MalwareBazaar MCP

Interface with Malware Bazaar to get real-time threat intelligence and sample metadata for cybersecurity research.

MalwareBazaar_MCP

An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.

MCP Tools

`get_recent`: Get up to 10 most recent samples from MalwareBazaar.

`get_info`: Get detailed metadata about a specific malware sample.

`get_file`: Download a malware sample from MalwareBazaar.

`get_taginfo`: Get malware samples associated with a specific tag.

Step 1: Create a MalwareBazaar APIKEY

https://auth.abuse.ch/user/me

Step 2: Create `.env`

MALWAREBAZAAR_API_KEY=<APIKEY>

Step 3a: Create Virtual Env & Install Requirements - MAC/Linux

curl -LsSf https://astral.sh/uv/install.sh | sh
cd MalwareBazaar_MCP
uv init .
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt

Step 3b: Create Virtual Env & Install Requirements - Windows

powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
cd MalwareBazaar_MCP
uv init .
uv venv
.venv\Scripts\activate
uv pip install -r requirements.txt

Step 4a: Add Config to the MCP Client - MAC/Linux

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "/Users/XXX/.local/bin/uv",
            "args": [
                "--directory",
                "/Users/XXX/Documents/MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 4b: Add Config to the MCP Client - Windows

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "uv",
            "args": [
                "--directory",
                "C:\Users\XXX\Document\MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 5: Run MCP Server

uv run malwarebazaar_mcp.py

Step 6: Run MCP Client & Query

Help me understnad the latest hash from Malware Bazaar.

Step 7: Run Tests

python -m unittest discover -s tests

uv pip install coverage==7.8.0
coverage run --branch -m unittest discover -s tests
coverage report -m
coverage html
open htmlcov/index.html  # MAC
xdg-open htmlcov/index.html  # Linux
start htmlcov\index.html  # Windows
coverage erase

License

Apache License, Version 2.0

Related Servers

Scout Monitoring MCP

sponsor

Put performance and error data directly in the hands of your AI assistant.

Alpha Vantage MCP Server

sponsor

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Web3 MCP

Interact with multiple blockchains including Solana, Ethereum, THORChain, XRP Ledger, TON, Cardano, and UTXO chains.

ForeverVM

Run Python in a code sandbox.

Moralis

Interact with the Moralis Web3 API to access blockchain data and services.

MCP Config Generator

A web tool for safely adding MCP servers to your Claude Desktop configuration.

ocireg

An SSE-based MCP server that allows LLM-powered applications to interact with OCI registries. It provides tools for retrieving information about container images, listing tags, and more.

Flux Schnell MCP Server

A text-to-image generation server using the Flux Schnell model.

YApi

Interact with the YApi platform using natural language for automated interface management.

Azure DevOps

Integrate with Azure DevOps services to manage work items, repositories, and pipelines.

Supervisord MCP

A tool for managing Supervisord processes, integrated with AI agents via the Model Context Protocol (MCP). It offers standardized process control, real-time monitoring, and robust operations.

Python Interpreter MCP

An MCP server that provides Python code execution capabilities through a REST API interface.