Post-Exploitation tmux MCP Server

Post-Exploitation tmux MCP Server

Exposes tmux features to AI agents for managing sessions, windows, and panes with built-in command execution. It includes comprehensive guardrails to prevent destructive system operations, file deletions, and unauthorized network changes.

Category
Visit Server

README

๐Ÿ–ฅ๏ธ Post-Exploitation tmux MCP Server

A MCP server that exposes essential tmux features as MCP tools โ€” giving AI agents a terminal multiplexer for post-exploitation operations, with built-in guardrails that block destructive commands.

โœจ Tools (14)

Category Tools Description
Sessions 3 Create, list, kill
Windows 3 Create, list, kill
Panes 3 Split, list, kill
Command Execution 3 execute_command, send_keys, capture_pane โ€” all guarded
Utility 2 validate_command_safety, kill_server

๐Ÿ›ก๏ธ Guardrails

Every command sent through execute_command or send_keys is validated before execution. The guardrails block:

  • File destruction โ€” rm -rf /, shred, wipefs
  • Disk operations โ€” mkfs, dd if=, fdisk, parted
  • Fork bombs โ€” :(){ :|:& };:
  • System shutdown โ€” shutdown, reboot, halt, init 0/6
  • Critical process killing โ€” kill -9 1, killall -9
  • Permission bombs โ€” chmod -R 777 /
  • Dangerous redirects โ€” > /etc/passwd, > /etc/shadow
  • Network destruction โ€” iptables -F
  • Log tampering โ€” > /var/log/, history -c
  • Obfuscated execution โ€” curl ... | sh, base64 -d | sh

๐Ÿ“ฆ Installation

cd Post-Exploitation
pip install -r requirements.txt

Prerequisite: tmux must be installed on the target machine.

๐Ÿš€ Usage

Run the MCP server

python server.py

Test with the interactive client

python client.py

The client connects to server.py via stdio, lists available tools, and gives you an interactive REPL to call them.

Connect from an MCP client (e.g. AI agent)

{
  "mcpServers": {
    "post-exploitation-tmux": {
      "command": "python3",
      "args": ["path/to/Post-Exploitation/server.py"]
    }
  }
}

๐Ÿ”ง Tool Reference

Sessions

Tool Description
create_session(name, window_name?) Create a new detached session
list_sessions() List all sessions
kill_session(name) Destroy a session

Windows

Tool Description
create_window(session, name?) Create a new window
list_windows(session) List windows
kill_window(session, index) Kill a window

Panes

Tool Description
split_pane(session, window, direction?) Split pane vertically/horizontally
list_panes(session, window) List panes with command & PID
kill_pane(session, window, pane) Kill a pane

Command Execution (Guarded)

Tool Description
execute_command(session, window, pane, command) Run a command (guardrail-checked)
send_keys(session, window, pane, keys, press_enter?) Send keystrokes (guarded if Enter)
capture_pane(session, window, pane, start?, end?) Read pane output (trailing blanks stripped)

Utility

Tool Description
validate_command_safety(command) Pre-check a command without executing
kill_server() Kill the tmux server (destroys all sessions)

๐Ÿ“‚ Project Structure

Post-Exploitation/
โ”œโ”€โ”€ server.py            # FastMCP server โ€” 14 tools
โ”œโ”€โ”€ tmux_wrapper.py      # Thin Python wrapper around tmux CLI
โ”œโ”€โ”€ guardrails.py        # Command validation & safety checks
โ”œโ”€โ”€ client.py            # Interactive MCP test client
โ”œโ”€โ”€ test_guardrails.py   # Guardrails unit tests
โ”œโ”€โ”€ requirements.txt     # Python dependencies
โ””โ”€โ”€ README.md            # This file

๐Ÿงช Testing

Run guardrail tests

python test_guardrails.py

Test MCP tools interactively

python client.py

โš ๏ธ Disclaimer

This tool is intended for authorized penetration testing and security research only. Unauthorized use against systems you do not own or have explicit permission to test is illegal.

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured