AgentSploit – Burp Suite for AI Agents and MCP Servers) (github.com)

AgentSploit has launched as a specialized security framework aimed at testing vulnerabilities in AI agents and Model Context Protocol (MCP) servers, modeled after tools like Burp Suite and Metasploit. Designed specifically for the emerging attack surfaces associated with large language models (LLMs) and the use of agentic AI, this framework is a vital addition for red teamers, AI security researchers, and product security teams. Unlike traditional security tools which may not adequately assess these new vulnerabilities, AgentSploit offers a comprehensive suite of eleven modules that enable detailed security assessments, including checks for prompt injections, tool collisions, and memory poisoning across multiple interaction scenarios. This framework is significant for the AI/ML community as it prepares security professionals for the anticipated adoption of LLM agents and MCP servers by major companies by 2026. Key technical capabilities allow users to simulate complex attack vectors, verify potential exploit paths, and generate payloads designed to detect untrusted content handling in AI systems. AgentSploit emphasizes safe and authorized use, requiring explicit permission for testing targets, which reinforces the ethical and responsible development of AI technologies while enhancing their security posture against sophisticated threats.