lokallost/abusech-mcp
3.3
If you are the rightful owner of abusech-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
MCP server fetching Threat Intelligence from different abuse.ch Platforms
abusech-mcp 🚦
abusech-mcp is an MCP server that fetches threat intelligence from multiple abuse.ch platforms, including MalwareBazaar, URLhaus, and ThreatFox.
Features
- Unified VT-like API for querying file, URL, IP, and domain intelligence
- Uses Pydantic schemas for robust data validation and serialization
- Powered by fastmcp:
- Unified API layer: Directly use functions from
abusech_intel.pyto obtain correlated intelligence from abuse.ch platforms—serving as a unified API layer since the platforms themselves do not provide one
Requirements
- Python 3.10+
- abuse.ch API key (set as
ABUSECH_API_KEYenvironment variable)
Usage
Start the MCP server:
python abusech_mcp.py
Available Tools
get_ip_report(ip: str): Get a comprehensive IP report from URLhaus and ThreatFoxget_domain_report(domain: str): Get a domain report from URLhaus and ThreatFoxget_url_report(url: str): Get a URL report from URLhaus and ThreatFoxget_file_report(hash_value: str): Get a file report (MD5/SHA-1/SHA-256) from MalwareBazaar, URLhaus, and ThreatFox
Configuration
Set your API key as an environment variable:
export ABUSECH_API_KEY=your_api_key_here
License
MIT License