MCP.so
登录

Red-team-mcp

@skjortan23

关于 Red-team-mcp

暂无概览

基本信息

分类

其他

运行时

python

传输方式

stdio

发布者

skjortan23

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "read-team-mcp-server": {
      "command": "python",
      "args": [
        "scripts/setup_exploits_db.py"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Red-team-mcp?

Red-team-mcp is a Model Context Protocol server that provides resources and tools for AI agents to use during red teaming exercises and security testing. It integrates with external security tools such as masscan, nuclei, SSH client, Metasploit RPC, and subfinder, and stores findings in a MongoDB database.

How to use Red-team-mcp?

Set up external dependencies (MongoDB, nuclei, masscan), populate the Metasploit exploits database using the provided scripts, and ensure the Metasploit RPC server is running. Then configure an MCP client to connect to the server, and use the available tools and resources for security testing tasks.

Key features of Red-team-mcp

  • High-speed port scanning via masscan integration
  • Vulnerability detection using Nuclei templates
  • SSH command execution and brute-force capabilities
  • Metasploit exploit database with fast search
  • Exploit execution against targets with payload configuration
  • Domain discovery using subfinder

Use cases of Red-team-mcp

  • Automated reconnaissance and open port discovery
  • Vulnerability scanning with customizable severity filters
  • Credential testing via SSH brute force
  • Searching and executing Metasploit exploits
  • Conducting red team exercises with an AI-driven agent

FAQ from Red-team-mcp

What external tools are required?

Red-team-mcp requires masscan, nuclei, a working SSH client, Metasploit Framework with its RPC server, subfinder, and a MongoDB instance on localhost.

How is the Metasploit exploit database set up?

Run python scripts/setup_exploits_db.py after ensuring MongoDB is running and Metasploit RPC is accessible. This pre-populates the database with all Metasploit exploits and their metadata.

How can I search for exploits?

Use the search_exploits_fast() tool with parameters like platform, CVE, rank, author, or keywords. Examples include search_exploits_fast(platform='windows', search_term='smb').

Where are scan results stored?

All scan findings and exploit metadata are stored in a MongoDB database, allowing fast querying and retrieval by the AI agent.

Does the server require authentication?

SSH tools use credential authentication. The Metasploit RPC connection uses a password configured in the server. No other authentication layer is described in the README.

评论

其他 分类下的更多 MCP 服务器