A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.
No reviews yet. Be the first to review!
Sign in to join the conversation
Retrieves the most recent threat intelligence reports. Parameters: first (optional integer, defaults to 10)
Retrieves a specific report by its ID. Parameters: id (required string)
Searches for malware information in the OpenCTI database. Parameters: query (string), first (optional integer, defaults to 10)
Searches for indicators of compromise. Parameters: query (string), first (optional integer, defaults to 10)
Searches for threat actor information. Parameters: query (string), first (optional integer, defaults to 10)
Retrieves user information by ID. Parameters: id (required string)
Lists all users in the system. Parameters: None
Lists all groups with their members. Parameters: first (optional integer, defaults to 10)
Lists all attack patterns in the system. Parameters: first (optional integer, defaults to 10)
Retrieves campaign information by name. Parameters: name (required string)
Lists all system connectors. Parameters: None
Lists all status templates. Parameters: None
Retrieves file information by ID. Parameters: id (required string)
Lists all files in the system. Parameters: None
Lists all marking definitions. Parameters: None
Lists all available labels. Parameters: None
