Cyber Sentinel MCP Server

{ "name": "cyber-sentinel-mcp", "version": "0.1.0", "description": "A comprehensive threat intelligence aggregation MCP server that provides unified access to multiple threat intelligence sources for security analysis.", "author": { "name": "Zeng Junxiang", "email": "jx888jx888@gmail.com" }, "license": "MIT", "homepage": "https://github.com/jx888-max/cyber-sentinel-mcp", "repository": { "type": "git", "url": "https://github.com/jx888-max/cyber-sentinel-mcp.git" }, "keywords": [ "mcp", "threat-intelligence", "cybersecurity", "osint", "security-analysis", "virustotal", "abuseipdb", "shodan", "urlhaus" ], "categories": [ "security", "analysis", "intelligence", "osint" ], "language": "python", "runtime": { "python": ">=3.8" }, "installation": { "pip": "cyber-sentinel-mcp", "command": "python -m cyber_sentinel.server" }, "configuration": { "required_env_vars": [ "VIRUSTOTAL_API_KEY", "ABUSEIPDB_API_KEY" ], "optional_env_vars": [ "SHODAN_API_KEY", "URLHAUS_API_KEY" ], "example_config": { "claude_desktop": { "mcpServers": { "cyber-sentinel": { "command": "python", "args": ["-m", "cyber_sentinel.server"], "env": { "VIRUSTOTAL_API_KEY": "your_virustotal_key", "ABUSEIPDB_API_KEY": "your_abuseipdb_key" } } } }, "cursor": { "mcp.servers": { "cyber-sentinel": { "command": ["python", "-m", "cyber_sentinel.server"], "env": { "VIRUSTOTAL_API_KEY": "your_virustotal_key", "ABUSEIPDB_API_KEY": "your_abuseipdb_key" } } } } } }, "capabilities": { "tools": [ { "name": "analyze_indicator", "description": "Analyzes security indicators (IP, domain, hash, URL) across multiple threat intelligence sources", "parameters": { "indicator": { "type": "string", "description": "The security indicator to analyze (IP address, domain, file hash, or URL)" } }, "returns": { "type": "object", "description": "Comprehensive analysis results with reputation, confidence score, and detailed source data" } }, { "name": "check_api_status", "description": "Checks the configuration and status of all threat intelligence sources", "parameters": {}, "returns": { "type": "object", "description": "Status information for all configured threat intelligence APIs" } } ], "supported_indicators": [ "IPv4 addresses", "Domain names", "File hashes (MD5, SHA1, SHA256)", "URLs" ], "threat_intel_sources": [ "VirusTotal", "AbuseIPDB", "URLhaus", "Shodan" ] }, "features": [ "Multi-source threat intelligence aggregation", "Automatic indicator type detection", "Intelligent result aggregation with confidence scoring", "Async performance with concurrent processing", "Smart caching (1-hour TTL)", "Rate limiting (60 req/min default)", "Error recovery and graceful API failure handling", "Zero data storage for privacy", "Comprehensive logging and diagnostics" ], "use_cases": [ "Security incident response", "Threat hunting", "IOC analysis", "Malware research", "Network security monitoring", "OSINT investigations" ], "documentation": { "readme": "https://github.com/jx888-max/cyber-sentinel-mcp/blob/main/README.md", "usage_examples": "https://github.com/jx888-max/cyber-sentinel-mcp/blob/main/USAGE_EXAMPLES.md", "installation_guide": "https://github.com/jx888-max/cyber-sentinel-mcp/blob/main/llms-install.md" }, "support": { "issues": "https://github.com/jx888-max/cyber-sentinel-mcp/issues", "email": "jx888jx888@gmail.com" }, "tags": [ "threat-intelligence", "cybersecurity", "osint", "security-analysis", "mcp-server", "python" ] }