1}

About

detect exposed mcp servers over the internet and enumerate their tools

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages