ORKL MCP Server
A Model Context Protocol server for threat intelligence queries via the ORKL API.
Key Features
Use Cases
README
ORKL MCP Server
A full write-up can be found here: https://blog.securitybreak.io/building-a-threat-intelligence-genai-reporter-with-orkl-and-claude-a0ae2e969693
A Model Context Protocol (MCP) server for querying the ORKL API. This server provides tools for fetching and analyzing threat reports, threat actors, and sources. It integrates smoothly with MCP-compatible applications.
Quick Install
Edit or create the file /Users/user/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"orkl": {
"command": "uv",
"args": [
"--directory",
"/MyMCP/mcptest/orkl",
"run",
"orkl"
]
}
}
}
Tools
Report Tools
Fetch Latest Threat Reports
- Name:
fetch_latest_threat_reports - Description: Fetch recent threat reports with their titles and IDs.
- Parameters: None
Fetch Threat Report Details
- Name:
fetch_threat_report_details - Description: Retrieve detailed information for a specific threat report by ID.
- Parameters:
report_id(required): The ID of the threat report.
Threat Actor Tools
Fetch Threat Actors
- Name:
fetch_threat_actors - Description: Fetch a list of known threat actors with their IDs and names.
- Parameters: None
Fetch Threat Actor Details
- Name:
fetch_threat_actor_details - Description: Retrieve detailed information for a specific threat actor by ID.
- Parameters:
actor_id(required): The ID of the threat actor.
Source Tools
Fetch Sources
- Name:
fetch_sources - Description: Fetch a list of sources used in threat intelligence.
- Parameters: None
Fetch Source Details
- Name:
fetch_source_details - Description: Retrieve detailed metadata for a specific source by ID.
- Parameters:
source_id(required): The ID of the source.
Star History
Repository Owner
User
Repository Details
Programming Languages
Tags
Join Our Newsletter
Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.
Related MCPs
Discover similar Model Context Protocol servers
MCP Server for Cortex
Bridge Cortex threat analysis capabilities to MCP-compatible clients like Claude.
MCP Server for Cortex exposes the analysis capabilities of a Cortex instance as tools consumable by Model Context Protocol (MCP) clients, such as large language models. It enables these clients to request threat intelligence analyses via Cortex and receive structured results. The server supports easy configuration, secure authentication, and flexible analyzer selection for integrating threat intelligence tasks into automated AI workflows.
- ⭐ 12
- MCP
- gbrigandi/mcp-server-cortex
MCP Server for TheHive
Connect AI-powered automation tools to TheHive incident response platform via MCP.
MCP Server for TheHive enables AI models and automation clients to interact with TheHive incident response platform using the Model Context Protocol. It provides tools to retrieve and analyze security alerts, manage cases, and automate incident response operations. The server facilitates seamless integration by exposing these functionalities over the standardized MCP protocol through stdio communication. It offers both pre-compiled binaries and a source build option with flexible configuration for connecting to TheHive instances.
- ⭐ 11
- MCP
- gbrigandi/mcp-server-thehive
CyberChef API MCP Server
MCP server enabling LLMs to access CyberChef's powerful data analysis and processing tools.
CyberChef API MCP Server implements the Model Context Protocol (MCP), interfacing with the CyberChef Server API to provide structured tools and resources for LLM/MCP clients. It exposes key CyberChef operations such as executing recipes, batch processing, retrieving operation categories, and utilizing the magic operation for automated data decoding. The server can be configured and managed via standard MCP client workflows and supports context-driven tool invocation for large language models.
- ⭐ 29
- MCP
- slouchd/cyberchef-api-mcp-server
Panther MCP Server
Natural language and IDE-powered server for detection, alert triage, and data lake querying in Panther.
Panther MCP Server enables interactive management of security alerts, data lake queries, and scheduled reporting using natural language and integrated tools. It allows users to write and tune detections from an IDE, triage and comment on alerts, and execute advanced queries against security logs. The system provides a wide range of operations including alert investigation, bulk updates, AI-powered triage insight generation, and data lake schema exploration. Integration with the Model Context Protocol ensures standardized and extensible interactions for security operations.
- ⭐ 32
- MCP
- panther-labs/mcp-panther
Web3 MCP
A Model Context Protocol server for unified blockchain data access.
Web3 MCP is a Model Context Protocol server that provides access to blockchain data through Ankr's Advanced API. It allows large language models to interact seamlessly with multiple blockchain networks such as Ethereum, BSC, Polygon, and Avalanche. With support for NFT, token, and blockchain query APIs, it enables users and AI agents to retrieve on-chain data, statistics, and analytics efficiently within an MCP context.
- ⭐ 3
- MCP
- tumf/web3-mcp
GhidrAssistMCP
Bringing Model Context Protocol server connectivity to Ghidra for AI-assisted reverse engineering.
GhidrAssistMCP is a Ghidra extension providing a Model Context Protocol (MCP) server that allows AI assistants and other tools to interact programmatically with Ghidra's reverse engineering platform. It offers a standardized API for querying program data, managing tool interactions, and enabling real-time analysis features. The extension features a configurable UI, built-in logging, and dynamic management of 31 specialized analysis tools.
- ⭐ 337
- MCP
- jtang613/GhidrAssistMCP
Didn't find tool you were looking for?