axur-mcp

axur-mcp

MCP server for the Axur cybersecurity platform, providing read-only access to ticket data for searching, inspecting, and analyzing security incidents.

Category
Visit Server

README

Axur MCP Server

A Model Context Protocol (MCP) server for the Axur cybersecurity platform. Provides read-only access to ticket data, enabling AI assistants to search, inspect, and analyze security incidents.

Features

  • Ticket Search & Retrieval — filter, paginate, and fetch tickets by key
  • Ticket Details — field values, comments, snapshots, attachments, lifecycle state, takedown options
  • Ticket Statistics — counts by status, incidents by threat type, takedown/treatment metrics, uptime analysis, global and market-segment benchmarks

Tools

tickets

Search and retrieve tickets.

Action Description
list Search/filter tickets with pagination and sorting
get Get a single ticket by key
bulk_get Get multiple tickets by comma-separated keys
history Get ticket change history
types List all supported ticket types

ticket_details

Get detailed information for a specific ticket.

Action Description
fields Ticket field values (status, type, domain, IP, etc.)
texts Comments, descriptions, evidence messages
snapshots Detection snapshots (domain info, ISP, content, digital location)
attachments List attachments for a detection
lifecycle Available state transitions
takedown Takedown options and eligibility
timeline Full ticket timeline

ticket_stats

Retrieve ticket statistics and metrics.

Action Description
count_by_status Ticket count by status (requires from, to, status)
incident_by_type Incidents grouped by threat type
takedown_metrics Takedown success rate, median time to notification
internal_treatment Internal treatment success rate and metrics
takedown_uptime Resolution uptime distribution (buckets: <1d, 2d, 5d, etc.)
treatment_uptime Treatment uptime distribution
global_median Median incidents across all Axur customers (13-month trend)
global_mean Mean incidents across all Axur customers
segment_median Median incidents for your market segment
segment_mean Mean incidents for your market segment

Setup

Prerequisites

Install

git clone https://github.com/Just5ky/axur-mcp.git
cd axur-mcp
npm install
npm run build

Configure

cp .env.example .env
# Edit .env and add your Axur API token

Usage with Claude Desktop

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "axur": {
      "command": "node",
      "args": ["/path/to/axur-mcp/dist/index.js"],
      "env": {
        "AXUR_API_TOKEN": "your_token_here"
      }
    }
  }
}

Usage with other MCP clients

# Run directly
AXUR_API_TOKEN=your_token node dist/index.js

Example Queries

Once connected to an AI assistant:

  • "Show me all open phishing tickets from this month"
  • "Get details for ticket h7dw97"
  • "What are the takedown metrics for the last 30 days?"
  • "How do our incident numbers compare to the market segment median?"
  • "List all ticket types supported by the platform"

API Coverage

This server covers the read-only Axur Platform ticket APIs:

  • tickets-api — ticket search, retrieval, stats
  • tickets-core — field values, ticket types
  • tickets-texts — textual data (comments, evidence)
  • tickets-snapshots — detection snapshots
  • tickets-attachments — attachment listing
  • tickets-lifecycle — lifecycle state inspection
  • tickets-takedown — takedown status inspection
  • tickets-timeline — timeline history

Rate Limits

The Axur API enforces a rate limit of 60 requests per minute on stats endpoints. The server surfaces 429 errors directly — plan queries accordingly.

License

MIT

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured