VirusTotal
Summary
VirusTotal MCP Server provides a bridge to the VirusTotal API for threat intelligence, enabling AI assistants to analyze security threats through file hashes, URLs, domains, and IP addresses. The implementation offers nine specialized tools that automatically fetch relevant relationship data alongside basic reports, providing complete security overviews in single requests. Built with Python using asyncio and aiohttp, it handles API authentication, rate limiting, and error conditions while formatting responses for optimal readability. This server is particularly valuable for security analysts and threat hunters who need to quickly investigate potential threats without switching context to the VirusTotal web interface.
Available Actions(9)
get_url_report
Get a comprehensive URL analysis report including security scan results and key relationships (communicating files, contacted domains/IPs, downloaded files, redirects, threat actors). Parameters: url (required)
get_file_report
Get a comprehensive file analysis report using its hash (MD5/SHA-1/SHA-256). Includes detection results, file properties, and key relationships (behaviors, dropped files, network connections, embedded content, threat actors). Parameters: hash (required)
get_ip_report
Get a comprehensive IP address analysis report including geolocation, reputation data, and key relationships (communicating files, historical certificates/WHOIS, resolutions). Parameters: ip (required)
get_domain_report
Get a comprehensive domain analysis report including DNS records, WHOIS data, and key relationships (SSL certificates, subdomains, historical data). Parameters: domain (required)
get_url_relationship
Query a specific relationship type for a URL with pagination support. Parameters: url (required), relationship (required), limit (optional, default: 10), cursor (optional)
get_file_relationship
Query a specific relationship type for a file with pagination support. Parameters: hash (required), relationship (required), limit (optional, default: 10), cursor (optional)
get_ip_relationship
Query a specific relationship type for an IP address with pagination support. Parameters: ip (required), relationship (required), limit (optional, default: 10), cursor (optional)
get_domain_relationship
Query a specific relationship type for a domain with pagination support. Parameters: domain (required), relationship (required), limit (optional, default: 10), cursor (optional)
advanced_corpus_search
Perform advanced searches across the VirusTotal dataset using VT Intelligence query syntax. Parameters: query (required), limit (optional, default: 20), cursor (optional), descriptors_only (optional)
コミュニティレビュー
まだレビューはありません. 最初のレビューを投稿しましょう!
会話に参加するにはサインインしてください
