attAck-mcp-server
If you are the rightful owner of attAck-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
attAck-mcp-server is an MCP server for querying ATT&CK techniques and tactics.
The attAck-mcp-server is a Model Context Protocol (MCP) server designed to facilitate the querying of ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) techniques and tactics. This server provides a structured way to access and retrieve detailed information about various attack techniques and tactics employed by adversaries. It is particularly useful for cybersecurity professionals and organizations looking to understand and mitigate potential security threats. The server supports querying techniques by ID or name, retrieving mitigations and detection methods for specific techniques, and listing all available tactics. It can be integrated with local or remote MCP clients, offering flexibility in deployment and usage. The server can be run locally using Python scripts or deployed in production environments using Docker or Uvicorn.
Features
- Query ATT&CK techniques by ID or name with support for fuzzy name search.
- Retrieve mitigations for specific ATT&CK techniques.
- Get detection methods for specific ATT&CK techniques.
- List all ATT&CK tactics.
- Supports local and remote deployment options.
Tools
query_technique
Query ATT&CK attack technology, supports fuzzy search by ID or name
query_mitigations
Query mitigation measures for specified technologies
query_detections
Query the detection method of specified technology
list_tactics
Get a list of all ATT&CK tactical categories
