#509: AI + Metasploit = Terrifyingly Easy Hacking is here (demo)

Sep 11, 2025

Kyle Winters, security practitioner who builds Metasploit integrations, demonstrates an AI-driven ethical-hacking lab. Short demos show an LLM linked to Metasploit via MCP automating recon, generating a risk report, and running exploits like VSFTPD, EternalBlue and UnrealIRCD. Conversations cover how this lowers barriers for red teams and what defenders should watch for.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

MCP Bridges LLMs To Real Tools

MCP (Model Context Protocol) can bridge LLMs to real tools like Metasploit to perform actions on systems.
Kyle Winters shows MCP translates natural language into tool commands, enabling AI-driven interactions with infrastructure.

ANECDOTE

Manual VSFTPD Exploit Demo

Kyle runs a VSFTPD backdoor exploit manually in Metasploit to get a root shell on a vulnerable host.
He demonstrates basic Metasploit commands and verifies root access before automating with Claude.

ANECDOTE

AI Executes VSFTPD And Writes File

Kyle connects Claude (LLM) via an MCP server to Metasploit and asks it to run the same VSFTPD exploit.
The AI runs the exploit, obtains a root shell, and creates a /tmp/bumble.txt file containing "Hello World."

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this ethical lab demo, David Bombal and Kyle Winters connect Claude (LLM) to Metasploit through an MCP (Model Context Protocol) server to automate real attacks. Watch AI perform recon, generate a risk report, and execute VSFTPD backdoor, EternalBlue (SMBv1), and UnrealIRCD—dropping benign files on Linux and Windows with simple prompts. Educational use only on intentionally vulnerable VMs. Do not attack systems you don’t own or lack permission to test. What you’ll see • How MCP bridges an AI to real tools (Metasploit RPC) • AI-driven scanning + auto security report (services, versions, risks) • Prompted exploits: VSFTPD, EternalBlue, UnrealIRCD • Why this lowers barriers for red teams—and what blue teams should do // Sponsored SEGMENT // Big thanks to Cisco for sponsoring this video. // Kyle Winters SOCIAL // LinkedIn: / kyle-m-winters Cisco Blogs:  https://blogs.cisco.com/author/kylewi... // Websites REFERENCE // MetasploitMCP by GH05TCREW: https://github.com/GH05TCREW/Metasplo... Kareem Iskander's MCP blogs: https://blogs.cisco.com/author/kareem... Cisco U.: https://u.cisco.com?ccid=cisco-u&dtid... // Video REFERENCE // MCP Demo using Pythong: • MCP Demo using Python, AI and a self heali... Brute Force SSH: • Brute Force SSH & Build a Honeypot Now (Hy... Hacking LLMs: • Hacking LLMs Demo and Tutorial (Explore AI... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // Menu // 0:00 - Coming up 0:58 - Disclaimer 01:00 - Introducing Metasploit MCP Server (by GH05TCREW) 03:01 - Metasploit MCP Demo 1 05:12 - Metasploit MCP Demo 2 10:59 - Metasploit MCP Demo 3 16:18 - Metasploit MCP Demo 4 19:15 - Metasploit MCP Demo 5 21:45 - How AI is changing cybersecurity 23:07 - Metasploit MCP Demo 5 continued 26:51 - Metasploit MCP server summary 28:00 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.