Skip to main content
ClaudeWave
Official MCP RegistryHosted servergateway.pipeworx.io
ThreatFox logo

ThreatFox

ThreatFox abuse.ch indicator-of-compromise feed for querying malware IOCs, threat actors, and malicious infrastructure via Pipeworx.

Connect to Claude Code
Copy
claude mcp add --transport http threatfox https://gateway.pipeworx.io/threatfox/mcp
Vendor-hosted remote server: nothing to install locally. If it uses OAuth, Claude opens the vendor login on first use.
Endpoints
  • https://gateway.pipeworx.io/threatfox/mcpstreamable-http

Published in the official MCP registry as “ThreatFox”. Verified through the vendor namespace.

Browse all official hosted MCP servers