drio
Open app

Mythic MCP

Source

A simple POC to expose Mythic as a MCP server

Catalog onlyCatalog onlySTDIO

Overview

Mythic MCP is a proof of concept (POC) that exposes Mythic as a Managed Control Plane (MCP) server, allowing large language models (LLMs) to perform penetration testing on behalf of users.

To use Mythic MCP, you need to set up the MCP server with Claude Desktop by editing the claude_desktop_config.json file to include the server configuration and then start Claude Desktop.

  • Integration with Claude Desktop for easy deployment - Allows LLMs to emulate specific threat actors for pentesting - Customizable server configuration for various tasks
  1. Automating penetration testing tasks using LLMs.
  2. Emulating threat actors to test security measures.
  3. Conducting security assessments in a controlled environment.

Add to your AI client

Use these steps to connect Mythic MCP in Cursor, Claude, VS Code, and other MCP-compatible apps. The same JSON appears in the Use with menu above for one-click copy.

Cursor

Add this to your .cursor/mcp.json file in your project root, then restart Cursor.

.cursor/mcp.json

{
  "mcpServers": {
    "mythic-mcp-xpn": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

Claude Desktop

Add this server entry to the mcpServers object in your Claude Desktop config, then restart the app.

~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows)

{
  "mcpServers": {
    "mythic-mcp-xpn": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

Claude Code

Add this to your project's .mcp.json file. Claude Code will detect it automatically.

.mcp.json (project root)

{
  "mcpServers": {
    "mythic-mcp-xpn": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

VS Code (Copilot)

Add this to your .vscode/mcp.json file. Requires the GitHub Copilot extension with MCP support enabled.

.vscode/mcp.json

{
  "servers": {
    "mythic-mcp-xpn": {
      "type": "stdio",
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

Windsurf

Add this to your Windsurf MCP config file, then restart Windsurf.

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mythic-mcp-xpn": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

Cline

Open Cline settings, navigate to MCP Servers, and add this server configuration.

Cline MCP Settings (via UI)

{
  "mcpServers": {
    "mythic-mcp-xpn": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mythic-mcp-xpn"
      ]
    }
  }
}

FAQ

What are the requirements to run Mythic MCP?

You need `uv`, `python3`, and Claude Desktop or another MCP client.

Can I customize the tasks for the LLM?

Yes! You can provide any task description for the LLM to follow.

Is Mythic MCP suitable for production use?

This is a proof of concept and may not be suitable for production environments.

Research and data