VirusTotal MCP Server provides a bridge to the VirusTotal API for threat intelligence, enabling AI assistants to analyze security threats through file hashes, URLs, domains, and IP addresses. The implementation offers nine specialized tools that automatically fetch relevant relationship data alongside basic reports, providing complete security overviews in single requests. Built with Python using asyncio and aiohttp, it handles API authentication, rate limiting, and error conditions while formatting responses for optimal readability. This server is particularly valuable for security analysts and threat hunters who need to quickly investigate potential threats without switching context to the VirusTotal web interface.
Aucun avis encore. Soyez le premier à donner votre avis !
Connectez-vous pour rejoindre la conversation
Highlight AIGet a comprehensive URL analysis report including security scan results and key relationships. Parameters: url (required): The URL to analyze.
Get a comprehensive file analysis report using its hash. Parameters: hash (required): MD5, SHA-1 or SHA-256 hash of the file.
Get a comprehensive IP address analysis report including geolocation, reputation data, and key relationships. Parameters: ip (required): IP address to analyze.
Get a comprehensive domain analysis report including DNS records, WHOIS data, and key relationships. Parameters: domain (required): Domain name to analyze.
Query a specific relationship type for a URL with pagination support. Parameters: url (required): The URL to get relationships for; relationship (required): Type of relationship to query; limit (optional, default: 10): Maximum number of related objects to retrieve; cursor (optional): Continuation cursor for pagination.
Query a specific relationship type for a file with pagination support. Parameters: hash (required): MD5, SHA-1 or SHA-256 hash of the file; relationship (required): Type of relationship to query; limit (optional, default: 10): Maximum number of related objects to retrieve; cursor (optional): Continuation cursor for pagination.
Query a specific relationship type for an IP address with pagination support. Parameters: ip (required): IP address to analyze; relationship (required): Type of relationship to query; limit (optional, default: 10): Maximum number of related objects to retrieve; cursor (optional): Continuation cursor for pagination.
Query a specific relationship type for a domain with pagination support. Parameters: domain (required): Domain name to analyze; relationship (required): Type of relationship to query; limit (optional, default: 10): Maximum number of related objects to retrieve; cursor (optional): Continuation cursor for pagination.
Perform advanced searches across the VirusTotal dataset using VT Intelligence query syntax. Parameters: query (required): The VT Intelligence search query string; limit (optional, default: 20): Maximum number of results to return per page; cursor (optional): Continuation cursor for pagination; descriptors_only (optional): If true, retrieves only object descriptors instead of full objects.
