VeriSIFT

VeriSIFT

Read-only MCP server for autonomous, spoliation-proof disk-image triage with self-correcting verification loop.

Category
Visit Server

README

VeriSIFT — Read-only by architecture, self-correcting by design

A purpose-built MCP server that turns Protocol SIFT into an autonomous, spoliation-proof, self-correcting disk-image triage agent for the SANS Find Evil! hackathon.

Architectural pattern: Custom MCP Server (#2) + Persistent Learning Loop (#7). Guardrails are enforced by construction, not by prompt.

Why this design wins on the rubric

Judging criterion How VeriSIFT addresses it
Autonomous Execution (tiebreaker) Verification loop re-runs and tightens parameters without human input (verify.py).
IR Accuracy Multi-artifact corroboration drops unsupported claims and labels single-source ones as inferences.
Breadth & Depth Deep on one data type (disk image), with cross-artifact correlation (MFT × prefetch × amcache × evtx).
Constraint Implementation No shell tool exists. Evidence opened O_RDONLY, fails closed if writable (evidence.py).
Audit Trail Every tool call → one JSONL record with run_id, seq, timestamp, duration (audit.py).
Usability Single pip install, four typed tools, documented parser wiring points.

Architecture

        ┌────────────┐   typed tool calls    ┌────────────────────┐
        │  Agent     │ ───────────────────►  │  VeriSIFT MCP      │
        │ (Claude    │                       │  server.py         │
        │  Code /    │ ◄─────────────────── │  - open_evidence   │
        │  OpenClaw) │   structured JSON      │  - extract_mft_... │
        └─────┬──────┘                       │  - analyze_prefetch│
              │ findings                      │  - get_amcache     │
              ▼                               │  - parse_evtx      │
        ┌────────────┐                        └─────────┬──────────┘
        │ verify.py  │  cross-artifact                  │ read-only
        │ gate+loop  │  corroboration            ┌──────▼─────────┐
        └─────┬──────┘                           │ evidence.py    │
              │ iteration traces                 │ O_RDONLY,      │
              ▼                                   │ fail-closed    │
        ┌────────────┐                           └──────┬─────────┘
        │ audit.py   │  JSONL execution log             │
        └────────────┘                           ┌──────▼─────────┐
                                                  │ parsers.py →   │
                                                  │ TSK/PECmd/...  │
                                                  └──────┬─────────┘
                                                   read-only image
   ── trust boundary ──────────────────────────────────────────────
   ARCHITECTURAL guardrail: agent cannot reach the image except through
   typed tools; no write path exists in code. NOT a prompt instruction.

Setup (on the SIFT Workstation)

# 1. Install SIFT + Protocol SIFT first (see hackathon resources).
# 2. Clone this repo into the SIFT VM, then:
python3 -m venv .venv && source .venv/bin/activate
pip install mcp regipy python-evtx        # + analyzeMFT, TSK on PATH
# 3. Make evidence read-only (fail-closed enforcement):
chmod 0444 /cases/case01.E01
# 4. Register the server with your agent (Claude Code MCP config) and run.

Try it out (for judges)

# Point the agent at the provided starter image and ask it to triage.
# The agent will: open_evidence -> run tools -> verify -> iterate.
# Outputs:
#   /cases/out/execution_log.jsonl   (audit trail, component #8)
#   findings + iteration traces        (printed structured narrative)

What's novel (required: document novel contribution)

The hackathon lists #2 and #7 as separate patterns. VeriSIFT fuses them: the typed-tool boundary makes corroboration meaningful (every claim is mechanically checkable), and the loop makes the typed tools self-correcting. Neither half delivers both evidence-integrity and self-correction alone.

License

MIT (see LICENSE).

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured