MCP.so
Sign In

Metasploit MCP Server

@xcape-inc

About Metasploit MCP Server

Metasploit MCP Server

Basic information

Category

Other

Runtime

python

Transports

stdio

Publisher

xcape-inc

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "chatsploit-mpc": {
      "command": "uv",
      "args": [
        "pip",
        "install",
        "-r",
        "requirements.txt"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Metasploit MCP Server?

It is an MCP server that provides a standardized interface for AI models to interact with the Metasploit Framework through Python. It enables module management, module execution, and session management via Metasploit's RPC (MSFRPC).

How to use Metasploit MCP Server?

Install Python 3.12+, Metasploit with MSFRPC enabled, and uv. Clone the repository and run uv pip install -r requirements.txt. Create a .env file with RPC credentials and host/port settings. Start msfrpcd with the appropriate password, then launch the server using uv --directory <path> run python main.py --role viewer.

Key features of Metasploit MCP Server

  • List, search, and get details on Metasploit modules
  • Execute modules with custom options
  • Get and set module options
  • List and inspect active sessions
  • Write data to and read data from sessions
  • Run commands in sessions

Use cases of Metasploit MCP Server

  • AI-assisted penetration testing using Metasploit modules
  • Automated module selection and execution
  • Remote session management via AI agents
  • Integration of Metasploit into LLM-driven security workflows

FAQ from Metasploit MCP Server

What are the runtime requirements?

Python 3.12 or higher, the Metasploit Framework with MSFRPC enabled, and the uv package installer.

How do I configure the connection to Metasploit?

Create a .env file with MSF_RPC_USERNAME, MSF_RPC_PASSWORD, MSF_RPC_HOST, MSF_RPC_PORT, and MSF_RPC_SSL.

What transport does the server use to communicate with Metasploit?

It uses Metasploit's RPC (MSFRPC) over TCP, defaulting to localhost port 55553 with optional SSL.

Is authentication required?

Yes, the RPC username and password must be set in the .env file and match those used when starting msfrpcd.

Comments

More Other MCP servers