MalwareAnalyzerMCP

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault

No arguments

Schema

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Tools

Functions exposed to the LLM to take actions

NameDescription
shell_command

Execute a command in the terminal with timeout. Command will continue running in background if it doesn't complete within timeout.

read_output

Read output from a running or completed process.

file

Analyze a file and determine its type

Example usage:

  • Basic file identification: { "target": "suspicious.exe" }
  • With options: { "target": "suspicious.exe", "options": "-b" }
strings

Extract printable strings from a file

Example usage:

  • Basic strings extraction: { "target": "suspicious.exe" }
  • With minimum length: { "target": "suspicious.exe", "minLength": 10 }
  • With encoding: { "target": "suspicious.exe", "encoding": "l" }
hexdump

Display file contents in hexadecimal format

Example usage:

  • Standard hexdump: { "target": "suspicious.exe" }
  • With length limit: { "target": "suspicious.exe", "length": 256 }
  • With offset: { "target": "suspicious.exe", "offset": 1024 }
objdump

Display information from object files

Example usage:

  • Display file headers: { "target": "suspicious.o" }
  • Disassemble code: { "target": "suspicious.exe", "disassemble": true }
  • Show section headers: { "target": "suspicious.exe", "headers": true }
xxd

Create a hexdump with ASCII representation

Example usage:

  • Standard xxd dump: { "target": "suspicious.exe" }
  • With length limit: { "target": "suspicious.exe", "length": 256 }
  • With column formatting: { "target": "suspicious.exe", "cols": 16 }
  • Binary bits mode: { "target": "suspicious.exe", "bits": true }
ID: v6v1ohhw7v