MalwareBazaar MCP

Interface with Malware Bazaar to get real-time threat intelligence and sample metadata for cybersecurity research.

MalwareBazaar_MCP

An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.

MCP Tools

`get_recent`: Get up to 10 most recent samples from MalwareBazaar.

`get_info`: Get detailed metadata about a specific malware sample.

`get_file`: Download a malware sample from MalwareBazaar.

`get_taginfo`: Get malware samples associated with a specific tag.

Step 1: Create a MalwareBazaar APIKEY

https://auth.abuse.ch/user/me

Step 2: Create `.env`

MALWAREBAZAAR_API_KEY=<APIKEY>

Step 3a: Create Virtual Env & Install Requirements - MAC/Linux

curl -LsSf https://astral.sh/uv/install.sh | sh
cd MalwareBazaar_MCP
uv init .
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt

Step 3b: Create Virtual Env & Install Requirements - Windows

powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
cd MalwareBazaar_MCP
uv init .
uv venv
.venv\Scripts\activate
uv pip install -r requirements.txt

Step 4a: Add Config to the MCP Client - MAC/Linux

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "/Users/XXX/.local/bin/uv",
            "args": [
                "--directory",
                "/Users/XXX/Documents/MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 4b: Add Config to the MCP Client - Windows

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "uv",
            "args": [
                "--directory",
                "C:\Users\XXX\Document\MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 5: Run MCP Server

uv run malwarebazaar_mcp.py

Step 6: Run MCP Client & Query

Help me understnad the latest hash from Malware Bazaar.

Step 7: Run Tests

python -m unittest discover -s tests

uv pip install coverage==7.8.0
coverage run --branch -m unittest discover -s tests
coverage report -m
coverage html
open htmlcov/index.html  # MAC
xdg-open htmlcov/index.html  # Linux
start htmlcov\index.html  # Windows
coverage erase

License

Apache License, Version 2.0

Serveurs connexes

Scout Monitoring MCP

sponsor

Put performance and error data directly in the hands of your AI assistant.

Alpha Vantage MCP Server

sponsor

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Emcee

An MCP server for any web application with an OpenAPI specification, connecting AI models to external tools and data services.

Code Index MCP

A server for code indexing, searching, and analysis, enabling LLMs to interact with code repositories.

Bellwether

Open-source CLI for testing MCP servers and detecting schema drift

Synth MCP

Access financial data like stock prices, currency info, and insider trading data using the Synth Finance API.

OpenRouter MCP Client for Cursor

An MCP client for Cursor that uses OpenRouter.ai to access multiple AI models. Requires an OpenRouter API key.

Argo CD

Interact with Argo CD applications through natural language.

APIWeaver

A universal bridge to convert any web API into an MCP server, supporting multiple transport types.

Markdown Sidecar MCP Server

Serve and access markdown documentation for locally installed NPM, Go, or PyPi packages.

MCP CLI

A command-line interface for interacting with Model Context Protocol servers.

DocGen MCP Server

Automated documentation generator from source files on Google Drive and GitHub.