📦
Triagemcp
Vibe Malware Triage - MCP server for static PE analysis.
0 installs
75 stars
6 forks
Trust: 53 — Fair
Devtools
Installation
npx triagemcpAsk AI about Triagemcp
Powered by Claude · Grounded in docs
I know everything about Triagemcp. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Loading tools...
Reviews
Documentation
TriageMCP
MCP server to enable an LLM to do basic static triage of a PE.
A minimal prompt idea could be:
You are a malware analyst tasked to analyse the sample at <PATH> with your MCP tools. Create a markdown report that summarizes your findings.
Of course supplying more info will usually yield a better result.
Installation
Install dependencies:
pip install pefile yara-python die-python mcp[cli]
Then adjust triage.py and change <TOOL>_EXE_PATH and YARA_RULE_PATH accordingly.
Claude Desktop Integration
You can install this server in Claude Desktop and interact with it right away by running:
mcp install .\triage.py
Different transport protocol
By default, without using arguments, the server will use stdio transport:
.\triage.py
To use SSE transport:
.\triage.py --transport http://127.0.0.1:8744
TODO
- VT/AnyRun/Sandbox integration
- Hash lookup
- Streamable HTTP transport