Cobalt Strike MCP Server - provides access to Cobalt Strike API operations

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for chatflowdev1208 from gravatar.com chatflowdev1208

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.8
Report project as malware

Project description

Cobalt Strike MCP Server

An MCP (Model Context Protocol) server that provides access to Cobalt Strike API operations.

Features

  • Automatic Authentication: Authenticates with Cobalt Strike API and manages bearer token
  • Dynamic Tool Generation: Automatically creates MCP tools from the OpenAPI specification
  • Full API Coverage: Exposes all Cobalt Strike API operations as MCP tools

Setup

  1. Install dependencies:
pip install -r requirements.txt
  1. Configure environment variables (copy .env.example to .env and edit):
cp .env.example .env
  1. Set your Cobalt Strike credentials:
export CS_BASE_URL="https://your-cs-server:50443"
export CS_USERNAME="your-username"
export CS_PASSWORD="your-password"
export CS_VERIFY_SSL="false"  # Set to "true" if using valid SSL cert

Usage

Running the Server

python server.py

Using with MCP Client

Add to your MCP client configuration (e.g., Claude Desktop):

{
  "mcpServers": {
    "cobalt-strike": {
      "command": "python",
      "args": ["/path/to/CS-MCP/server.py"],
      "env": {
        "CS_BASE_URL": "https://your-cs-server:50443",
        "CS_USERNAME": "your-username",
        "CS_PASSWORD": "your-password",
        "CS_VERIFY_SSL": "false"
      }
    }
  }
}

How It Works

  1. Authentication: On startup, the server authenticates with /api/auth/login and retrieves a bearer token
  2. API Client Initialization: Creates an HTTP client with the bearer token in the Authorization header
  3. OpenAPI Spec Loading: Fetches the OpenAPI specification from /v3/api-docs
  4. Tool Generation: Dynamically creates MCP tools for each API operation
  5. Request Handling: Routes tool calls to the appropriate API endpoints with proper authentication

Environment Variables

  • CS_BASE_URL: Base URL of the Cobalt Strike server
  • CS_USERNAME: Username for authentication (required)
  • CS_PASSWORD: Password for authentication (required)
  • CS_VERIFY_SSL: Whether to verify SSL certificates (default: false)

Security Notes

  • Store credentials securely (use environment variables, not hardcoded values)
  • Consider using SSL certificate verification in production (CS_VERIFY_SSL=true)
  • The bearer token is managed automatically and refreshed as needed

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for chatflowdev1208 from gravatar.com chatflowdev1208

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.8

Release history Release notifications | RSS feed

1.0.2

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1.tar.gz (27.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1-py3-none-any.whl (32.7 kB view details)

Uploaded Python 3

File details

Details for the file iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1.tar.gz.

File metadata

  • Download URL: iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1.tar.gz
  • Upload date:
  • Size: 27.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1.tar.gz
Algorithm Hash digest
SHA256 a395db0de7adc84439af87f8ba288328114b20e64c06efb7aa7a4322f79cc384
MD5 e337e82c76cae804fde7aeb9a89fcb23
BLAKE2b-256 e334ba431b81a05fd07780a95e506486ec8ebb8f35e5d38e9b3301a804e2cbba

See more details on using hashes here.

File details

Details for the file iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1-py3-none-any.whl.

File metadata

  • Download URL: iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1-py3-none-any.whl
  • Upload date:
  • Size: 32.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}

File hashes

Hashes for iflow_mcp_ibaic_cobalt_strike_mcp-1.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e94acbd1bbde06cfeb666c8efcd9976df93458caf0103d2a9df3b6b0074e5f2d
MD5 f6da96a33f2915809f0cddcc37ce3b86
BLAKE2b-256 82da6393972f0cf967a6a27a1ed14387fd5396a370c282b4f40e9d82e354ed74

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page