MCPServers
VirusTotal - MCP server logo

VirusTotal

3
0

Summary

VirusTotal MCP Server provides a bridge to the VirusTotal API for threat intelligence, enabling AI assistants to analyze security threats through file hashes, URLs, domains, and IP addresses. The implementation offers nine specialized tools that automatically fetch relevant relationship data alongside basic reports, providing complete security overviews in single requests. Built with Python using asyncio and aiohttp, it handles API authentication, rate limiting, and error conditions while formatting responses for optimal readability. This server is particularly valuable for security analysts and threat hunters who need to quickly investigate potential threats without switching context to the VirusTotal web interface.

Available Actions(9)

get_url_report

Get a comprehensive URL analysis report including security scan results and key relationships (communicating files, contacted domains/IPs, downloaded files, redirects, threat actors). Parameters: url (required)

get_file_report

Get a comprehensive file analysis report using its hash (MD5/SHA-1/SHA-256). Includes detection results, file properties, and key relationships (behaviors, dropped files, network connections, embedded content, threat actors). Parameters: hash (required)

get_ip_report

Get a comprehensive IP address analysis report including geolocation, reputation data, and key relationships (communicating files, historical certificates/WHOIS, resolutions). Parameters: ip (required)

get_domain_report

Get a comprehensive domain analysis report including DNS records, WHOIS data, and key relationships (SSL certificates, subdomains, historical data). Parameters: domain (required)

get_url_relationship

Query a specific relationship type for a URL with pagination support. Parameters: url (required), relationship (required), limit (optional, default: 10), cursor (optional)

get_file_relationship

Query a specific relationship type for a file with pagination support. Parameters: hash (required), relationship (required), limit (optional, default: 10), cursor (optional)

get_ip_relationship

Query a specific relationship type for an IP address with pagination support. Parameters: ip (required), relationship (required), limit (optional, default: 10), cursor (optional)

get_domain_relationship

Query a specific relationship type for a domain with pagination support. Parameters: domain (required), relationship (required), limit (optional, default: 10), cursor (optional)

advanced_corpus_search

Perform advanced searches across the VirusTotal dataset using VT Intelligence query syntax. Parameters: query (required), limit (optional, default: 20), cursor (optional), descriptors_only (optional)

Last Updated: April 25, 2025

コミュニティレビュー

0.0
0 レビュー
5
0
4
0
3
0
2
0
1
0

まだレビューはありません. 最初のレビューを投稿しましょう!

会話に参加するにはサインインしてください

Coming soon to
HighlightHighlight AI

カテゴリ

タグ