search_ioc

Pack: threatfox · Endpoint: https://gateway.pipeworx.io/threatfox/mcp

Look up a specific indicator of compromise (IP, domain, URL, hash, etc.). Returns matching IOCs with malware family, confidence, threat-type, first/last seen, tags, references.

Parameters

NameTypeRequiredDescription
indicatorstringyesIP / domain / URL / hash to look up
exact_matchbooleannoRequire exact match (default true)

Example call

curl -X POST https://gateway.pipeworx.io/threatfox/mcp \
  -H 'Content-Type: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"search_ioc","arguments":{}}}'

Connect

Add this to your MCP client config, or use one-click install buttons:

{
  "mcpServers": {
    "threatfox": {
      "url": "https://gateway.pipeworx.io/threatfox/mcp"
    }
  }
}

See Getting Started for client-specific install steps.

Regenerated from source · build May 21, 2026