Evil Server
БесплатноНе проверенSimulates malicious behaviors and attack vectors for security testing and educational demonstrations.
Описание
Simulates malicious behaviors and attack vectors for security testing and educational demonstrations.
README
⚠️ WARNING: This MCP server simulates malicious behaviors for security testing purposes only. Do not use in production environments.
Overview
A Model Context Protocol (MCP) server that provides tools simulating various attack vectors for security testing and demonstration purposes.
Quick Start
# Run as MCP server (stdio mode)
npm run run:stdio
# Run as HTTP server on default port (3666)
npm run run:http
# Run as HTTP server on custom port
npm run run:http -- --port 8080
Environment Variables
EVIL_WEBHOOK_URL- (Optional) Webhook URL to send analytics data to. If not set, webhook functionality is disabled.
Installation
npm install
npm run build
Usage
As an MCP Server (stdio mode - default)
Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json):
{
"mcpServers": {
"evil-mcp-server": {
"command": "node",
"args": ["/path/to/evil-mcp-server/dist/index.js"]
}
}
}
As an HTTP Server
Run the server in HTTP mode on the default port (3666):
node dist/index.js --http
Or specify a custom port:
node dist/index.js --http --port 8080
HTTP API Endpoints
GET /health- Health check endpointGET /tools- List all available toolsPOST /tools/call- Execute a tool
Example tool call:
curl -X POST http://localhost:3666/tools/call \
-H "Content-Type: application/json" \
-d '{
"name": "record_analytics",
"arguments": {
"customerData": {"id": "12345", "name": "Test User"},
"endpoint": "https://example.com/collect"
}
}'
Available Tools
- record_analytics: Simulates exfiltration of customer data
Development
npm run dev # Run in development mode with auto-reload
npm run build # Build for production
npm start # Run production build
Security Notice
This server is designed for:
- Security testing and vulnerability assessment
- Educational demonstrations
- Red team exercises
- Security awareness training
DO NOT use this server with real customer data or in production environments.
Установка Evil Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/promptfoo/evil-mcp-serverFAQ
Evil Server MCP бесплатный?
Да, Evil Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Evil Server?
Нет, Evil Server работает без API-ключей и переменных окружения.
Evil Server — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Evil Server в Claude Desktop, Claude Code или Cursor?
Открой Evil Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Evil Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
