Pymetasploit3
FreeNot checkedEnables interaction with Metasploit Framework via the msfrpc protocol, exposing tools for module management, session control, and exploitation through MCP.
About
Enables interaction with Metasploit Framework via the msfrpc protocol, exposing tools for module management, session control, and exploitation through MCP.
README
MCP server for Metasploit Framework via pymetasploit3. This server exposes all pymetasploit3 functionality as MCP tools, allowing LLMs to interact with Metasploit Framework through the msfrpc protocol.
Install
pip install mcp-pymetasploit3
MCP Server Configuration
{
"mcpServers": {
"mcp-pymetasploit3": {
"command": "mcp-pymetasploit3",
"env": {}
}
}
}
Usage
Starting Metasploit RPC Server
Before using the MCP server, you need to start the Metasploit RPC server:
Using msfrpcd:
msfrpcd -P yourpassword -p 55553 -n
Using msfconsole:
msfconsole -q
msf6 > load msgrpc Pass=yourpassword
MCP Tools
Once connected, the following tools are available:
Connection Management
connect- Connect to Metasploit RPC serverdisconnect- Disconnect from RPC serverget_client_info- Get current connection status
Module Management
list_modules- List available modules by typeuse_module- Load a specific moduleget_module_info- Get module description and infoget_module_options- Get all module optionsset_module_option- Set a module optionget_missing_required- Get required options not setexecute_module- Execute a moduleget_module_targets- Get available targetsset_module_target- Set the targetget_target_payloads- Get compatible payloads
Payload Generation
generate_payload- Generate a payload
Session Management
list_sessions- List all active sessionsget_session_info- Get session informationinteract_session- Write/read from sessionsession_run_command- Run command with outputstop_session- Stop a session
Console Management
create_console- Create a new consoledestroy_console- Destroy a consolewrite_console- Write to consoleread_console- Read console outputconsole_is_busy- Check if console is busyrun_module_output- Execute module and get output
Core/Framework
get_framework_version- Get framework versioncore_save- Save core statecore_reload_modules- Reload modulescore_set_global- Set global variablecore_unset_global- Unset global variable
Database
get_db_status- Get database statusdb_list_workspaces- List workspacesdb_set_workspace- Set current workspacedb_list_hosts- List hostsdb_list_services- List servicesdb_list_notes- List notesdb_list_creds- List credentialsdb_list_vulns- List vulnerabilities
Jobs
list_jobs- List running jobsstop_job- Stop a jobget_job_info- Get job information
Plugins
list_plugins- List loaded pluginsload_plugin- Load a pluginunload_plugin- Unload a plugin
Search
search_modules- Search for modulesget_module_references- Get module references
Example
# Connect to Metasploit
connect(password="yourpassword", host="127.0.0.1", port=55553, ssl=False)
# List exploits
exploits = list_modules("exploit")
# Use an exploit
use_module("exploit", "unix/ftp/vsftpd_234_backdoor")
# Set options
set_module_option("exploit", "unix/ftp/vsftpd_234_backdoor", "RHOSTS", "192.168.1.100")
# Execute
result = execute_module("exploit", "unix/ftp/vsftpd_234_backdoor", payload="cmd/unix/interact")
# List sessions
sessions = list_sessions()
# Interact with session
output = interact_session("1", "whoami")
# Disconnect
disconnect()
Development
git clone https://github.com/daedalus/mcp-pymetasploit3.git
cd mcp-pymetasploit3
pip install -e ".[test]"
# run tests
pytest
# format
ruff format src/ tests/
# lint
ruff check src/ tests/
# type check
mypy src/
mcp-name: io.github.daedalus/mcp-pymetasploit3
Install Pymetasploit3 in Claude Desktop, Claude Code & Cursor
unyly install mcp-pymetasploit3Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add mcp-pymetasploit3 -- uvx mcp-pymetasploit3FAQ
Is Pymetasploit3 MCP free?
Yes, Pymetasploit3 MCP is free — one-click install via Unyly at no cost.
Does Pymetasploit3 need an API key?
No, Pymetasploit3 runs without API keys or environment variables.
Is Pymetasploit3 hosted or self-hosted?
A hosted option is available: Unyly runs the server in the cloud, no local setup required.
How do I install Pymetasploit3 in Claude Desktop, Claude Code or Cursor?
Open Pymetasploit3 on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Pymetasploit3 with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
