Server Enumeration and Replay
Attackers probe LLM-connected servers or replay tool calls to uncover internal services and abuse logic.
Definition
Server Enumeration and Replay is an attack on the execution layer of the Model Context Protocol (MCP). It occurs when attackers analyze agent traffic or directly interact with MCP tools to map internal capabilities, uncover sensitive endpoints, or replay valid requests. By observing agent-tool interactions or bypassing them entirely, attackers gather intelligence that can later be used for privilege escalation or data exfiltration.
This attack lives in the execution layer of the MCP model, where tool endpoints and agent behavior are exposed through invocation patterns and replayable context.
How MCP Security Helps
Akto detects enumeration and replay behavior by monitoring repeated access patterns to MCP tool endpoints. It identifies unauthorized scanning, probes, or replayed requests, and flags tools that respond inconsistently to the same inputs. Akto also simulates replay scenarios as part of its test suite to validate that tools enforce session-based controls and prevent unauthorized reuse of previous invocations.
