Metasploit MCP Server

metasploitmcp is a specialized server implementation that provides Model Context Protocol (MCP) integration for the Metasploit Framework. It serves as a bridge between MCP clients and Metasploit's exploitation capabilities, allowing for programmatic control and interaction with Metasploit modules through standardized MCP transport protocols.

The tool supports both HTTP-based Server-Sent Events (SSE) and direct stdio pipe transports, making it versatile for different deployment scenarios such as local development or networked AI agent integrations. This enables automated exploitation workflows where AI models or MCP-compatible clients can dynamically invoke Metasploit payloads, modules, and sessions.

Primary use cases include enhancing AI-driven penetration testing pipelines, integrating Metasploit into Model Context Protocol ecosystems, and providing a lightweight server for remote exploitation management. The server is optimized for Kali Linux environments with minimal dependencies focused on Python FastAPI and pymetasploit3.

metasploitmcp operates as an MCP-compliant server using Python FastAPI and Uvicorn for HTTP transport (SSE) or direct stdio piping. It leverages the pymetasploit3 library to interface directly with Metasploit Framework RPC, translating MCP requests into Metasploit console commands, module executions, and session management. The server binds to configurable host/port (default 127.0.0.1:8085+), auto-detects available ports, and supports development reload capabilities. MCP clients connect via standardized protocol to issue commands like searching exploits, launching payloads, or managing sessions through the streamlined interface.