AUTOMATION
Query Honeypot Threat Intelligence via MCP Server
Enable Claude/Cursor agents to query 90-day honeypot threat data without custom integration
Updated: 5/20/2026
Difficulty
easy
Time
5m
Use Case
Security teams querying threat intelligence to identify scanner patterns, CVE probes, and ASN classifications
Popularity
0 views
About this automation
Configure HoneyLabs MCP server to give Claude/Cursor agents direct access to honeypot threat intelligence data. Agents can answer complex security questions about IP reputation, scanning patterns, and CVE signatures without custom glue code.
How to implement
1
Obtain HoneyLabs API token
2
Run: claude mcp add honeylabs --transport http https://mcp.honeylabs.net/mcp --header 'Authorization: Bearer <hlk_...>'
3
Query agent with security questions like 'Is 80.82.77.202 a known scanner?'
4
Agent returns 90-day report with ASN, country, ports, CVE signatures, payloads, and scanner classification