A powerful MCP server built with NitroStack
Add via Cursor Settings UI (Settings > Features > MCP > Add New MCP Server):
{
"mcpServers": {
// your other mcp servers
"forensics-server": {
"url": "https://forensics-6a5ab163-nexora-amrita-university-amritapuri-campus.app.nitrocloud.ai/mcp"
}
}
}
Connect remote tools directly via Claude's Web UI:
Configure custom tools directly via ChatGPT's Web UI:
Add the following configuration block under mcpServers in your Antigravity configuration file (~/.gemini/config/mcp_config.json):
{
"mcpServers": {
// your other mcp servers
"forensics-server": {
"serverUrl": "https://forensics-6a5ab163-nexora-amrita-university-amritapuri-campus.app.nitrocloud.ai/mcp"
}
}
}
Add the following configuration block to your Codex configuration file (~/.codex/config.toml):
[mcp_servers.forensics-server] url = "https://forensics-6a5ab163-nexora-amrita-university-amritapuri-campus.app.nitrocloud.ai/mcp"
Connect directly using the Server-Sent Events endpoint:
https://forensics-6a5ab163-nexora-amrita-university-amritapuri-campus.app.nitrocloud.ai/mcp
Extract metadata from a file using exiftool, compute SHA256 hash, and check for MIME type mismatch
Extract readable strings from a file and scan for suspicious patterns (IPs, URLs, keywords)
Run objdump -h for section headers (name, size, VMA) and objdump -d --no-show-raw-insn for disassembly (first 200 lines) on a binary file
Check file hash reputation against threat intelligence databases
Get OS and memory-image metadata from a Windows memory dump via Docker forensic-vol (windows.info). Call first when analyzing a dump.
List processes from a Windows memory dump via Docker forensic-vol (windows.pslist: PID, PPID, name, etc.).
Extract process command lines from a Windows memory dump via Docker forensic-vol (windows.cmdline).
List registry hives in a Windows memory dump via Docker forensic-vol (windows.registry.hivelist).