Model Context Protocol (MCP) Servers for Cyber ๐งฉ
๐ง Project Overview
This repository provides a modular collection of MCP (Model Context Protocol) servers for cybersecurity threat intelligence (CTI) applications. Each server integrates with a third-party CTI provider and exposes structured threat data to LangGraph-based agents via a standardized MCP interface.
The goal is to enable real-time, contextual intelligence gathering through seamless plug-and-play server modules.
๐งช Implemented Servers
๐ฌ VirusTotal
Connects to the VirusTotal API to retrieve threat reports on:- File hashes, domains, IPs, and URLs
- Threat categories and metadata
- Mapped MITRE ATT&CK tactics and techniques
๐ฐ๏ธ RSTCloud
Leverages the RSTCloud API to deliver real-time intelligence with:- IOC enrichment (IPs, hashes, domains, URLs)
- Threat classification and contextual metadata
- Linked attack vectors and behavioral patterns
๐ก๏ธ AlienVault OTX
Integrates with the AlienVault Open Threat Exchange to:- Query threat pulses and community-contributed indicators
- Retrieve associated file hashes, IPs, and domains
- Access attack tags, tags, techniques, and contributor metadata
๐ Explore the Repository
- GitHub Repository: priamai/mcp