MalwareBazaar_MCP
An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.
MCP Tools
get_recent: Get up to 10 most recent samples from MalwareBazaar.
get_info: Get detailed metadata about a specific malware sample.
get_file: Download a malware sample from MalwareBazaar.
get_taginfo: Get malware samples associated with a specific tag.
Step 1: Create a MalwareBazaar APIKEY
https://auth.abuse.ch/user/me
Step 2: Create .env
MALWAREBAZAAR_API_KEY=<APIKEY>
Step 3a: Create Virtual Env & Install Requirements - MAC/Linux
curl -LsSf https://astral.sh/uv/install.sh | sh
cd MalwareBazaar_MCP
uv init .
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt
Step 3b: Create Virtual Env & Install Requirements - Windows
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
cd MalwareBazaar_MCP
uv init .
uv venv
.venv\\Scripts\\activate
uv pip install -r requirements.txt
Step 4a: Add Config to the MCP Client - MAC/Linux
{
"mcpServers": {
"malwarebazaar": {
"description": "Malware Bazaar MCP Server",
"command": "/Users/XXX/.local/bin/uv",
"args": [
"--directory",
"/Users/XXX/Documents/MalwareBazaar_MCP",
"run",
"malwarebazaar_mcp.py"
]
}
}
}
Step 4b: Add Config to the MCP Client - Windows
{
"mcpServers": {
"malwarebazaar": {
"description": "Malware Bazaar MCP Server",
"command": "uv",
"args": [
"--directory",
"C:\\Users\\XXX\\Document\\MalwareBazaar_MCP",
"run",
"malwarebazaar_mcp.py"
]
}
}
}
Step 5: Run MCP Server
uv run malwarebazaar_mcp.py
Step 6: Run MCP Client & Query
Help me understnad the latest hash from Malware Bazaar.
Step 7: Run Tests
python -m unittest discover -s tests
uv pip install coverage==7.8.0
coverage run --branch -m unittest discover -s tests
coverage report -m
coverage html
open htmlcov/index.html # MAC
xdg-open htmlcov/index.html # Linux
start htmlcov\\index.html # Windows
coverage erase
License
Recommend MCP Servers 💡
yuga-planner
A neuro-symbolic system that provides agent-powered scheduling and task allocation by combining LLM with constraint solving to optimize calendar schedules around existing commitments.
albertdow/mcp-datapi
An MCP server providing LLM interface to retrieve ECWMF CDS catalogue data and manage job statuses
markitdown-mcp
A lightweight Model Context Protocol (MCP) server from Microsoft's MarkItDown project, providing STDIO, Streamable HTTP, and SSE transports to convert various URIs (http:, https:, file:, data:) into Markdown.
ragie-mcp-server
Ragie is a fully managed RAG-as-a-Service platform offering advanced multimodal RAG capabilities, including structured chunking, multi-layered indexing, and LLM-aware optimizations, designed for developers to build production-grade generative AI applications.
enrichment-mcp
An MCP server for performing security data enrichment using third-party services like VirusTotal and Shodan
alizdavoodi/MCPDocSearch
An MCP server that makes crawled documentation searchable via semantic search