The extension is designed to examine servers implementing the Model Context Protocol (MCP) standard — a mechanism that enables LLM agents to interact with external systems. MCPwned integrates into Burp Suite and allows analysts to inspect HTTP traffic between MCP clients and servers, identifying protocol implementation flaws.

Features:
📍 Analyze and test MCP servers directly through the Burp Suite interface.
📍 Automatically detect MCP endpoints and their parameters.
📍 Integrate with existing Burp modules for request interception and modification.
📍 Support manual and semi‑automated fuzzing of MCP interfaces.

📎 Tool: https://fenrisk.com/mcpwned-burp-suite-extension-mcp-servers

💬 Discuss

MCPwned — a Burp Suite extension for testing Model Context Protocol servers