mcp-fence is an open-source CLI tool for security scanning, protocol inspection, dynamic fuzzing, and sandboxed testing of Model Context Protocol (MCP) servers. Below are 26 infrastructure & backend apps with similar functionality to mcp-fence, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
mcpfuzz is an open-source command-line tool for dynamically scanning Model Context Protocol (MCP) servers. It actively probes live servers with exploit payloads to identify vulnerabilities, supporting security researchers and penetration testers in automating MCP server assessments.
Security scanner for MCP (Model Context Protocol) servers - pentest your AI agent's tool connections
mcpfz-probe is an open-source Python command-line tool that provides a runtime sidecar protocol and monitoring capabilities for fuzzing MCP servers. It helps developers and testers improve the reliability and security of their MCP server implementations through automated fuzz testing and runtime analysis.
mcp-bandit is an open-source command-line tool for scanning Model Context Protocol (MCP) servers for security vulnerabilities, including prompt injection and SSRF. It is designed for security engineers to audit and analyze MCP deployments.
mcp-check-security is an open-source command-line tool that performs offline security checks on Model Context Protocol (MCP) server configurations. It helps developers and security engineers identify potential vulnerabilities and misconfigurations before deployment. The tool is designed for use in AI infrastructure environments.
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
mcp-risk-linter is an open-source CLI tool that analyzes MCP server tools for readiness and security risks, including authentication, filesystem, shell, and network vulnerabilities. It helps developers and DevOps teams ensure safer deployments.
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
Reconnaissance and known-issue scanner for Model Context Protocol (MCP) servers
mcpsnare is an open-source CLI tool that actively scans Model Context Protocol (MCP) servers for vulnerabilities using confirmation-driven techniques. It is designed for security professionals to automate security assessments and penetration testing of MCP endpoints.
Security scanner for MCP servers — detect prompt injection, credential leaks, exposed endpoints, and tool poisoning
mcp-audit-scanner is an open-source CLI tool designed to audit Model Context Protocol (MCP) server configurations for security and privacy vulnerabilities. It assists security engineers in identifying and mitigating risks in AI agent infrastructure.
fortigate-mcp is an open-source CLI tool providing a local, read-only MCP server for Fortigate device administration over SSH. It is designed for network administrators needing secure, limited access.
guardmcp is an open-source CLI tool that scans MCP server configurations for security issues, including secrets, injection vulnerabilities, and authentication problems. It maps findings to the OWASP MCP Top 10, helping security engineers and DevOps teams secure their deployments.
hexis-mcp-guard is an open-source command-line tool that scans Model Context Protocol (MCP) servers for security vulnerabilities. It checks for issues such as misconfigurations and exposed secrets, helping administrators secure their MCP deployments. Designed for security engineers and server admins.
MCPSafe is a web-based security scanner for Model Context Protocol servers. It performs pre-install audits using static analysis and multi-LLM consensus to detect vulnerabilities, typosquatting, and permission issues. Designed for developers and registry operators to ensure safe MCP deployments.
dfx-mcp-scanner is an open-source CLI tool for scanning Model Context Protocol (MCP) servers to detect malicious tools, data exfiltration, and supply chain risks. It is designed for security engineers managing AI agent infrastructure.
mcpvet is an open-source CLI tool that combines testing, linting, and contract validation for MCP servers. It integrates with pytest and ESLint, streamlining the development and quality assurance process for developers working with the Model Context Protocol.
plesk-mcp is an open-source MCP server that facilitates automation and orchestration of model context protocol workflows, particularly for hosting and AI infrastructure scenarios. It is designed for engineers integrating AI models into hosting platforms.
mception is an open-source command-line MCP server that audits other MCP servers for security risks. It helps security engineers and administrators automate the detection of vulnerabilities in MCP environments.
eip-mcp is an open-source MCP server that delivers vulnerability and exploit intelligence for AI assistants. It supports the Model Context Protocol and is designed for integration into security and AI workflows. Distributed under the MIT license.
frame-check-mcp is an open-source CLI and MCP server for deterministic structural framing analysis of AI-generated documents. It blocks frame divergence by contract and delegates advanced judgment to agent models. Designed for AI developers needing robust document evaluation and compliance.
fc-mcp is an open-source Python package that implements client challenge protocols. It is distributed via PyPI, licensed under MIT, and provides a command-line interface for developers to integrate challenge-response mechanisms into their applications.
agent-prompt-injection-firewall-mcp is an open-source CLI firewall that scans prompts, RAG documents, tool arguments, and agent-to-agent payloads for OWASP LLM01 prompt injection vulnerabilities. It uses pattern-based and heuristic detection, integrates with MCP, and provides signed attestations for compliance. Designed for AI developers and security teams.
MCP server that extracts complete knowledge from any codebase — architecture, patterns, dependencies, API surface
cheetah-firewall-mcp is an MCP server designed to enhance agent input safety by scanning for prompt-injection, checking URL reputation, and verifying on-chain agent trust. It provides an API for developers to integrate security checks into their AI agent workflows, with a free tier available.