shield_lock
JinDaGe
Contact
Back to MCP directory
publicPublicdnsLocal runtime

mythic_mcp

一个演示服务器,它通过与Mythic C2框架接口,允许大型语言模型自主执行渗透测试任务。

article

README

Mythic MCP

A quick MCP demo for Mythic, allowing LLMs to pentest on our behalf!

Requirements

  1. uv
  2. python3
  3. Claude Desktop (or other MCP Client)

Usage with Claude Desktop

To deploy this MCP Server with Claude Desktop, you'll need to edit your claude_desktop_config.json to add the following:

{
    "mcpServers": {
        "mythic_mcp": {
            "command": "/Users/xpn/.local/bin/uv",
            "args": [
                "--directory",
                "/full/path/to/mythic_mcp/",
                "run",
                "main.py",
                "mythic_admin",
                "mythic_admin_password",
                "localhost",
                "7443"
            ]
        }
    }
}

Once done, kick off Claude Desktop. There are sample prompts to show how to task the LLM, but really anything will work along the lines of:

You are an automated pentester, tasked with emulating a specific threat actor. The threat actor is APT31. Your objective is: Add a flag to C:\win.txt on DC01. Perform any required steps to meet the objective, using only techniques documented by the threat actor.
help

Runtime guide

cloud

Hosted runtime

Hosted servers run from a provider-managed environment. You usually connect the MCP client to the hosted endpoint or follow the provider's authorization flow, without keeping a local process alive

  1. Open provider connection page
  2. Authorize or copy endpoint
  3. Connect from your MCP client
terminal

Local runtime / other methods

Local servers run on your own machine or infrastructure. You normally copy the server_config into your MCP client, install the required package, and provide env variables from env_schema when needed

  1. Copy server_config
  2. Install required package
  3. Fill env variables and restart client