Free Download for MCP

View an ad to download for free

Softonic review

Network scanner and auditor for Model Context Protocol deployments

mcpmap, from Canack, is a security-auditing and network discovery tool for the Model Context Protocol that maps AI-integrated server infrastructure. It discovers MCP endpoints, enumerates available tools and assigns risk levels to flag potentially dangerous tool executions. The app offers tiered probing modes and integrity checks. Security researchers, AI system architects, and DevOps engineers use it to maintain visibility and reduce the risk of unauthorized AI operations. Its nmap-like interface is familiar to network administrators.

What tasks can you actually use it for?

mcpmap performs network-wide discovery using port scanning and HTTP heuristics to locate active MCP servers across IP ranges, then performs automated enumeration of exposed tools and resources. It supports both passive discovery and progressively intrusive probes so teams can gather metadata or exercise tools during penetration tests. Output is intended to produce actionable inventory data that helps surface which endpoints expose callable AI tools.

How reliable and actionable are its security findings?

The tool combines automated risk classification with behavioral checks, and it performs integrity verification using baseline pinning to detect unauthorized changes in tool definitions. It flags protocol-specific vectors such as schema poisoning, tool squatting, temporal rug-pulls, and exfiltration chains by analysing server responses and resource manifests. Accuracy depends on probe depth and server behavior, so high-risk findings require human verification before remediation.

Is it practical to install and embed in automation pipelines?

mcpmap is implemented in Rust, which gives a compact, performance-oriented binary suitable for scripted runs. Installation paths include Homebrew, Cargo, and Docker, and the developer provides a container image for headless environments. The app's JSON output option supports machine parsing and integration into CI/CD or monitoring systems, enabling scheduled audits and automated alerts within existing DevOps workflows.

Who should run intrusive probes, and where does it fit into workflows?

The intended audience includes security researchers, AI system architects, and DevOps engineers responsible for MCP deployments; the project is recognised within the MCP developer community as a critical utility. Default passive mode and the Tier 1 metadata-only probing level are appropriate for discovery on production networks. Higher tiers that invoke tools are intended for controlled penetration-testing environments and should not be run against unknown production services without authorization.

Practical for teams that embed automated MCP checks into audits

mcpmap is a pragmatic option for security teams that need repeatable discovery and flagging of risky MCP endpoints. Its findings supply signals suitable for automated monitoring and incident triage, but intrusive probes require controlled test environments and human review of high-risk results. Use the tool as part of an auditing pipeline to catch protocol-specific attack patterns, not as a sole oracle of system correctness.

  • Pros

    • Detects protocol-specific vulnerabilities like temporal rug-pulls and exfiltration chains
    • Integrity verification with baseline pinning spots unauthorized tool-definition changes
    • Installable via Homebrew, Cargo, and Docker for scripted deployments
    • Rust implementation yields compact, performance-focused binaries
  • Cons

    • Higher-tier active probes can be intrusive and need controlled environments
    • High-risk findings require human verification before remediation
    • Windows users need Cargo or Docker rather than a native package
 0/1

App specs

  • License

    Free

  • Version

    v0.1.1

  • Latest update

  • Platform

    MCP

  • Language

    English

  • Developer

Program available in other languages


Free Download for MCP

View an ad to download for free


User reviews about mcpmap

Have you tried mcpmap? Be the first to leave your opinion!

Add review

Latest articles

Laws concerning the use of this software vary from country to country. We do not encourage or condone the use of this program if it is in violation of these laws.