MalwareBazaar
live Securityabuse.ch malware sample metadata — search by hash, tag, family, or signature.
5 tools
0ms auth
free tier 50 calls/day
Tools
get_sample_info
required: hash Sample metadata by hash.
Parameters
Name Type Description
hash req string md5/sha1/sha256 Try it
Response
search_tag
required: tag Samples tagged with a string.
Parameters
Name Type Description
tag req string Tag limit opt number Max results Try it
Response
search_family
required: family Samples by malware family.
Parameters
Name Type Description
family req string Family name limit opt number Max results Try it
Response
search_signature
required: signature Samples matching a YARA signature.
Parameters
Name Type Description
signature req string Signature name limit opt number Max results Try it
Response
recent_samples Most recent samples.
Parameters
Name Type Description
selector opt string time | 100 Try it
Response
Test with curl
The gateway speaks JSON-RPC 2.0 over HTTP POST. You can test any pack directly from the terminal.
List available tools
bash
curl -X POST https://gateway.pipeworx.io/malwarebazaar/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'Call a tool
bash
curl -X POST https://gateway.pipeworx.io/malwarebazaar/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"get_sample_info","arguments":{"hash": "example"}}}'Use with the SDK
Install @pipeworx/sdk to call tools from any TypeScript/Node project.
TypeScript
import { Pipeworx } from '@pipeworx/sdk';
const px = new Pipeworx();
const result = await px.call("get_sample_info", {"hash":"example"}); ask_pipeworx
// Or ask in plain English:
const answer = await px.ask("abuse");