This hands-on course takes you from zero MCP knowledge to confidently building and attacking MCP servers. Whether you’re a developer securing AI systems or a security professional hunting for vulnerabilities, this course gives you the practical skills you need.
No complex setup required – all labs run in Docker containers with step-by-step guidance. Join thousands of students already learning to secure the next generation of AI infrastructure.
In Section 1, you’ll build a solid foundation by creating your first MCP server in Python using the FastMCP SDK. You’ll understand the client-server architecture, learn the difference between local and remote MCP servers, and integrate your server with Claude Desktop. By the end, you’ll know how to expose tools, resources, and prompts to AI models – and more importantly, you’ll understand where things can go wrong.
In Section 2, you shift to an attacker’s mindset. Through practical labs running in Docker, you’ll exploit real vulnerabilities including:
– Server-Side Request Forgery (SSRF) – Abuse URL fetching tools to access internal resources, and bypass common protections using redirect chains
– Confused Deputy attacks – Exploit broken authorization when MCP servers have overly broad access to backend services
– Prompt Injection – Manipulate AI-generated SQL queries to access unauthorized data, with a real-world case study of Google Antigravity credential exfiltration
– Directory Traversal and Information Disclosure – Extract sensitive files through misconfigured MCP resources.
