Mythic MCP server

This MCP server implementation for Mythic allows you to harness LLMs like Claude for automated penetration testing tasks. It serves as a bridge between the Mythic C2 framework and LLM assistants, enabling them to execute pentest operations on your behalf.

Installation Requirements

• Python 3
• uv (Python package manager)
• Claude Desktop (or another MCP-compatible client)

Setting Up the MCP Server

Configuration with Claude Desktop

To use this MCP server with Claude Desktop, you need to edit your Claude Desktop configuration file:

1. Locate your claude_desktop_config.json file
2. Add the MCP server configuration as shown below:

{
    "mcpServers": {
        "mythic_mcp": {
            "command": "/Users/xpn/.local/bin/uv",
            "args": [
                "--directory",
                "/full/path/to/mythic_mcp/",
                "run",
                "main.py",
                "mythic_admin",
                "mythic_admin_password",
                "localhost",
                "7443"
            ]
        }
    }
}

Make sure to replace /full/path/to/mythic_mcp/ with the actual path to where you've installed the Mythic MCP server files.

Connection Parameters

The configuration uses these key parameters:

• Username: mythic_admin
• Password: mythic_admin_password
• Host: localhost
• Port: 7443

You can customize these values as needed in the configuration.

Using Mythic MCP

Starting the Server

After configuration, launch Claude Desktop normally. The MCP server will be started automatically based on your configuration.

Example Prompts

You can task the LLM using natural language prompts that describe the penetration testing objectives. For example:

You are an automated pentester, tasked with emulating a specific threat actor. 
The threat actor is APT31. Your objective is: Add a flag to C:\win.txt on DC01. 
Perform any required steps to meet the objective, using only techniques documented by the threat actor.

Prompt Structure

Effective prompts typically include:

• A clear role definition for the LLM
• Specific threat actor to emulate (if applicable)
• Concrete objective(s) to accomplish
• Any constraints or specific techniques to use

The MCP server will handle translating these natural language instructions into actual Mythic commands and operations.

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.