Which integrations are available for this server?

Enables analysis of observables using GitHub engine through Cyberbro integration, allowing threat intelligence queries and security analysis of code repositories and developer activities. Enables analysis of observables using Google engine through Cyberbro integration, allowing threat intelligence queries and security analysis leveraging Google's threat data. Enables analysis of observables using VirusTotal engine through Cyberbro integration, allowing threat intelligence queries and reputation checks for IPs, domains, URLs, and file hashes.

How do I use Cyberbro MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Cyberbro MCP Server Scan 193.214.232.181 and summarize its threat reputation." That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

de en es ja ko ru zh

Cyberbro MCP Server

by stanfrbd

Overview Schema Related Servers Score Discussions

Python

Remote

mcp-cyberbro-demo

Model Context Protocol server for Cyberbro.

This project is packaged as a standard Python distribution and can be launched with:

uvx mcp-cyberbro
pip install mcp-cyberbro then mcp-cyberbro

Why this server

Analyze observables (IP, domain, URL, hash, etc.) via Cyberbro engines.
Integrate threat-analysis actions directly in MCP-capable assistants.
Run with stdio, sse, or streamable-http transports.
Compatible with any MCP client that supports one of these transports.

Installation

Use with `uvx` (standalone)

uvx mcp-cyberbro --cyberbro_url http://localhost:5000

Use with `pip`

pip install mcp-cyberbro
mcp-cyberbro --cyberbro_url http://localhost:5000

Local development

pip install -e .
mcp-cyberbro --cyberbro_url http://localhost:5000

Docker

Default container command starts in streamable-http mode on port 8000.

docker run --rm -p 8000:8000 \
  -e CYBERBRO_URL=http://host.docker.internal:5000 \
  ghcr.io/stanfrbd/mcp-cyberbro:latest

To force stdio transport:

docker run -i --rm \
  -e CYBERBRO_URL=http://host.docker.internal:5000 \
  ghcr.io/stanfrbd/mcp-cyberbro:latest \
  --transport stdio

Configuration

Copy .env.example and set at least:

CYBERBRO_URL (required)

Supported environment variables:

CYBERBRO_URL
API_PREFIX (default: api)
SSL_VERIFY (true/false)
MCP_TRANSPORT (stdio, sse, streamable-http)
MCP_HOST
MCP_PORT
MCP_MOUNT_PATH
MCP_SSE_PATH
MCP_STREAMABLE_HTTP_PATH

CLI flags are also available and override env values.

MCP Client Integration

You can use this server with Claude Desktop, Claude Code, Cursor, OpenAI-compatible MCP clients, or any other MCP client.

Example config using uvx:

{
  "mcpServers": {
    "cyberbro": {
      "command": "uvx",
      "args": ["mcp-cyberbro"],
      "env": {
        "CYBERBRO_URL": "http://localhost:5000"
      }
    }
  }
}

Example with Docker + stdio:

{
  "mcpServers": {
    "cyberbro": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "CYBERBRO_URL",
        "ghcr.io/stanfrbd/mcp-cyberbro:latest",
        "--transport",
        "stdio"
      ],
      "env": {
        "CYBERBRO_URL": "http://localhost:5000"
      }
    }
  }
}

Usage in VSCode - Example

Create .vscode/mcp.json

{
	"servers": {
		"mcp-cyberbro": {
			"type": "stdio",
			"command": "uvx",
			"args": [
				"mcp-cyberbro"
			],
			"env": {
				"CYBERBRO_URL": "http://127.0.0.1:5000"
			}
		}
	}
}

MCP Registry Metadata

server.json is included for MCP Registry publication and points to PyPI package mcp-cyberbro.

Release Pipelines

Release-created workflows:

.github/workflows/publish-test-pypi.yml
.github/workflows/publish-pypi.yml
.github/workflows/publish-mcp-plugin.yml

Available Tools

analyze_observable
is_analysis_complete
get_analysis_results
get_engines
get_web_url

Example Prompts

Here are practical prompt examples you can use with any MCP-capable assistant connected to Cyberbro.

Getting Indicator Details

Cyberbro: Check indicators for target.com
Can you check this IP reputation with Cyberbro? 192.168.1.1. Use github, google and virustotal engines.
I want to analyze the domain example.com. What can Cyberbro tell me about it? Use max 3 engines.
Analyze these observables with Cyberbro: suspicious-domain.com, 8.8.8.8, and 44d88612fea8a8f36de82e1278abb02f. Use all available engines.

Observable Analysis

I found this (hash|domain|url|ip|extension). Can you submit it for analysis to Cyberbro and analyze the results?

OSINT Investigation

Create an OSINT report for the domain example.com using Cyberbro. Use all available engines and pivot on the results for more information. Use a maximum of 10 analysis requests.

Acknowledgements

License

MIT

Install Server

security – no known vulnerabilities

license - permissive license

quality - not tested

How are these scores calculated?

Resources

GitHub Repository

Need Help?

Reddit Discussion

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Tools

analyze_observableB

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/stanfrbd/mcp-cyberbro'

If you have feedback or need assistance with the MCP directory API, please join our Discord server