Best Metasploit MCP Servers
Metasploit is a penetration testing framework that makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. It's maintained by the security company Rapid7 and widely used by security professionals for security testing.
Why this server?
Provides access to Metasploit exploit modules, including details on usage, targets, and source URLs. Allows querying exploits specifically from the Metasploit framework.
AlicenseAqualityAmaintenanceGives AI assistants access to the Exploit Intelligence Platform for vulnerability and exploit intelligence. Supports searching CVEs, exploits, and generating pentest findings.Last updated17MITWhy this server?
Provides access to Metasploit module intelligence, including exploit analysis and framework integration.
AlicenseAqualityBmaintenanceEnables AI assistants to search and analyze vulnerabilities and exploits from multiple intelligence sources, including NVD, CISA KEV, ExploitDB, Metasploit, and more, with tools for CVE research, exploit analysis, and report generation.Last updated17MITWhy this server?
Allows the use of the Metasploit Framework for security assessments and exploit development.
AlicenseAqualityDmaintenanceProvides an MCP interface to a full Kali Linux environment running in Docker, enabling AI assistants to execute security tools like nmap, sqlmap, and metasploit. It allows users to start/stop the container, run shell commands, and transfer files for security testing and educational purposes.Last updated773MITWhy this server?
Checks for available exploits in the Metasploit framework as part of the exploit availability assessment tool.
AlicenseAqualityDmaintenanceA Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.Last updated89MITWhy this server?
Provides tools for interacting with Metasploit Framework, including searching exploits and auxiliary modules, retrieving exploit details and payloads, managing database workspaces, viewing hosts and services, and running nmap scans with automatic result import.
AlicenseBqualityDmaintenanceEnables interaction with Metasploit Framework for authorized security testing, including exploit searches, payload management, network scanning with nmap, and database operations for penetration testing workflows.Last updated9MITWhy this server?
Allows interaction with the Metasploit exploitation framework via structured handoff, enabling AI agents to pass C2 state (listeners, beacons, sessions) between systems for coordinated adversary emulation operations.
AlicenseBqualityBmaintenanceA Model Context Protocol server for the Sliver C2 framework that exposes operator tools like listeners, implant generation, sessions, command execution, and file operations for LLM-driven adversary emulation.Last updated37MITWhy this server?
Enables execution of Metasploit modules for exploitation tasks via the 'metasploit_exec' tool.
Why this server?
Recommends Metasploit as a tool for exploitation steps in the attack chain, particularly for known vulnerabilities like EternalBlue (CVE-2017-0144).
AlicenseCqualityDmaintenanceAn AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.Last updated1MITWhy this server?
Integrates with Metasploit framework for automated exploit search, execution, and advanced penetration testing capabilities
AlicenseCqualityDmaintenanceAn automated penetration testing framework that enables intelligent security assessments through reconnaissance, vulnerability scanning, and controlled exploitation. Features AI-driven workflow management with comprehensive reporting for authorized security testing.Last updated2727BSD 3-Clause