MalwareBazaar_MCP
An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.
MCP Tools
get_recent: Get up to 10 most recent samples from MalwareBazaar.
get_info: Get detailed metadata about a specific malware sample.
get_file: Download a malware sample from MalwareBazaar.
get_taginfo: Get malware samples associated with a specific tag.
Step 1: Create a MalwareBazaar APIKEY
https://auth.abuse.ch/user/me
Step 2: Create .env
MALWAREBAZAAR_API_KEY=<APIKEY>
Step 3a: Create Virtual Env & Install Requirements - MAC/Linux
curl -LsSf https://astral.sh/uv/install.sh | sh
cd MalwareBazaar_MCP
uv init .
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt
Step 3b: Create Virtual Env & Install Requirements - Windows
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
cd MalwareBazaar_MCP
uv init .
uv venv
.venv\\Scripts\\activate
uv pip install -r requirements.txt
Step 4a: Add Config to the MCP Client - MAC/Linux
{
"mcpServers": {
"malwarebazaar": {
"description": "Malware Bazaar MCP Server",
"command": "/Users/XXX/.local/bin/uv",
"args": [
"--directory",
"/Users/XXX/Documents/MalwareBazaar_MCP",
"run",
"malwarebazaar_mcp.py"
]
}
}
}
Step 4b: Add Config to the MCP Client - Windows
{
"mcpServers": {
"malwarebazaar": {
"description": "Malware Bazaar MCP Server",
"command": "uv",
"args": [
"--directory",
"C:\\Users\\XXX\\Document\\MalwareBazaar_MCP",
"run",
"malwarebazaar_mcp.py"
]
}
}
}
Step 5: Run MCP Server
uv run malwarebazaar_mcp.py
Step 6: Run MCP Client & Query
Help me understnad the latest hash from Malware Bazaar.
Step 7: Run Tests
python -m unittest discover -s tests
uv pip install coverage==7.8.0
coverage run --branch -m unittest discover -s tests
coverage report -m
coverage html
open htmlcov/index.html # MAC
xdg-open htmlcov/index.html # Linux
start htmlcov\\index.html # Windows
coverage erase
License
Recommend MCP Servers 💡
buildkite-mcp-server
Model Context Protocol (MCP) server exposing Buildkite data (pipelines, builds, jobs, tests) to AI tooling and editors.
hexitex/MCP-Backup-Server
A specialized MCP server providing backup and restoration capabilities for AI agents and code editing tools, tested in Cursor and Windsurf editors.
horizondatawave/hdw-mcp-server
MCP server providing access to LinkedIn data and user account management via HorizonDataWave API
@razvanmacovei/k8s-multicluster-mcp
An MCP server for Kubernetes operations, providing a standardized API to interact with multiple Kubernetes clusters using multiple kubeconfig files.
@growi/mcp-server
A Model Context Protocol (MCP) server that connects AI models to GROWI wiki content. Enables LLMs to search and retrieve information from your organization's knowledge base for accurate, context-aware responses.
OpenMetadata
OpenMetadata's MCP server enables large language models (LLMs) and AI agents to interact with and leverage OpenMetadata's Unified Knowledge Graph, facilitating intelligent data management and automated data operations by providing crucial business context from metadata.