Contrastapi

@UPinar

Visit Server

a month ago

# security

# osint

# cve

# mcp

# threat-intelligence

# domain-recon

MCP server with 53 security intelligence tools — CVE/KEV, MITRE ATLAS+D3FEND, Sigma detection rules, email security posture (SPF/DMARC), domain & web intel, threat intel.

Overview Tools Comments

Overview

ContrastAPI — 53 Security Tools + 7 MCP Resources for AI Agents

👁 License: MIT

Security intelligence MCP server for AI agents. CVE/KEV/CWE lookup with EPSS, composite risk scoring (CVSS+EPSS+KEV+PoC fusion — v1.29.1), CVSS v3.x vector parser (v1.29.1), domain audit, IP threat reports, IOC enrichment, code security, MITRE ATLAS (AI/ML attacks) + D3FEND (defenses), web intelligence (robots.txt, redirect-chain, email validation, brand-assets, SEO audit — v1.25.0). 53 tools + 7 Resources (ATLAS+D3FEND+CWE catalog browsing) + conditional triage Prompt, free, no API key, 30 credits/hour.

Live: api.contrastcyber.com

Setup (MCP)

{
 "mcpServers": {
 "contrastapi": {
 "command": "npx",
 "args": ["-y", "mcp-remote", "https://api.contrastcyber.com/mcp/"]
 }
 }
}

Restart your agent. Other clients (Python SDK, Node SDK, cURL, VS Code): mcp-setup · quickstart

SDKs

pip install contrastapi # Python 3.10+ — sync + async, typed responses, shortcut helpers
npm install contrastapi # Node 14+ — concrete TypeScript types, 14 namespaces

Both SDKs cover all 60+ HTTP endpoints / 53 MCP tools (CVE/KEV/CWE, ATLAS, D3FEND, Sigma rules, email security posture, domain, IP, IOC, code-security, web-intel, etc.) with the same wire-exact response shapes and a typed exception hierarchy mirroring the v1.22.2+ error envelope. v1.23.0 adds MCP Resources (ATLAS+D3FEND+CWE catalog browsing — see docs/resources.md) and a conditional triage Prompt (see docs/PROMPTS.md#contrast-triage-v1230). v1.25.0 adds 5 web-intelligence tools (robots_txt, redirect_chain, email_verify, brand_assets, seo_audit) with explicit ethical-floor guardrails (per-target eTLD+1 throttle, robots.txt respected, no SMTP probing).

Try it

curl 'https://api.contrastcyber.com/v1/cves?product=openssl&kev=true' # cve_search — CVEs by product, KEV-only filter
curl https://api.contrastcyber.com/v1/domain/example.com # domain_report — DNS+WHOIS+SSL+subdomains+intel, one call
curl https://api.contrastcyber.com/v1/cve/CVE-2021-44228 # cve_lookup — full record (CVSS+EPSS+KEV+CWE)
curl https://api.contrastcyber.com/v1/exploit/CVE-2021-44228 # exploit_lookup — public PoC / exploit availability
curl https://api.contrastcyber.com/v1/ip/1.1.1.1 # ip_lookup — reputation, geo, ASN, threat intel

Or ask your agent:

"Search for KEV-listed OpenSSL CVEs, then pull the full record for the highest-EPSS one."
"Run a full domain report for example.com — DNS, WHOIS, SSL, subdomains, and threat intel in one call."
"Does CVE-2021-44228 have a public exploit or PoC available?"
"What's the reputation, country, and ASN for 1.1.1.1 — is it flagged in any threat feed?"

Links

Endpoints: docs/ENDPOINTS.md · OpenAPI: openapi.json · Playground: /playground

MIT

Try in Playground

Server Config

{
 "mcpServers": {
 "contrastapi": {
 "command": "npx",
 "args": [
 "-y",
 "mcp-remote",
 "https://api.contrastcyber.com/mcp/"
 ]
 }
 }
}

Build with ShipAny.

URL: https://mcp.so/server/contrastapi/UPinar