NTFS_Parser_MCP
Verified Safeby Amier-ge
Overview
Provides an MCP server for forensic analysis of NTFS file systems by parsing artifacts like MFT, UsnJrnl, and LogFile from disk images or raw files.
Installation
python mcp_server.pySecurity Notes
The server's direct implementation appears robust. It primarily handles file inputs/outputs locally and does not expose direct 'eval' or other arbitrary code execution vectors. The main security considerations are the robustness of the underlying `NTFS_Parser` library (which it imports) and its dependencies against potentially malicious or malformed forensic input files, which is an inherent challenge in forensic tooling.
Similar Servers
mcp-windbg
Bridges AI models with WinDbg/CDB to analyze Windows crash dumps and connect to remote debugging sessions.
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
TriageMCP
Enables an LLM to perform static analysis and triage of PE files using local security tools.
air-mcp
A Node.js server implementing Model Context Protocol (MCP) for Binalyze AIR, enabling natural language interaction with AIR's digital forensics and incident response capabilities.