Mcp Threatintel

Mcp Threatintel is an MCP server exposing a suite of unified threat intelligence tools designed to support security analysts, incident response teams, and cybersecurity researchers. It allows AI assistants and compatible clients (like Claude and Cursor) to perform multi-source lookups for IPs, domains, file hashes, and URLs, aggregating results from AlienVault OTX, AbuseIPDB, GreyNoise, and multiple abuse.ch projects (URLhaus, MalwareBazaar, ThreatFox, Feodo Tracker). Integration with these sources enables enriched investigations, rapid context gathering, and streamlined threat analysis workflows through a single AI-friendly interface.