MCP 服务器

OLETools Secure MCP Server

安全地设置一个 MCP 服务器，用于使用 oletools 分析 Excel 文件。 (Ānquán de shèzhì yī gè MCP fúwùqì, yòng yú shǐyòng oletools fēnxī Excel wénjiàn.) Here's a breakdown of the translation and some considerations for a more comprehensive answer: * **安全地设置 (Ānquán de shèzhì):** "Securely set up" - This emphasizes the importance of security. * **一个 MCP 服务器 (yī gè MCP fúwùqì):** "An MCP server" - MCP is kept as is, assuming it's a known acronym in the context. If it needs to be explained, we'd need more context. * **用于使用 oletools 分析 (yòng yú shǐyòng oletools fēnxī):** "For analyzing using oletools" - This clarifies the purpose of the server. * **Excel 文件 (Excel wénjiàn):** "Excel files" **To provide a more helpful answer, I need more information about what you mean by "secure MCP server." Here are some questions to consider:** * **What is MCP in this context?** Is it a specific software package, a type of server, or something else? * **What are your security concerns?** Are you worried about data breaches, malware infections, unauthorized access, or something else? * **What is your existing infrastructure?** Do you have existing servers, cloud resources, or other infrastructure that you can use? * **What is your level of technical expertise?** Are you comfortable with command-line tools, server configuration, and security best practices? Once I have this information, I can provide a more detailed and specific answer. For example, I could provide instructions on how to: * **Harden the server operating system.** * **Configure firewalls and network security.** * **Implement access controls and authentication.** * **Secure the oletools installation and usage.** * **Monitor the server for security threats.** In the meantime, here are some general security considerations for any server that handles sensitive data: * **Keep the operating system and software up to date.** * **Use strong passwords and multi-factor authentication.** * **Limit access to the server to only authorized users.** * **Regularly back up the server data.** * **Monitor the server for suspicious activity.** Please provide more details so I can give you a more helpful and complete answer.

pradeep895

研究与数据

访问服务器

README

OLETools 安全 MCP 服务器

本项目提供了一个安全微服务，使用 FastMCP 分析 Microsoft Office 文档（Excel、Word、PowerPoint）和相关文件类型（如 XLL 插件），利用静态分析技术检测潜在的恶意内容。它利用了 oletools、XLMMacroDeobfuscator 和 pefile 等外部工具。

功能

分析 VBA 宏 (olevba)
检测 XLM 宏 (XLMMacroDeobfuscator, olevba)
检查 DDE 链接 (msodde)
提取嵌入的 OLE 对象 (oleobj)
分析 XLL 文件导出，查找可疑函数 (pefile)
使用 iocextract 提取 IOC（URL、IP、哈希、电子邮件）
提供基本的 MIME 类型和文件大小验证 (python-magic)
使用可配置的评分系统进行基本风险分类
专为与支持 MCP 协议的系统集成而设计（如兼容版本的 Claude Desktop）。

前提条件

Python 3.6+
OLETools: 通过 pip install oletools 安装
XLMMacroDeobfuscator: 通过 pip install XLMMacroDeobfuscator 安装
python-magic: 通过 pip install python-magic-bin (Windows) 安装
iocextract (可选): 通过 pip install iocextract 安装，以进行高级 IOC 提取
Claude Desktop 应用程序

安装

克隆存储库:

git clone https://github.com/pradeep895/oletools-mcp-server.git
cd oletools-mcp-server

安装依赖项:
```
pip install -r requirements.txt
```
下载 "Claude Desktop" 应用程序，转到开发者设置，编辑 "claude_desktop_config.json" 文件，并将内容粘贴到 configuration.json 文件中。重启应用程序。
运行配置文件:
```
python config.py
```
运行服务器:
```
python mcp_service.py
```
转到 "Claude Desktop" 应用程序，检查是否出现 "锤子符号"，出现则表示 MCP 工具可用。
输入 "analyze_vba_macros in <filepath\example.xlsm>"，这将帮助您静态分析 Excel 文件并提供结果。
```
analyze_vba_macros file_path:"C:\path\to\your\example.xlsm"
```

推荐服务器

Crypto Price & Market Analysis MCP Server

一个模型上下文协议 (MCP) 服务器，它使用 CoinCap API 提供全面的加密货币分析。该服务器通过一个易于使用的界面提供实时价格数据、市场分析和历史趋势。 (Alternative, slightly more formal and technical translation): 一个模型上下文协议 (MCP) 服务器，利用 CoinCap API 提供全面的加密货币分析服务。该服务器通过用户友好的界面，提供实时价格数据、市场分析以及历史趋势数据。

精选

TypeScript