Skip to main content
Glama
deenesjakoruzh

MalwareAnalyzerMCP

by abdessamad-elamrani
GitHub
JavaScript
2
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue
commands.js5.45 kB
/** * Malware Analysis Commands Configuration * * This file contains the configuration for specialized malware analysis commands. * Each command has a name, description, arguments schema, and optional help text. */ import { z } from 'zod'; /** * Base schema for all malware analysis commands * Common parameters that apply to most commands */ const baseCommandSchema = z.object({ target: z.string().min(1).describe("Target file or data to analyze"), options: z.string().optional().describe("Additional command-line options") }); /** * Command configuration object * Defines each specialized command with its parameters and description */ export const commands = { // File command - determine file type file: { name: 'file', description: 'Analyze a file and determine its type', schema: baseCommandSchema, buildCommand: (args) => { const options = args.options ? args.options : ''; return `file ${options} ${args.target}`; }, helpText: ` Example usage: - Basic file identification: { "target": "suspicious.exe" } - With options: { "target": "suspicious.exe", "options": "-b" } ` }, // Strings command - extract printable strings strings: { name: 'strings', description: 'Extract printable strings from a file', schema: baseCommandSchema.extend({ minLength: z.number().optional().describe("Minimum string length to display"), encoding: z.enum(['s', 'S', 'b', 'l', 'B', 'L']).optional().describe("String encoding (s=7-bit, S=8-bit, b=16-bit big-endian, l=16-bit little-endian, etc.)") }), buildCommand: (args) => { let options = args.options ? args.options : ''; if (args.minLength) { options += ` -n ${args.minLength}`; } if (args.encoding) { options += ` -e ${args.encoding}`; } return `strings ${options} ${args.target}`; }, helpText: ` Example usage: - Basic strings extraction: { "target": "suspicious.exe" } - With minimum length: { "target": "suspicious.exe", "minLength": 10 } - With encoding: { "target": "suspicious.exe", "encoding": "l" } ` }, // Hexdump command - display file contents in hex format hexdump: { name: 'hexdump', description: 'Display file contents in hexadecimal format', schema: baseCommandSchema.extend({ length: z.number().optional().describe("Number of bytes to display"), offset: z.number().optional().describe("Starting offset in the file") }), buildCommand: (args) => { let options = args.options ? args.options : '-C'; // Default to canonical hex+ASCII display if (args.length) { options += ` -n ${args.length}`; } if (args.offset) { options += ` -s ${args.offset}`; } return `hexdump ${options} ${args.target}`; }, helpText: ` Example usage: - Standard hexdump: { "target": "suspicious.exe" } - With length limit: { "target": "suspicious.exe", "length": 256 } - With offset: { "target": "suspicious.exe", "offset": 1024 } ` }, // Objdump command - display object file information objdump: { name: 'objdump', description: 'Display information from object files', schema: baseCommandSchema.extend({ disassemble: z.boolean().optional().describe("Disassemble executable sections"), headers: z.boolean().optional().describe("Display the contents of the section headers") }), buildCommand: (args) => { let options = args.options ? args.options : ''; if (args.disassemble) { options += ' -d'; } if (args.headers) { options += ' -h'; } // Default to displaying file headers if no specific options provided if (!options && !args.disassemble && !args.headers) { options = ' -f'; } return `objdump${options} ${args.target}`; }, helpText: ` Example usage: - Display file headers: { "target": "suspicious.o" } - Disassemble code: { "target": "suspicious.exe", "disassemble": true } - Show section headers: { "target": "suspicious.exe", "headers": true } ` }, // XXD command - hexdump with ASCII representation xxd: { name: 'xxd', description: 'Create a hexdump with ASCII representation', schema: baseCommandSchema.extend({ length: z.number().optional().describe("Number of bytes to display"), offset: z.number().optional().describe("Starting offset in the file"), cols: z.number().optional().describe("Format output into specified number of columns"), bits: z.boolean().optional().describe("Switch to bits (binary) dump") }), buildCommand: (args) => { let options = args.options ? args.options : ''; if (args.length) { options += ` -l ${args.length}`; } if (args.offset) { options += ` -s ${args.offset}`; } if (args.cols) { options += ` -c ${args.cols}`; } if (args.bits) { options += ' -b'; } return `xxd ${options} ${args.target}`; }, helpText: ` Example usage: - Standard xxd dump: { "target": "suspicious.exe" } - With length limit: { "target": "suspicious.exe", "length": 256 } - With column formatting: { "target": "suspicious.exe", "cols": 16 } - Binary bits mode: { "target": "suspicious.exe", "bits": true } ` } };

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/abdessamad-elamrani/MalwareAnalyzerMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server