urlhaus-mcp-server by Cyreslab-AI - MCP Server

The URLhaus MCP Server is a robust tool designed to facilitate access to the URLhaus database, a project by abuse.ch that collects and disseminates information on malicious URLs. This server is particularly useful for AI agents and cybersecurity professionals who require real-time data on malware distribution for threat intelligence and analysis. By leveraging the Model Context Protocol (MCP), the server provides a structured and efficient way to query and retrieve data from URLhaus, enabling users to perform detailed investigations into malicious activities on the internet. The server is built using Node.js and TypeScript, ensuring a modern and scalable architecture. It offers a range of tools for URL, host/domain, and malware analysis, making it a comprehensive solution for cybersecurity research. The server is easy to set up and does not require API keys or authentication, as it utilizes the free public API provided by URLhaus.

Features

Provides access to URLhaus database for threat intelligence research.
Includes tools for URL, host/domain, and malware analysis.
Built with Node.js and TypeScript for modern and scalable architecture.
No API keys or authentication required for access.
Facilitates real-time data retrieval for cybersecurity analysis.

Tools

get_recent_urls
Get the most recent malicious URLs from URLhaus.
lookup_url
Get detailed information about a specific URL.
search_urls
Search for URLs by various criteria (host, URL, tag, or signature).
lookup_host
Get information about URLs hosted on a specific host/domain.
lookup_payload
Get information about a malware payload by its hash.

urlhaus-mcp-server

Features

Tools

get_recent_urls

lookup_url

search_urls

lookup_host

lookup_payload