Query honeypot threat intelligence in natural language to analyze attacker behavior.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "Honeypot MCP Server" yet — see the docs or source repo.
Summarize the most active attack sources, common protocols, and unusual trends in the honeypot over the last 7 days. Use bullet points.
A 7-day attack overview with top sources, protocol distribution, and trend summaries.
List the top 10 attacker IPs by attempt count in the last 30 days, and describe their common usernames, passwords, and command patterns.
A ranked list of attackers with analysis of common credentials and command behaviors.
Identify the most common weak credential pairs in the honeypot and the high-frequency commands related to downloading malicious scripts, ranked by risk.
Statistics on weak credentials and suspicious command patterns, with risk prioritization.
Query GreyNoise threat intelligence to analyze IPs, vulnerabilities, and traffic sessions.
Search MISP threat intelligence events, attributes, tags, and galaxies in natural language.
Query threat intelligence and trace incidents for faster security triage automation.
Recon username footprints across 480+ platforms with reports and scores.
Analyze PCAPs offline to extract streams, detect threats, and find leaked credentials.
Analyze networks with natural-language packet capture, scanning, and threat detection.