Metasploit MCP Server
@GH05TCREW
About Metasploit MCP Server
MCP Server for Metasploit
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"MetasploitMCP": {
"command": "python",
"args": [
"MetasploitMCP.py",
"--transport",
"http"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Metasploit MCP Server?
A Model Context Protocol (MCP) server that bridges large language models like Claude with the Metasploit Framework penetration testing platform. It provides standardized tools for dynamically accessing and controlling Metasploit functionality through natural language, enabling automated security testing workflows.
How to use Metasploit MCP Server?
Install dependencies with pip install -r requirements.txt, start the Metasploit RPC service (msfrpcd), then run MetasploitMCP.py. The server supports two transports: HTTP/SSE (default) for most MCP clients, or STDIO for Claude Desktop integration. Configure environment variables for MSF_PASSWORD and optionally MSF_SERVER, MSF_PORT, MSF_SSL, and PAYLOAD_SAVE_DIR.
Key features of Metasploit MCP Server
- Search and list exploit, payload, and auxiliary modules
- Execute exploits, auxiliary, and post-exploitation modules
- Generate payload files and save them locally
- List, manage, and terminate active sessions
- Start, list, and stop listeners and background jobs
Use cases of Metasploit MCP Server
- Conduct automated penetration testing with AI-driven exploit selection and execution
- Quickly search for relevant Metasploit modules during security assessments
- Perform post-exploitation enumeration (e.g., logged-on users, system info)
- Generate and deliver custom payloads for reverse connections
- Manage reverse handlers and active sessions through a conversational interface
FAQ from Metasploit MCP Server
What are the prerequisites to run Metasploit MCP Server?
You need Metasploit Framework installed with msfrpcd running, Python 3.10 or higher, and the required Python packages from requirements.txt.
How do I configure authentication?
Set the MSF_PASSWORD environment variable to match the password used when starting msfrpcd with the -P flag.
What transport options are available?
The server supports HTTP/SSE (Server-Sent Events) for most MCP clients and STDIO for Claude Desktop integration. Use the --transport flag to select.
Where are generated payloads saved?
By default, payloads are saved to a payloads directory in the user's home folder (~/payloads). This can be overridden with the PAYLOAD_SAVE_DIR environment variable.
Is Metasploit MCP Server safe for production networks?
The README includes a strong security warning: this tool provides direct access to exploitation features and should only be used in environments where explicit permission for security testing has been granted.
More Other MCP servers
Mcp
browsermcpBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
Codelf
unbugA search tool helps dev to solve the naming things problem.
Awesome Mcp Servers
punkpeyeA collection of MCP servers.
Activepieces
activepiecesAI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
Blender
ahujasidOpen-source MCP to use Blender with any LLM
Comments