Add your description here
Project description
TriageMCP
MCP server to enable an LLM to do basic static triage of a PE.
A minimal prompt idea could be:
You are a malware analyst tasked to analyse the sample at <PATH> with your MCP tools. Create a markdown report that summarizes your findings.
Of course supplying more info will usually yield a better result.
Installation
Install dependencies:
pip install pefile yara-python die-python mcp[cli]
Then adjust triage.py and change <TOOL>_EXE_PATH and YARA_RULE_PATH accordingly.
Claude Desktop Integration
You can install this server in Claude Desktop and interact with it right away by running:
mcp install .\triage.py
Different transport protocol
By default, without using arguments, the server will use stdio transport:
.\triage.py
To use SSE transport:
.\triage.py --transport http://127.0.0.1:8744
TODO
- VT/AnyRun/Sandbox integration
- Hash lookup
- Streamable HTTP transport
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file iflow_mcp_eversinc33_triagemcp-0.1.0.tar.gz.
File metadata
- Download URL: iflow_mcp_eversinc33_triagemcp-0.1.0.tar.gz
- Upload date:
- Size: 5.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.2 {"installer":{"name":"uv","version":"0.10.2","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cfbfffd826b1214893bf9720ae3ae4edc872968acd26c1dde5f6b0097084d15f
|
|
| MD5 |
382aad99b680c74e1afd3050031a4336
|
|
| BLAKE2b-256 |
3451ed8f934feba7205abb739ec617b113283e67026849c325b1afbeee924def
|
File details
Details for the file iflow_mcp_eversinc33_triagemcp-0.1.0-py3-none-any.whl.
File metadata
- Download URL: iflow_mcp_eversinc33_triagemcp-0.1.0-py3-none-any.whl
- Upload date:
- Size: 6.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.2 {"installer":{"name":"uv","version":"0.10.2","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fb92f6dfb9a9b1992035c59ee29dbe2c15a7f519647ff71cdfa56a2bfcbf5bae
|
|
| MD5 |
4447d912a29ee193381638ba50684ff7
|
|
| BLAKE2b-256 |
d750168b44133516b168b3b0000c115ca4a640a580424563c53a424ec337482c
|
