Model Context Protocol (MCP) Attacks

This workshop provides a deep dive into the Model Context Protocol (MCP) , an emerging protocol central to modern AI systems and a fresh, critical attack surface for security professionals. Participants will begin by building a solid foundation, exploring MCP's core architecture, lifecycle, and server capabilities like prompts, resources, and tools.

This foundational knowledge is immediately put into practice by implementing a fully functional MCP server and client from scratch, ensuring a comprehensive understanding from a developer's perspective.

With the perspective of a builder, the workshop pivots to an adversarial mindset. Participants will systematically uncover a new attack surface in the MCP server capabilities, including authentication weaknesses and a range of critical injection flaws. A dedicated module focuses on the practical tradecraft of automating these exploits over the Model Context Protocol.

The focus then shifts to the adversarial mindset of targeting MCP Clients. Here, you will learn how adversaries can weaponize MCP servers to perform a range of sophisticated attacks against MCP clients. Throughout the workshop, theory is reinforced with practical lab exercises and quizzes, ensuring participants leave with an offensive playbook and the practical skills required to discover and exploit real-world vulnerabilities in the next generation of AI infrastructure.

Who Should Enroll?

This workshop is ideal for:

• Penetration Testers & Red Teamers targeting modern AI infrastructures.
• Security Researchers focused on emerging AI attack surfaces and vulnerabilities.
• Application Security (AppSec) Professionals responsible for securing AI deployments.
• Developers & AI/ML Engineers aiming to build more resilient systems by understanding the adversarial mindset.