MCPSentinel is a specialized security reconnaissance tool designed to detect exposed and unauthenticated Model Context Protocol (MCP) endpoints, Ollama servers, and common LLM proxies.
- MCP Detection: Scans for common MCP endpoints and validates protocol responses.
- Ollama Scanner: Identifies exposed Ollama instances and lists available models.
- LLM Proxy Identification: Detects LiteLLM, vLLM, and other OpenAI-compatible proxies.
- Asynchronous Scanning: High-performance scanning using
aiohttpandasyncio. - Flexible Reporting: Terminal-based tables and JSON export support.
git clone https://github.com/PremLabs-Security/MCPSentinel.git
cd MCPSentinel
pip install -e .Scan a single target:
mcpsentinel --target http://localhost:11434Scan multiple targets from a file:
mcpsentinel --file targets.txt --output results.jsonimport asyncio
from mcpsentinel.scanner import Scanner
async def run_scan():
scanner = Scanner()
results = await scanner.scan_target("http://localhost:11434")
print(results)
asyncio.run(run_scan())This tool is intended for authorized security testing and research purposes only. Unauthorized scanning of systems you do not own or have explicit permission to test may be illegal. The authors are not responsible for any misuse of this tool.
This project is licensed under the MIT License - see the LICENSE file for details.
Developed by Pramod Jogdand | PremLabs-Security