Enrichment MCP ServerServer

synackpwn
GitHub
threat intelligenceenrichmentcybersecurity

Loading subscription status...

💡 Description

A Model Context Protocol (MCP) server for performing enrichment given a provided observable. It allows for third-party enrichment using services such as VirusTotal, Hybrid Analysis, and others, to enhance threat intelligence.

📝 JSON Entries

{
  "mcpServers": [
    {
      "enrichment-mcp": {
        "env": {
          "ENRICHMENT_MCP_HIBP_KEY": "",
          "ENRICHMENT_MCP_SHODAN_KEY": "",
          "ENRICHMENT_MCP_URLSCAN_KEY": "",
          "ENRICHMENT_MCP_ALIENVAULT_KEY": "",
          "ENRICHMENT_MCP_VIRUSTOTAL_KEY": "",
          "ENRICHMENT_MCP_HYBRIDANALYSIS_KEY": ""
        },
        "args": [
          "--directory",
          "/ABSOLUTE/PATH/TO/CLONED/REPOSITORY/enrichment-mcp",
          "run",
          "server.py"
        ],
        "command": "/ABSOLUTE/PATH/TO/PARENT/FOLDER/uv"
      }
    }
  ]
}

🛠️ Tools

observable-lookuplookup-ipaddresslookup-domainlookup-urllookup-email

Features

  • Observable lookup
  • Lookup IP address
  • Lookup domain
  • Lookup URL
  • Lookup email

💬 Example Queries

  • Enrich this IP 91.195.240.94
  • What's the reputation of the domain 'example.com'?
  • Get enrichment for the URL 'https://malicious-site.com'