mitre-mcp

3.2

If you are the rightful owner of mitre-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The mitre-mcp server is a Model Context Protocol (MCP) server that integrates with the MITRE ATT&CK framework, providing tools for threat intelligence and security analysis using the mitreattack-python library and the official MCP Python SDK.

The mitre-mcp server is designed to bridge the gap between the MITRE ATT&CK knowledge base and AI-driven workflows. It provides a Model Context Protocol (MCP) interface that allows Large Language Models (LLMs) and other AI systems to directly query and utilize MITRE ATT&CK data for threat intelligence, security analysis, and defensive planning. The server supports seamless access to MITRE ATT&CK data, enabling real-time threat intelligence lookups during security conversations and supporting security professionals in understanding attack techniques and appropriate mitigations. It is designed for integration with MCP-compatible clients, such as Claude, Windsurf, and Cursor, for real-time MITRE ATT&CK framework lookups in LLM workflows.

Features

Comprehensive access to MITRE ATT&CK framework data including techniques, tactics, groups, and software
Support for all MITRE ATT&CK domains: Enterprise, Mobile, and ICS
Automatic caching of MITRE ATT&CK data to improve performance
Python API for easy integration into your applications
Built-in MCP server support for LLM/AI integrations

Tools

get_techniques
All the technologies in the framework. Supports filtering by domain, including sub-technology and options for handling revoked/deprecated items
get_tactics
All tactics in the framework. Return to the tactical category of technical organizations
get_groups
Group
get_software
All software in the framework. Can be filtered by software type (malware, tools) and domain
get_techniques_by_tactic
Get techniques related to specific tactics (e.g., 'defense evasion', 'persistent')
get_techniques_used_by_group
Group')
get_mitigations
All mitigations in the framework. These are security measures used to combat specific technologies
get_techniques_mitigated_by_mitigation
Get techniques that can be mitigated by specific mitigation strategies
get_technique_by_id
For process injection)

Related MCP Servers

View all security servers →

better-auth-mcp-server

4.2

by nahmanmate

MCP Server for Authentication Management

mitre-mcp

Features

Tools

get_techniques

get_tactics

get_groups

get_software

get_techniques_by_tactic

get_techniques_used_by_group

get_mitigations

get_techniques_mitigated_by_mitigation

get_technique_by_id

Related MCP Servers

better-auth-mcp-server

gateway

ida-pro-mcp

kubectl-mcp-server

remote-auth-mcp-apim-py

code-sandbox-mcp

BloodHound-MCP-AI

mcp-maigret

WireMCP

mcp-virustotal

remote-mcp-functions-dotnet

MCP-Kali-Server

mythic_mcp

TriageMCP

jadx-mcp-plugin

aws-security-mcp

GhidraMCP

MCP_Security

pentest-mcp

nutrient-dws-mcp-server

mcp_zoomeye

vercel-mcp-server

chucknorris

mcp-dnstwist

NGCBot-MCP

C4Diagrammer

Rootly-MCP-server