Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Goat

БесплатноНе проверен

A deliberately vulnerable MCP application for learning MCP security through hands-on exercises covering OWASP MCP Top 10 categories.

GitHubEmbed

Описание

A deliberately vulnerable MCP application for learning MCP security through hands-on exercises covering OWASP MCP Top 10 categories.

README

A deliberately vulnerable MCP (Model Context Protocol) application for learning MCP security through hands-on exercises. Inspired by AndroGoat, OWASP WebGoat, and other vulnerable applications. MCP Goat covers all 10 categories of the OWASP MCP Top 10.

WARNING: This application contains intentionally vulnerable servers. Do NOT expose to untrusted networks. For educational use only.

Quick Start

# Clone the repo
git clone https://github.com/satishpatnayak/MCP-Goat.git
cd MCP-Goat

# Create virtual environment and install
uv venv && source .venv/bin/activate && uv pip install -e .
# OR without uv:
python3 -m venv .venv && source .venv/bin/activate && pip install -e .

# List all challenges
mcp-goat list

# Start a vulnerable server
mcp-goat run mcp01-c01

# View guided exercise instructions
mcp-goat exercise mcp01-c01

# Get LLM client config snippet
mcp-goat config mcp01-c01

How It Works

  1. Choose a challenge from the list (mcp-goat list)
  2. Read the exercise (mcp-goat exercise <id>) to understand the vulnerability
  3. Start the vulnerable server (mcp-goat run <id>)
  4. Connect your LLM client (Claude Desktop, Cursor, LM Studio, MCP Inspector)
  5. Explore and exploit the vulnerability following the guided steps
  6. Learn the mitigations from the solution section

Connecting to Your LLM Client

Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-goat": {
      "command": "/full/path/to/mcp-goat/.venv/bin/mcp-goat",
      "args": ["run", "mcp01-c01"]
    }
  }
}

Cursor

Go to Settings → Cursor Settings → MCP → Add new MCP Server, or edit ~/.cursor/mcp.json:

{
  "mcpServers": {
    "mcp-goat": {
      "command": "/full/path/to/mcp-goat/.venv/bin/mcp-goat",
      "args": ["run", "mcp01-c01"]
    }
  }
}

Important: Use the full path to mcp-goat inside the .venv/bin/ directory. LLM clients don't activate virtual environments, so the bare mcp-goat command won't work.

To get your full path, run: echo "$(pwd)/.venv/bin/mcp-goat"

MCP Inspector

npx @modelcontextprotocol/inspector mcp-goat run mcp01-c01

Challenges

Category ID Title Difficulty
MCP01 — Token Mismanagement & Secret Exposure mcp01-c01 Leaked API Key Beginner
MCP01 — Token Mismanagement & Secret Exposure mcp01-c02 Plaintext OAuth Token Intermediate
MCP02 — Privilege Escalation mcp02-c01 Path Traversal Beginner
MCP02 — Privilege Escalation mcp02-c02 Write Escalation Intermediate
MCP03 — Tool Poisoning mcp03-c01 Tool Shadowing Advanced
MCP03 — Tool Poisoning mcp03-c02 Hidden Prompt Injection in Description Intermediate
MCP04 — Supply Chain Attacks mcp04-c01 Malicious Dependency Advanced
MCP04 — Supply Chain Attacks mcp04-c02 Backdoored Plugin Advanced
MCP05 — Command Injection mcp05-c01 DNS Lookup Injection Intermediate
MCP05 — Command Injection mcp05-c02 SQL Injection Intermediate
MCP06 — Intent Flow Subversion mcp06-c01 System Prompt Override Advanced
MCP06 — Intent Flow Subversion mcp06-c02 Fake Tool Result Injection Advanced
MCP07 — Insufficient Auth & Authorization mcp07-c01 No Authentication Beginner
MCP07 — Insufficient Auth & Authorization mcp07-c02 Broken Access Control / IDOR Intermediate
MCP08 — Lack of Audit & Telemetry mcp08-c01 Silent Data Exfiltration Intermediate
MCP09 — Shadow Servers mcp09-c01 Rogue MCP Server Advanced
MCP10 — Context Injection & Over-Sharing mcp10-c01 Cross-Agent Context Leak Intermediate
MCP10 — Context Injection & Over-Sharing mcp10-c02 PII Over-Sharing Beginner

Adding New Challenges

  1. Create a directory under src/mcp_goat/challenges/<category>/<challenge>/
  2. Add:
    • __init__.py
    • challenge.py — subclass Challenge with metadata
    • server.py — the vulnerable FastMCP server
    • exercise.md — guided exercise instructions
  3. Run mcp-goat list — auto-discovery picks it up immediately

Requirements

  • Python 3.11+
  • uv (recommended) or pip
  • Dependencies (installed automatically): mcp, click, rich, pyyaml

References

License

MIT

from github.com/satishpatnayak/MCP-Goat

Установка Goat

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/satishpatnayak/MCP-Goat

FAQ

Goat MCP бесплатный?

Да, Goat MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Goat?

Нет, Goat работает без API-ключей и переменных окружения.

Goat — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить Goat в Claude Desktop, Claude Code или Cursor?

Открой Goat на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Goat with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development