Mythic MCP

By xpn GitHub

A simple POC to expose Mythic as a MCP server

mythic_mcp mcp-server

Overview

what is Mythic MCP?

Mythic MCP is a proof of concept (POC) that exposes Mythic as a Managed Control Plane (MCP) server, allowing large language models (LLMs) to perform penetration testing on behalf of users.

how to use Mythic MCP?

To use Mythic MCP, you need to set up the MCP server with Claude Desktop by editing the claude_desktop_config.json file to include the server configuration and then start Claude Desktop.

key features of Mythic MCP?

Integration with Claude Desktop for easy deployment
Allows LLMs to emulate specific threat actors for pentesting
Customizable server configuration for various tasks

use cases of Mythic MCP?

Automating penetration testing tasks using LLMs.
Emulating threat actors to test security measures.
Conducting security assessments in a controlled environment.

FAQ from Mythic MCP?

What are the requirements to run Mythic MCP?

You need uv, python3, and Claude Desktop or another MCP client.

Can I customize the tasks for the LLM?

Yes! You can provide any task description for the LLM to follow.

Is Mythic MCP suitable for production use?

This is a proof of concept and may not be suitable for production environments.

Content

Mythic MCP

A quick MCP demo for Mythic, allowing LLMs to pentest on our behalf!

Requirements

uv
python3
Claude Desktop (or other MCP Client)

Usage with Claude Desktop

To deploy this MCP Server with Claude Desktop, you'll need to edit your claude_desktop_config.json to add the following:

{
    "mcpServers": {
        "mythic_mcp": {
            "command": "/Users/xpn/.local/bin/uv",
            "args": [
                "--directory",
                "/full/path/to/mythic_mcp/",
                "run",
                "main.py",
                "mythic_admin",
                "mythic_admin_password",
                "localhost",
                "7443"
            ]
        }
    }
}

Once done, kick off Claude Desktop. There are sample prompts to show how to task the LLM, but really anything will work along the lines of:

You are an automated pentester, tasked with emulating a specific threat actor. The threat actor is APT31. Your objective is: Add a flag to C:\win.txt on DC01. Perform any required steps to meet the objective, using only techniques documented by the threat actor.

No tools information available.

Image Generation MCP Server by MCP-Mirror

Mirror of

image-generation mcp-server

View Details

OLETools Secure MCP Server by pradeep895

Secure MCP server for analyzing Excel files with oletools

oletools mcp-server

View Details

BigQuery MCP server by MCP-Mirror

Mirror of

bigquery mcp-server

View Details

MCPHubs - Model Context Protocol Projects Hub by GiantClam

MCPHubs is a website that showcases projects related to Anthropic's Model Context Protocol (MCP)

mcp mcp-server

View Details

Dealx by DealExpress

dealx mcp-server

View Details

Google Analytics MCP Server by Kirill812

Google Analytics MCP server for accessing analytics data through tools and resources

google-analytics mcp-server

View Details

AWS Resources MCP Server by baryhuang

A Python-based MCP server that lets Claude run boto3 code to query and manage AWS resources. Execute powerful AWS operations directly through Claude with proper sandboxing and containerization. No need for complex setups - just pass your AWS credentials and start interacting with all AWS services.

aws mcp-server

View Details