Description
MCP Server Cortex is a bridge implementation that exposes Cortex threat intelligence analyzer functionalities as tools for AI models and automation scripts. Developed by Gianluca Brigandi under MIT license, it provides tools for analyzing IP addresses, domains, URLs, and email addresses using popular security services like AbuseIPDB, AbuseFinder, and VirusTotal through a Cortex instance. The server handles the complete workflow of submitting analysis jobs to Cortex, polling for completion, and returning structured reports, making it particularly valuable for security analysts who need to integrate threat intelligence capabilities into AI assistants for automated security assessments and investigations.
Installation
git clone https://github.com/gbrigandi/mcp-server-cortexClaude Desktop Configuration
Add this configuration to your Claude Desktop config file to enable this MCP server:
Config file location: ~/Library/Application Support/Claude/claude_desktop_config.json
Config file location: %APPDATA%\Claude\claude_desktop_config.json
Config file location: ~/.config/Claude/claude_desktop_config.json
{
"mcpServers": {
"cortex-threat-intelligence": {
"command": "node",
"args": [
"path/to/server.js"
]
}
}
}