What is the Cybersecurity Intelligence tool?

It's an AI-powered threat intelligence tool that enables AI agents to search over 200,000 CVEs, check CISA KEV, enumerate subdomains, audit DNS/email security, and scan internet hosts from a single interface.

What key data sources does it integrate?

It unifies data from authoritative public sources including NIST NVD (CVEs), CISA KEV (exploited vulnerabilities), Censys (host scanning), crt.sh (Certificate Transparency), and DNS/WHOIS records for comprehensive intelligence.

How does it streamline vulnerability management?

It allows AI agents to instantly cross-reference NVD CVEs with CISA KEV, providing severity-sorted lists with federal patch due dates for exploited vulnerabilities, enabling rapid prioritization and patching decisions.

Can I use it to discover hidden attack surfaces?

Yes, the tool passively enumerates all SSL/TLS certificates issued to a domain via crt.sh, revealing unique subdomains and their active status, crucial for comprehensive attack surface mapping without active scanning.

Which AI agents are compatible with this tool?

It integrates as an MCP server, compatible with popular MCP clients such as Claude Desktop, Cursor, and Windsurf, enabling seamless AI-powered security assessments and threat hunting workflows.

Cybersecurity Intelligence

Name: Cybersecurity Intelligence
Author: apifyforge

byapifyforge

0•

Analytics & Monitoring

Security & Testing

Developer Tools

Provide comprehensive cybersecurity threat intelligence to AI agents by searching CVEs, checking CISA KEV, enumerating subdomains, auditing DNS/email security, and scanning internet-exposed hosts.

Cybersecurity Intelligence

byapifyforge

0•

Analytics & Monitoring

Security & Testing

Developer Tools

Provide comprehensive cybersecurity threat intelligence to AI agents by searching CVEs, checking CISA KEV, enumerating subdomains, auditing DNS/email security, and scanning internet-exposed hosts.

The Cybersecurity Intelligence MCP Server centralizes critical threat intelligence, empowering AI agents to perform security investigations efficiently. It integrates six authoritative public data sources, including NIST NVD for CVEs, CISA KEV for actively exploited vulnerabilities, Censys for host scanning, crt.sh for Certificate Transparency logs, DNS/email security records, and WHOIS/RDAP data. This tool eliminates the need for manual, multi-tab lookups, allowing AI clients like Claude Desktop or Cursor to quickly analyze domain attack surfaces, investigate CVE exposure, map subdomains, and generate risk-scored security assessments. It is designed for security engineers, penetration testers, and AI-powered workflows seeking structured threat intelligence without active scanning, streamlining complex cybersecurity inquiries into a unified interface.

Key Features

01NIST NVD CVE search for over 200,000 vulnerabilities by keyword, ID, CPE, severity, or date

02CISA KEV catalog search for actively exploited CVEs, including ransomware linkage and federal patch due dates

03Censys internet host scanning using structured search expressions to find exposed services and infrastructure

04Certificate Transparency enumeration from crt.sh to discover all SSL/TLS certificates issued to a domain

05Unified domain intelligence that orchestrates parallel DNS, WHOIS, SSL, and optional KEV/NVD checks with auto-generated risk indicators

060 GitHub stars

Use Cases

01Vulnerability management and patch prioritization by cross-referencing NVD CVEs with CISA KEV for exploited status

02Attack surface and subdomain discovery through passive Certificate Transparency log enumeration

03Phishing domain and brand protection investigation using rapid risk profiles from domain age, email security, and certificate history