Nexuscore_MCP
Verified Safeby sjkim1127
Overview
An AI-driven server designed for dynamic malware analysis, enabling AI agents to interactively debug, inspect, and analyze evasive malware in real-time.
Installation
.\target\release\nexuscore_mcp.exeEnvironment Variables
- VT_API_KEY
- CAPE_API_URL
- CAPE_API_TOKEN
- RUST_LOG
- SCYLLA_PATH
Security Notes
The core functionality involves injecting arbitrary JavaScript (Frida scripts) into target processes and executing external binaries (`cdb.exe`, `tshark`, `handle.exe`, `pe-sieve64.exe`, `procdump`, `ScyllaTest.exe`). The `install_hook` tool explicitly accepts arbitrary `js_code` from the AI agent. While essential for its purpose, this grants significant power to the AI, allowing it to execute arbitrary code within the sandboxed VM. The README strongly emphasizes running this server within an isolated Virtual Machine (Windows 10/11 x64) and running the AI client as Administrator for necessary permissions, which is critical to contain potential risks from analyzing malicious code or a compromised AI agent. No hardcoded secrets were found, and external tools are called safely via `tokio::process::Command::arg()` to prevent shell injection.
Similar Servers
mcp-windbg
This server integrates AI models with WinDbg/CDB to analyze Windows crash dumps, connect to remote debugging sessions, and process multiple dumps through natural language queries.
burp-mcp-agents
Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.
TriageMCP
Enables an LLM to perform static analysis and triage of PE files using local security tools.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.