ThreatByte-MCP
JSON →ThreatByte-MCP is a deliberately vulnerable, MCP-based case management web app. It mirrors a realistic SOC analyst workflow with a server-rendered UI and a real MCP server. The MCP tools are intentionally vulnerable for training and demonstration.
Install
pip install -r Tools · 22
- cases.create Create a new case
- cases.list List cases
- cases.list_all List all cases
- cases.get Get a specific case
- cases.rename Rename a case
- cases.set_status Set case status
- cases.delete Delete a case
- notes.create Create a note
- notes.list List notes
- notes.update Update a note
- notes.delete Delete a note
- files.upload Upload a file (base64)
- files.list List files
- files.get Get a file (base64)
- files.read_path Read file from path
- indicators.search Search indicators
- agent.summarize_case Summarize a case
- agent.run_task Run an agent task
- tools.registry.list List tools in registry
- tools.builtin.list List built-in tools
- tools.registry.register Register a tool in registry
- tools.registry.delete Delete a tool from registry
Environment variables
TBMCP_MCP_SERVER_TOKENTBMCP_MCP_USER_IDOPENAI_API_KEYTBMCP_OPENAI_API_KEYTBMCP_MCP_SERVER_URL
Links
★ 3 GitHub stars