Skip to content
/ MalwareBazaar_MCP Public

An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.

License

Apache-2.0 license
16 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mytechnotalent/MalwareBazaar_MCP

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
tests
tests
 
 
.coveragerc
.coveragerc
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
malwarebazaar_mcp.py
malwarebazaar_mcp.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

MalwareBazaar_MCP

An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.


MCP Tools

get_recent: Get up to 10 most recent samples from MalwareBazaar.

get_info: Get detailed metadata about a specific malware sample.

get_file: Download a malware sample from MalwareBazaar.

get_taginfo: Get malware samples associated with a specific tag.


Step 1: Create a MalwareBazaar APIKEY

https://auth.abuse.ch/user/me

Step 2: Create .env

MALWAREBAZAAR_API_KEY=<APIKEY>

Step 3a: Create Virtual Env & Install Requirements - MAC/Linux

curl -LsSf https://astral.sh/uv/install.sh | sh
cd MalwareBazaar_MCP
uv init .
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt

Step 3b: Create Virtual Env & Install Requirements - Windows

powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
cd MalwareBazaar_MCP
uv init .
uv venv
.venv\Scripts\activate
uv pip install -r requirements.txt

Step 4a: Add Config to the MCP Client - MAC/Linux

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "/Users/XXX/.local/bin/uv",
            "args": [
                "--directory",
                "/Users/XXX/Documents/MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 4b: Add Config to the MCP Client - Windows

{
    "mcpServers": {
        "malwarebazaar": {
            "description": "Malware Bazaar MCP Server",
            "command": "uv",
            "args": [
                "--directory",
                "C:\Users\XXX\Document\MalwareBazaar_MCP",
                "run",
                "malwarebazaar_mcp.py"
            ]
        }
    }
}

Step 5: Run MCP Server

uv run malwarebazaar_mcp.py

Step 6: Run MCP Client & Query

Help me understnad the latest hash from Malware Bazaar.

Step 7: Run Tests

python -m unittest discover -s tests

uv pip install coverage==7.8.0
coverage run --branch -m unittest discover -s tests
coverage report -m
coverage html
open htmlcov/index.html  # MAC
xdg-open htmlcov/index.html  # Linux
start htmlcov\index.html  # Windows
coverage erase

License

Apache License, Version 2.0

About

An AI-driven MCP server that autonomously interfaces with Malware Bazaar, delivering real-time threat intel and sample metadata for authorized cybersecurity research workflows.

Topics

ai mcp reverse-engineering malware malware-analysis malware-research malware-samples malware-detection agentic agentic-workflow agentic-ai mcp-server mcp-client mcp-tools

Resources

Readme

License

Apache-2.0 license
Activity

Stars

16 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases 1

1.0.0 Latest
May 19, 2025

Packages

No packages published

Languages