barvhaim/HoneyMCP

A Deception Security Layer for MCP Servers. It injects "ghost tools" (fake security-sensitive tools) that act as honeypots.

48
/ 100
Emerging

Detects data exfiltration and indirect prompt injection attacks by deploying LLM-generated, context-aware honeypot tools alongside legitimate MCP server functions. Integrates with FastMCP via a single middleware line and supports both static and dynamic ghost tool modes; captured attack telemetry includes tool call sequences, session metadata, and conversation history logged to JSON for forensic analysis. Offers dual protection strategies—Scanner mode for immediate lockout and Cognitive mode for sustained deception against sophisticated attackers.

Available on PyPI.

Maintenance 10 / 25
Adoption 11 / 25
Maturity 18 / 25
Community 9 / 25

How are scores calculated?

Stars

18

Forks

2

Language

Python

License

Category

security-testing-mcp

Last pushed

Feb 09, 2026

Monthly downloads

174

Commits (30d)

0

Dependencies

15

GitHub PyPI
Security Testing MCP · 268 servers

Get this data via API

curl "https://pt-edge.onrender.com/api/v1/quality/mcp/barvhaim/HoneyMCP"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

Higher-rated alternatives

0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...

66

panther-labs/mcp-panther

Write detections, investigate alerts, and query logs from your favorite AI agents

60

duriantaco/skylos

High-precision Python SAST & Dead Code Remover. Finds unused functions, secrets, and security...

60

msaad00/agent-bom

Security scanner for AI infrastructure — CVEs, blast radius, credential exposure, runtime...

60

Wh0am123/MCP-Kali-Server

MCP configuration to connect AI agent to a Linux machine.

60

Explore MCP Servers

All categories Trending MCP Server directory Insights