Oletools Mcp Server
What is Oletools Mcp Server
oletools-mcp-server is a secure microservice designed to analyze Microsoft Office documents, particularly Excel files, for potential malicious content using static analysis techniques. It utilizes tools like oletools, XLMMacroDeobfuscator, and pefile.
Use cases
Use cases include analyzing potentially malicious Excel files in corporate environments, integrating with security systems for automated document analysis, and conducting research on malware distribution methods.
How to use
To use oletools-mcp-server, clone the repository from GitHub, install the necessary dependencies, configure the Claude Desktop application, and run the server. You can then analyze files by sending requests to the server.
Key features
Key features include analysis of VBA and XLM macros, detection of DDE links, extraction of embedded OLE objects, analysis of XLL file exports, IOC extraction, basic MIME type validation, and a configurable scoring system for risk classification.
Where to use
oletools-mcp-server can be used in cybersecurity, malware analysis, and any field that requires the examination of Microsoft Office documents for security threats.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Oletools Mcp Server
oletools-mcp-server is a secure microservice designed to analyze Microsoft Office documents, particularly Excel files, for potential malicious content using static analysis techniques. It utilizes tools like oletools, XLMMacroDeobfuscator, and pefile.
Use cases
Use cases include analyzing potentially malicious Excel files in corporate environments, integrating with security systems for automated document analysis, and conducting research on malware distribution methods.
How to use
To use oletools-mcp-server, clone the repository from GitHub, install the necessary dependencies, configure the Claude Desktop application, and run the server. You can then analyze files by sending requests to the server.
Key features
Key features include analysis of VBA and XLM macros, detection of DDE links, extraction of embedded OLE objects, analysis of XLL file exports, IOC extraction, basic MIME type validation, and a configurable scoring system for risk classification.
Where to use
oletools-mcp-server can be used in cybersecurity, malware analysis, and any field that requires the examination of Microsoft Office documents for security threats.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
OLETools Secure MCP Server
This project provides a secure microservice using FastMCP to analyze Microsoft Office documents (Excel, Word, PowerPoint) and related file types (like XLL add-ins) for potential malicious content using static analysis techniques. It leverages external tools like oletools, XLMMacroDeobfuscator, and pefile.
Features
- Analyzes VBA Macros (
olevba) - Detects XLM Macros (
XLMMacroDeobfuscator,olevba) - Checks for DDE Links (
msodde) - Extracts embedded OLE Objects (
oleobj) - Analyzes XLL file exports for suspicious functions (
pefile) - Extracts IOCs (URLs, IPs, Hashes, Emails) using
iocextract - Provides basic MIME type and file size validation (
python-magic) - Uses a configurable scoring system for basic risk classification
- Designed for integration with systems supporting the MCP protocol (like compatible versions of Claude Desktop).
Prerequisites
- Python 3.6+
- OLETools: Install via
pip install oletools - XLMMacroDeobfuscator: Install via
pip install XLMMacroDeobfuscator - python-magic: Install via
pip install python-magic-bin(Windows) - iocextract (optional): Install via
pip install iocextractfor advanced IOC extraction - Claude Desktop application
Installation
- Clone the Repository:
git clone https://github.com/pradeep895/oletools-mcp-server.git cd oletools-mcp-server - Install Dependencies:
pip install -r requirements.txt
- Download the “Claude Desktop” application go to the Developer settings and Edit the “claude_desktop_config.json” file and paste content in the configuration.json file.Restart the application.
- Run the config file:
python config.py
- Run the server:
python mcp_service.py
- Go to “Claude Desktop” application and check for the “hammer symbol” it appeared means MCP tools are available.
- type “analyze_vba_macros in <filepath\example.xlsm>” this will help you to analyze the excel file statically and gave you the findings.
analyze_vba_macros file_path:"C:\path\to\your\example.xlsm"
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
