mcp-threatintel
Verified Safeby aplaceforallmystuff
Overview
MCP server providing unified access to multiple threat intelligence sources for security research and analysis, reducing context switching and correlating intelligence.
Installation
npx mcp-threatintel-serverEnvironment Variables
- OTX_API_KEY
- ABUSEIPDB_API_KEY
- GREYNOISE_API_KEY
- ABUSECH_AUTH_KEY
Security Notes
API keys are correctly handled via environment variables, not hardcoded. The server acts as a proxy, making authenticated requests to legitimate external threat intelligence APIs. Robust error handling is implemented for API failures, preventing crashes. No use of 'eval' or other inherently dangerous dynamic code execution. The primary security consideration is the secure management of API keys by the user.
Similar Servers
falcon-mcp
An MCP server providing AI agents programmatic access to CrowdStrike Falcon platform capabilities for intelligent security analysis and automation, integrating threat detection, incident response, and vulnerability management into agentic workflows.
Reversecore_MCP
Provides a Micro-Agent Control Protocol (MCP) server that wraps various reverse engineering CLI tools and libraries, enabling AI agents to perform binary analysis, malware analysis, and vulnerability research through natural language commands.
MalwareBazaar_MCP
An AI-driven MCP server interfacing with Malware Bazaar for real-time threat intelligence and sample metadata, supporting cybersecurity research workflows.
opencti_mcp_server
Connects Claude Desktop to OpenCTI's threat intelligence platform for AI-augmented threat intelligence analysis and reporting, enabling natural language queries and context-aware responses.