OpenCTI MCP Server
Summary
A Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.
Available Actions(16)
get_latest_reports
Retrieves the most recent threat intelligence reports. Parameters: first (optional, defaults to 10)
get_report_by_id
Retrieves a specific report by its ID. Parameters: id (required)
search_malware
Searches for malware information in the OpenCTI database. Parameters: query (string), first (optional, defaults to 10)
search_indicators
Searches for indicators of compromise. Parameters: query (string), first (optional, defaults to 10)
search_threat_actors
Searches for threat actor information. Parameters: query (string), first (optional, defaults to 10)
get_user_by_id
Retrieves user information by ID. Parameters: id (required)
list_users
Lists all users in the system. Parameters: none
list_groups
Lists all groups with their members. Parameters: first (optional, defaults to 10)
list_attack_patterns
Lists all attack patterns in the system. Parameters: first (optional, defaults to 10)
get_campaign_by_name
Retrieves campaign information by name. Parameters: name (required)
list_connectors
Lists all system connectors. Parameters: none
list_status_templates
Lists all status templates. Parameters: none
get_file_by_id
Retrieves file information by ID. Parameters: id (required)
list_files
Lists all files in the system. Parameters: none
list_marking_definitions
Lists all marking definitions. Parameters: none
list_labels
Lists all available labels. Parameters: none
社区评论
暂无评论. 成为第一个评论的人!
登录以参与讨论
