TriageMCP

eversinc33/TriageMCP

3.5
security

If you are the rightful owner of TriageMCP and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

TriageMCP is an MCP server designed to enable a Language Model (LLM) to perform basic static triage of Portable Executable (PE) files.

TriageMCP

MCP server to enable an LLM to do basic static triage of a PE.

A minimal prompt idea could be:

You are a malware analyst tasked to analyse the sample at <PATH> with your MCP tools. Create a markdown report that summarizes your findings.

Of course supplying more info will usually yield a better result.

Installation

Install dependencies:

pip install pefile yara-python die-python mcp[cli]

Then adjust triage.py and change <TOOL>_EXE_PATH and YARA_RULE_PATH accordingly.

Claude Desktop Integration

You can install this server in Claude Desktop and interact with it right away by running:

mcp install .\triage.py

Different transport protocol

By default, without using arguments, the server will use stdio transport:

.\triage.py

To use SSE transport:

.\triage.py --transport http://127.0.0.1:8744

TODO

  • VT/AnyRun/Sandbox integration
  • Hash lookup
  • Streamable HTTP transport

Related MCP Servers

View all security servers →
apktool-mcp-server

apktool-mcp-server

4.4

by zinja-coder

apktool-mcp-server is a fully automated MCP server built on top of apktool to analyze Android APKs using LLMs like Claude, providing live reverse engineering support.

security
WireMCP

WireMCP

4.0

by 0xKoda

WireMCP is a Model Context Protocol server that enhances Large Language Models with real-time network traffic analysis capabilities using tools built on Wireshark's `tshark`.

security
osv-mcp

osv-mcp

3.8

by StacklokLabs

An MCP server providing access to the OSV database for querying vulnerability information.

databases
kubectl-mcp-server

kubectl-mcp-server

3.7

by rohitg00

Kubectl MCP Server is a Model Context Protocol server for Kubernetes, enabling AI assistants to interact with Kubernetes clusters using natural language.

os_automation
ida-pro-mcp

ida-pro-mcp

3.7

by mrexodia

Simple MCP Server to allow vibe reversing in IDA Pro.

developer_tools
obsidian-mcp-tools

obsidian-mcp-tools

3.7

by jacksteamdev

MCP Tools for Obsidian enables AI applications like Claude Desktop to securely access and work with your Obsidian vault through the Model Context Protocol (MCP).

ai_chatbot
win-cli-mcp-server

win-cli-mcp-server

3.7

by simon-ami

The Windows CLI MCP Server is a deprecated project designed for secure command-line interactions on Windows systems, providing controlled access to various shells and remote systems via SSH.

os_automation
volatility3-mcp

volatility3-mcp

3.7

by Kirandawadi

Volatility3 MCP Server is a tool that integrates MCP clients with the Volatility3 memory forensics framework, enabling LLMs to perform memory forensics tasks through a conversational interface.

security
MCP-Kali-Server

MCP-Kali-Server

3.7

by Wh0am123

Kali MCP Server is a lightweight API bridge that connects MCP Clients to the API server, allowing execution of commands on a Linux terminal.

security
code-sandbox-mcp

code-sandbox-mcp

3.6

by Automata-Labs-team

A secure sandbox environment for executing code within Docker containers. This MCP server provides AI applications with a safe and isolated environment for running code while maintaining security through containerization.

security
mcp-maigret

mcp-maigret

3.6

by BurtTheCoder

Maigret MCP Server is a Model Context Protocol server for Maigret, an OSINT tool that collects user account information from various public sources.

security
ida-mcp-server-plugin

ida-mcp-server-plugin

3.6

by taida957789

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface.

developer_tools
dynatrace-mcp

dynatrace-mcp

3.6

by dynatrace-oss

This remote MCP server allows interaction with the Dynatrace observability platform, bringing real-time observability data directly into your development workflow.

monitoring
mcp-server-wazuh

mcp-server-wazuh

3.6

by gbrigandi

A Rust-based server designed to bridge the gap between a Wazuh Security Information and Event Management (SIEM) system and applications requiring contextual security data, specifically tailored for the Claude Desktop Integration using the Model Context Protocol (MCP).

security
Wazuh-MCP-Server

Wazuh-MCP-Server

3.6

by gensecaihq

Wazuh MCP Server is an AI-powered security operations platform that integrates conversational AI with traditional SIEM operations.

security
sonarqube-mcp-server

sonarqube-mcp-server

3.6

by sapientpants

A Model Context Protocol (MCP) server that integrates with SonarQube to provide AI assistants with access to code quality metrics, issues, and analysis results.

developer_tools
mcp-virustotal

mcp-virustotal

3.6

by BurtTheCoder

The VirusTotal MCP Server is a Model Context Protocol server designed for querying the VirusTotal API, providing comprehensive security analysis tools with automatic relationship data fetching.

security
mcp-shodan

mcp-shodan

3.6

by BurtTheCoder

A Model Context Protocol (MCP) server for querying the Shodan API and Shodan CVEDB, providing access to network intelligence and security services.

security
unifi-network-mcp

unifi-network-mcp

3.5

by sirkirby

A self-hosted Model Context Protocol (MCP) server for UniFi Network Controller, providing programmable tools for network management.

security
mcp_zoomeye

mcp_zoomeye

3.5

by zoomeye-ai

A Model Context Protocol (MCP) server that provides network asset information based on query conditions.

research_and_data
jadx-mcp-plugin

jadx-mcp-plugin

3.5

by mobilehackinglab

The Jadx MCP Plugin provides a Java-based plugin for Jadx, exposing its API over HTTP to enable interaction with MCP clients like Claude, facilitating AI-assisted security analysis of Android apps.

security
auth0-mcp-server

auth0-mcp-server

3.5

by auth0

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language.

developer_tools
mcp-security-audit

mcp-security-audit

3.5

by qianniuspace

A powerful MCP (Model Context Protocol) Server that audits npm package dependencies for security vulnerabilities.

security
binja-lattice-mcp

binja-lattice-mcp

3.5

by Invoke-RE

BinjaLattice is a secure communication protocol for Binary Ninja that enables interaction with external Model Context Protocol (MCP) servers and tools.

developer_tools
BurpSuite-MCP-Server

BurpSuite-MCP-Server

3.5

by X3r0K

A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

security
shodan-mcp-server

shodan-mcp-server

3.5

by Cyreslab-AI

A Model Context Protocol (MCP) server that provides access to Shodan API functionality and CVE database, allowing AI assistants to query information about internet-connected devices, services, and vulnerabilities.

research_and_data
roadrecon_mcp_server

roadrecon_mcp_server

3.5

by atomicchonk

The ROADrecon MCP Server provides AI assistants like Claude with access to ROADRecon Azure AD data for security analysis.

security