A FastMCP server providing blue team cybersecurity tools for threat intelligence, IOC analysis, and defensive security operations.

• Python 3.13+
• uv package manager

1. Clone the repository:

   gh repo clone ackatz/cybersecurity-mcp

2. Copy the MCP server JSON:

   {
     "mcpServers": {
       "cybersecurity-mcp": {
         "command": "/path/to/cybersecurity-mcp/start.sh",
         "env": {
           "VIRUSTOTAL_API_KEY": "",
           "VULNCHECK_API_KEY": "",
           "URLSCAN_API_KEY": "",
           "SHODAN_API_KEY": ""
         }
       }
     }
   }

3. Fill out the API keys in the JSON above (optional, but highly recommended).

4. Use MCP clients like Raycast, Claude Code, etc. to connect to the server.

• CVE detailed information lookup (VulnCheck NVD++, cveList)

• Send URLs to URLScan.io
• VirusTotal IP reputation
• VirusTotal domain reputation
• VirusTotal hash lookup
• Spur IP anonymization detection
• Quick IP geolocation & reputation
• Shodan IP information

• Extract IoCs from text
• Extract IP addresses
• Extract domains
• Extract hashes
• Extract CVE identifiers
• Extract emails
• Extract URLs

• IP network characteristics
• Domain structure and DNS lookup

• Hash type identification
• Compute multiple hash types

The project includes comprehensive tests to ensure functionality:

# Run all tests
uv run pytest -v

# Install pre-commit hooks
uv run pre-commit install

# Run pre-commit on all files
uv run pre-commit run --all-files