MCP server fuzzer client and utilities

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for princekrroshan01 from gravatar.com princekrroshan01

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Your Name
  • Tags mcp , fuzzing , testing , json-rpc
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

MCP Fuzzer

A CLI tool for fuzzing MCP server tools using multiple transport protocols, with pretty output using rich.

CI PyPI - Version PyPI Downloads

Features

  • Multi-Protocol Support: HTTP, SSE, Stdio, and WebSocket transports
  • Tool Discovery: Automatically discovers available tools from MCP servers
  • Intelligent Fuzzing: Uses Hypothesis to generate random/edge-case arguments
  • Rich Reporting: Beautiful terminal tables with detailed statistics
  • Protocol Flexibility: Easy to add new transport protocols

Architecture

The MCP Fuzzer uses a transport abstraction layer to support multiple protocols. Here's how it works:

mcp_fuzzer_arch

Installation

pip install mcp-fuzzer

Supported Protocols

HTTP Transport

python mcp_fuzzer_client.py --protocol http --endpoint http://localhost:8080/rpc --runs 20

SSE Transport

python mcp_fuzzer_client.py --protocol sse --endpoint http://localhost:8080/sse --runs 15

Stdio Transport

# Binary executables
python mcp_fuzzer_client.py --protocol stdio --endpoint "./bin/mcp-shell" --runs 10

# Python scripts
python mcp_fuzzer_client.py --protocol stdio --endpoint "python3 ./my-mcp-server.py" --runs 10

# Python scripts with spaces in path
python mcp_fuzzer_client.py --protocol stdio --endpoint '"./My Server/mcp-server.py"' --runs 10

WebSocket Transport

python mcp_fuzzer_client.py --protocol websocket --endpoint ws://localhost:8080/ws --runs 25

Usage

You can run the fuzzer as a CLI tool after install:

mcp-fuzzer-client --protocol http --endpoint http://localhost:8000/mcp/ --runs 10

Or directly with Python:

python mcp_fuzzer_client.py --protocol http --endpoint http://localhost:8000/mcp/ --runs 10

Arguments

  • --protocol: Transport protocol to use (http, sse, stdio, websocket)
  • --endpoint: Server endpoint (URL for http/sse/websocket, command for stdio)
  • --runs: Number of fuzzing runs per tool (default: 10)
  • --timeout: Request timeout in seconds (default: 30.0)
  • --verbose: Enable verbose logging

Output

Results are shown in a colorized table with detailed statistics:

  • Success Rate: Percentage of successful tool calls
  • Exception Count: Number of exceptions during fuzzing
  • Example Exceptions: Sample error messages for debugging
  • Overall Statistics: Summary across all tools and protocols

Project dependencies are managed via pyproject.toml.

Test result of fuzz testing of https://github.com/modelcontextprotocol/python-sdk/tree/main/examples/servers/simple-streamablehttp-stateless

fuzzer

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for princekrroshan01 from gravatar.com princekrroshan01

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Your Name
  • Tags mcp , fuzzing , testing , json-rpc
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

0.3.3

0.3.2

0.3.1

0.3.0

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.9

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mcp_fuzzer-0.1.1.tar.gz (7.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

mcp_fuzzer-0.1.1-py3-none-any.whl (8.4 kB view details)

Uploaded Python 3

File details

Details for the file mcp_fuzzer-0.1.1.tar.gz.

File metadata

  • Download URL: mcp_fuzzer-0.1.1.tar.gz
  • Upload date:
  • Size: 7.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.9.23

File hashes

Hashes for mcp_fuzzer-0.1.1.tar.gz
Algorithm Hash digest
SHA256 aab098d519a8026d218849cdc23d4d5bc1ae29cd064e62e8cdc59887403b93ac
MD5 ac5ac337cd7a16938f4bead5eef4cbbe
BLAKE2b-256 d17198f4c9959eed6167a4b0109d4614fcdb27c96e3f4139e0e5519716a2d8d5

See more details on using hashes here.

File details

Details for the file mcp_fuzzer-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: mcp_fuzzer-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 8.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.9.23

File hashes

Hashes for mcp_fuzzer-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 62ed08d5c28658f42ad4abd9d2ad9e26f46d4ab88a21170e4b249613e4a2661a
MD5 690d774c39264c04e0bb518a8016e316
BLAKE2b-256 b0a5a847f9ef8ca62ea1065920a25c428b0db772a95032e8c084f86136725825

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page