How do I use MCP Smuggler?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@MCP Smuggler scan https://example.com/api for smuggling vulnerabilities" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

mcpsmuggler

FastMCP wrapper for the Smuggler HTTP Request Smuggling scanner, packaged for Render via Docker.

What this does

Exposes an MCP server with a single tool: do_smuggler
Runs the Smuggler CLI (smuggler -u <url> ...) inside the container
Uses SSE transport on /mcp (FastMCP default)

Running locally

git clone https://github.com/ozgurozkan123/mcpsmuggler.git
cd mcpsmuggler
python -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
python server.py  # starts on http://0.0.0.0:8000/mcp

Render deployment (Docker)

Render will auto-detect the Dockerfile:

Runtime: Docker
Exposed port: PORT env (Render sets this)
Start command: handled by Dockerfile (python server.py)

If using Render UI:

Create a Web Service
Connect this repo and choose Docker
Leave root directory empty, Dockerfile path = Dockerfile
No build/start commands needed

MCP client config examples

{
  "mcpServers": {
    "mcpsmuggler": {
      "url": "https://<your-render-url>/mcp"
    }
  }
}

This server cannot be installed

-

security - not tested

F

license - not found

-

quality - not tested

How are these scores calculated?

Resources

GitHub Repository

Need Help?

Report Issue

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

MCP Smuggler