mcp-registry/mcp-virustotal

    ==================
      
       /// MCP ///
      /// MCP ///
        
    ==================
        
    [server:online]
    [protocol:ready]

mcp-virustotal

by BurtTheCoder

Model Context Protocol (MCP) server that exposes VirusTotal querying tools (URL, file, IP, domain reports & relationship APIs) for easy integration with MCP-compatible clients such as Claude Desktop.

74
8
Specialized
GitHubNPM

01

get_url_report

Get a comprehensive URL analysis report including security scan results and key relationships (communicating files, contacted domains/IPs, downloaded files, redirects, threat actors).

02

get_file_report

Get a comprehensive file analysis report using its hash (MD5/SHA-1/SHA-256), including detection results, file properties, and key relationships (behaviors, dropped files, network connections, embedded content, threat actors).

03

get_ip_report

Get a comprehensive IP address analysis report including geolocation, reputation data, and key relationships (communicating files, historical certificates/WHOIS, resolutions).

04

get_domain_report

Get a comprehensive domain analysis report including DNS records, WHOIS data, and key relationships (SSL certificates, subdomains, historical data).

05

get_url_relationship

Query a specific relationship type for a URL with pagination support across 17 relationship types such as analyses, communicating files, contacted domains/IPs, downloaded files, graphs, referrers, redirects, and threat actors.

06

get_file_relationship

Query a specific relationship type for a file with pagination support across 41 relationship types including behaviors, network connections, dropped files, embedded content, execution chains, and threat actors.

07

get_ip_relationship

Query a specific relationship type for an IP address with pagination support across 12 relationship types including communicating files, historical SSL certificates, WHOIS records, resolutions, and threat actors.

08

get_domain_relationship

Query a specific relationship type for a domain with pagination support across 21 relationship types including SSL certificates, subdomains, historical data, and DNS records.

Installation

1. Clone the repository
git clone https://github.com/BurtTheCoder/mcp-virustotal.git cd mcp-virustotal
2. Install dependencies (requires Node.js ≥18)
npm install # or: pnpm install / yarn install
3. Configure credentials
• Copy the example environment file (if present)
• Edit .env and add your VirusTotal API key
cp .env.example .env VIRUSTOTAL_API_KEY="<your_api_key>"
4. Build source (TypeScript → JavaScript)
npm run build # usually invokes tsc
5. Start the MCP server
npm start # or: node dist/index.js
6. Verify
The server should log the listening port (default 3000). Use curl or any MCP-compatible client to send requests.

Documentation

License: MIT License
Updated 7/30/2025
mcp-virustotal - MCP Server Registry - Augment Code