playbooks

home / mcp / damn vulnerable mcp server

Damn Vulnerable MCP Server

Provides a set of MCP challenge servers across multiple ports to learn and test Model Context Protocol interactions.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "harishsg993010-damn-vulnerable-mcp-server": {
      "url": "http://127.0.0.1:9001/sse"
    }
  }
}

You can run and test multiple Damn Vulnerable MCP challenges locally, then connect MCP clients to each challenge endpoint to explore model context interactions. This setup helps you practice establishing MCP connections, sending requests, and inspecting responses in a controlled environment.

How to use

To use the MCP challenges, run the individual challenge servers locally and connect your MCP client to each one. Each challenge exposes its own HTTP MCP endpoint that you can access from an MCP client such as Claude Desktop or the MCP Inspector.

How to install

Prerequisites you need before starting:

  • Python 3.10 or higher
  • pip (Python package installer)
  • node (needed for running remote MCP server)
  • An MCP client (e.g., Claude Desktop or MCP Inspector)

Additional sections

Configuration and usage notes for the MCP server set include how to run the challenges, connect MCP clients, and troubleshoot common issues. The setup focuses on running multiple challenge servers locally and wiring them into MCP clients via their HTTP endpoints.

Note: Each challenge runs its own server and listens on a dedicated port. The default ports are listed per challenge, and you will connect to the server's SSE endpoint via the provided URL.

Troubleshooting tips include resolving port conflicts by changing the port in the server startup, creating a virtual environment for dependencies, and verifying that the server is running and accessible from your network.

MCP server connections and examples

{
  "mcpServers": {
    "challenge1": {
      "type": "http",
      "name": "challenge1",
      "url": "http://127.0.0.1:9001/sse",
      "args": []
    },
    "challenge2": {
      "type": "http",
      "name": "challenge2",
      "url": "http://127.0.0.1:9002/sse",
      "args": []
    },
    "challenge3": {
      "type": "http",
      "name": "challenge3",
      "url": "http://127.0.0.1:9003/sse",
      "args": []
    },
    "challenge4": {
      "type": "http",
      "name": "challenge4",
      "url": "http://127.0.0.1:9004/sse",
      "args": []
    },
    "challenge5": {
      "type": "http",
      "name": "challenge5",
      "url": "http://127.0.0.1:9005/sse",
      "args": []
    },
    "challenge6": {
      "type": "http",
      "name": "challenge6",
      "url": "http://127.0.0.1:9006/sse",
      "args": []
    },
    "challenge7": {
      "type": "http",
      "name": "challenge7",
      "url": "http://127.0.0.1:9007/sse",
      "args": []
    },
    "challenge8": {
      "type": "http",
      "name": "challenge8",
      "url": "http://127.0.0.1:9008/sse",
      "args": []
    },
    "challenge9": {
      "type": "http",
      "name": "challenge9",
      "url": "http://127.0.0.1:9009/sse",
      "args": []
    },
    "challenge10": {
      "type": "http",
      "name": "challenge10",
      "url": "http://127.0.0.1:9010/sse",
      "args": []
    }
  }
}

Available tools

Claude Desktop

A desktop client that connects to MCP servers by configuring MCP server entries and launching remote tools through a local or remote environment.

MCP Inspector

A Python SDK tool that lets you inspect and interact with MCP servers to explore resources and tools.