Metasploit

v1.0.0Securitystable

Bridges large language models with the Metasploit Framework to enable natural language control over penetration testing workflows. It provides tools for searching modules, executing exploits, generating payloads, and managing active sessions.

metasploit-mcp-servermcpai-integration
Share:
620
Stars
0
Downloads
0
Weekly
0/5

What is Metasploit?

Metasploit is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to bridges large language models with the metasploit framework to enable natural language control over penetration testing workflows. it provides tools for searching modules, executing exploits, generati...

Bridges large language models with the Metasploit Framework to enable natural language control over penetration testing workflows. It provides tools for searching modules, executing exploits, generating payloads, and managing active sessions.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Bridges large language models with the Metasploit Framework

Use Cases

Control Metasploit Framework through natural language penetration testing commands. Search and execute exploits and generate payloads. Manage active sessions and coordinate attacks using AI agents.
GH05TCREW

Maintainer

LicenseApache 2.0
Languagepython
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx metasploit-mcp-server

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Metasploit

The Metasploit MCP Server bridges large language models with the Metasploit Framework via its RPC daemon (msfrpcd), enabling natural language control over penetration testing workflows. It exposes tools for searching exploit and payload modules, running exploits and auxiliary modules, generating payloads with msfvenom-style options, managing active sessions, and controlling multi-handler listeners. Security professionals and penetration testers use it to accelerate assessments by describing attacks in plain language and letting the AI orchestrate the underlying Metasploit operations — while keeping full auditability of every action taken.

Prerequisites

  • Metasploit Framework installed (metasploit-framework package or Kali Linux)
  • Python 3.8 or later with pip
  • msfrpcd running and accessible (local or remote)
  • An MCP-compatible AI client such as Claude Desktop or Claude Code
  • Authorization to perform penetration testing on the target systems (legal requirement)
1

Start the Metasploit RPC daemon

Launch msfrpcd with a password and bind it to localhost. The -S flag disables SSL for local testing; enable SSL in production environments.

msfrpcd -P yourpassword -S -a 127.0.0.1 -p 55553
2

Clone the repository and install Python dependencies

Clone the MetasploitMCP repository and install the required Python packages.

git clone https://github.com/GH05TCREW/MetasploitMCP.git
cd MetasploitMCP
pip install -r requirements.txt
3

Configure connection environment variables

Set the MSF_PASSWORD environment variable (required) and optionally override the host, port, and SSL settings to match your msfrpcd configuration.

export MSF_PASSWORD=yourpassword
export MSF_SERVER=127.0.0.1
export MSF_PORT=55553
export MSF_SSL=false
export PAYLOAD_SAVE_DIR=~/payloads
4

Start the MCP server

Run MetasploitMCP.py in stdio mode (for Claude Desktop) or HTTP mode (for remote access).

# stdio mode for Claude Desktop:
python MetasploitMCP.py --transport stdio

# HTTP mode for remote access:
python MetasploitMCP.py --transport http --host 0.0.0.0 --port 8085
5

Add the server to your MCP client configuration

Register the Metasploit MCP server in claude_desktop_config.json with the required environment variables.

{
  "mcpServers": {
    "metasploit": {
      "command": "python",
      "args": ["/path/to/MetasploitMCP/MetasploitMCP.py", "--transport", "stdio"],
      "env": {
        "MSF_PASSWORD": "yourpassword",
        "MSF_SERVER": "127.0.0.1",
        "MSF_PORT": "55553",
        "MSF_SSL": "false",
        "PAYLOAD_SAVE_DIR": "/Users/you/payloads"
      }
    }
  }
}

Metasploit Examples

Client configuration

claude_desktop_config.json entry for the Metasploit MCP server connecting to a local msfrpcd instance.

{
  "mcpServers": {
    "metasploit": {
      "command": "python",
      "args": ["/opt/MetasploitMCP/MetasploitMCP.py", "--transport", "stdio"],
      "env": {
        "MSF_PASSWORD": "yourpassword",
        "MSF_SERVER": "127.0.0.1",
        "MSF_PORT": "55553",
        "MSF_SSL": "false",
        "PAYLOAD_SAVE_DIR": "/home/user/payloads"
      }
    }
  }
}

Prompts to try

Natural language prompts for controlling Metasploit operations through the MCP server.

- "Search for EternalBlue SMB exploits and run ms17-010-eternalblue against 192.168.1.100"
- "Generate a Windows 64-bit reverse TCP payload for LHOST 192.168.1.10 on port 4444 and save it"
- "List all active sessions and run the whoami command on session 1"
- "Start a multi-handler listener for a windows/x64/meterpreter/reverse_tcp payload on port 4444"
- "Run the post-exploitation module to enumerate logged-on users from session 2"

Troubleshooting Metasploit

Connection refused when the MCP server tries to reach msfrpcd

Confirm msfrpcd is running with 'ps aux | grep msfrpcd'. Check that MSF_SERVER and MSF_PORT match the -a and -p flags you used when starting msfrpcd. If SSL is enabled in msfrpcd, set MSF_SSL=true.

Authentication failed with the MSF RPC daemon

The MSF_PASSWORD must exactly match the password passed to msfrpcd with the -P flag. Restart msfrpcd with a known password and update the MSF_PASSWORD environment variable accordingly.

run_exploit returns an error about the module not being found

Use list_exploits first to find the exact module path (e.g. exploit/windows/smb/ms17_010_eternalblue). Module paths are case-sensitive and must use underscores, not hyphens.

Frequently Asked Questions about Metasploit

What is Metasploit?

Metasploit is a Model Context Protocol (MCP) server that bridges large language models with the metasploit framework to enable natural language control over penetration testing workflows. it provides tools for searching modules, executing exploits, generating payloads, and managing active sessions. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Metasploit?

Follow the installation instructions on the Metasploit GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Metasploit?

Metasploit works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Metasploit free to use?

Yes, Metasploit is open source and available under the Apache 2.0 license. You can use it freely in both personal and commercial projects.

Metasploit Alternatives — Similar Security Servers

Looking for alternatives to Metasploit? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "metasploit-mcp-server": { "command": "npx", "args": ["-y", "metasploit-mcp-server"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Metasploit?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides