Metasploit is a penetration testing framework that makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. It's maintained by the security company Rapid7 and widely used by security professionals for security testing.
Provides an MCP interface to a full Kali Linux environment running in Docker, enabling AI assistants to execute security tools like nmap, sqlmap, and metasploit. It allows users to start/stop the container, run shell commands, and transfer files for security testing and educational purposes.
Last updated
7
7
3
MIT
Why this server?
Checks for available exploits in the Metasploit framework as part of the exploit availability assessment tool.
A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
Last updated
8
9
MIT
Why this server?
Provides tools for interacting with Metasploit Framework, including searching exploits and auxiliary modules, retrieving exploit details and payloads, managing database workspaces, viewing hosts and services, and running nmap scans with automatic result import.
Enables interaction with Metasploit Framework for authorized security testing, including exploit searches, payload management, network scanning with nmap, and database operations for penetration testing workflows.
Last updated
9
MIT
Why this server?
Provides access to Metasploit's msfvenom payload generator for creating custom exploit payloads in various formats.
Enables AI assistants to perform authorized penetration testing and security assessments by exposing 20+ Kali Linux security tools (nmap, sqlmap, gobuster, hydra, etc.) through a safe, validated interface with command allowlists, rate limiting, and input sanitization.
Last updated
19
Why this server?
Recommends Metasploit as a tool for exploitation steps in the attack chain, particularly for known vulnerabilities like EternalBlue (CVE-2017-0144).
An AI-powered penetration testing reasoning engine that provides automated attack path planning, step-by-step guidance for CTFs/HTB challenges, and tool recommendations using Beam Search and MCTS algorithms.
Last updated
1
MIT
Why this server?
Integrates reconnaissance and exploitation workflows for security testing, including service detection, vulnerability validation, and exploit execution with safety controls
Provides security assessment methodology, tool documentation, and step-by-step workflows to guide AI agents through vulnerability scanning, static analysis, and penetration testing of applications and URLs.
Last updated
1
MIT
Why this server?
Allows running Metasploit penetration testing commands in non-interactive mode, supporting security testing and exploitation workflows without entering interactive command mode.
A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
Last updated
5
53
Why this server?
Provides tools to interact with the Metasploit Framework, enabling tasks such as searching and running exploits, managing active sessions, generating payloads, and controlling listeners for security testing workflows.
Bridges large language models with the Metasploit Framework to enable natural language control over penetration testing workflows. It provides tools for searching modules, executing exploits, generating payloads, and managing active sessions.
Last updated
Apache 2.0
Why this server?
Simulates exploitation tool outputs from the Metasploit Framework to provide realistic training data for penetration testing workflows.
An offensive security dataset generator that creates high-quality, multi-turn penetration testing conversation datasets for fine-tuning security-focused LLMs. It enables users to generate realistic pentesting workflows featuring chain-of-thought reasoning, tool outputs, and over 45 diverse attack scenarios.