-
securityA
license-
qualityA threat intelligence aggregation server that provides unified access to multiple security sources for analyzing indicators (IPs, domains, hashes, URLs) with confidence scoring.
Last updated
6
MIT
Why this server?
This server is a direct match, explicitly functioning as a 'threat intelligence aggregation server' providing unified access to multiple security sources for analysis.
Why this server?
Provides access to the Shodan API, a critical resource for gathering threat intelligence and information about internet-connected devices and potential cyber threats.
AsecurityAlicense-qualityProvides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.Last updated2341MITWhy this server?
Enables querying the VirusTotal API, a key source for malware analysis and threat intelligence, allowing scans of URLs, file hashes, and IP addresses.
AsecurityAlicense-qualityA MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.Last updated1,671118MITWhy this server?
This server focuses on 'threat intelligence enrichment' by aggregating data from multiple third-party sources like VirusTotal and Shodan for security analysis.
-securityFlicense-qualityA Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.Last updated20Why this server?
Enables YARA rule-based threat analysis on files and URLs, which is a core function in identifying and classifying malware and gathering threat intelligence.
-securityAlicense-qualityA Model Context Protocol server that enables AI assistants to perform YARA rule-based threat analysis on files and URLs, supporting comprehensive rule management and detailed scanning results.Last updated22MITWhy this server?
Implements OSINT (Open Source Intelligence) reconnaissance tools, essential for gathering external threat intelligence related to domains, emails, and networks.
AsecurityAlicense-qualityEnables interaction with SpiderFoot OSINT reconnaissance tools through MCP, allowing users to manage scans, retrieve modules and event types, access scan data, and export results. Supports both starting new scans and analyzing existing reconnaissance data through natural language.Last updated10MITWhy this server?
Enables searching and retrieving information about security exploits and vulnerabilities from the Exploit Database, directly contributing to threat intelligence knowledge.
-securityAlicense-qualityA Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.Last updated19MITWhy this server?
Provides access to threat intelligence data from abuse.ch platforms (MalwareBazaar, URLhaus, ThreatFox) for comprehensive threat analysis.
-securityAlicense-qualityEnables querying threat intelligence data about files, URLs, IPs, and domains from multiple abuse.ch platforms (MalwareBazaar, URLhaus, and ThreatFox) through a unified API. Provides comprehensive security reports and threat analysis data for cybersecurity investigations.Last updated2MITWhy this server?
Exposes popular OSINT and reconnaissance tools (like Sherlock and SpiderFoot) for security research and threat intelligence gathering in sandboxed environments.
-security-license-qualityExposes popular OSINT and reconnaissance tools like Sherlock, SpiderFoot, and Holehe through MCP and HTTP APIs for AI assistants. Runs security research tools in sandboxed environments and returns normalized JSON results for investigation and analysis.Last updated1MIT