search_malware
ActiveTool of mcp-threatfox
declared in 0.1.0
IOCs tagged to a malware family (e.g., "Cobalt Strike", "Emotet", "QakBot").
Parameters schema
{
"type": "object",
"examples": [
{
"malware": "Cobalt Strike"
},
{
"limit": 500,
"malware": "Emotet"
}
],
"required": [
"malware"
],
"properties": {
"limit": {
"type": "number",
"description": "Max records (default 1000)"
},
"malware": {
"type": "string",
"description": "Malware family name or MISP alias"
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
mcp-threatfox
https://github.com/pipeworx-io/mcp-threatfox
2/7 registries