mitre-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mitre-mcpmap these alerts to ATT&CK techniques"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mitre-mcp is an MCP server for the MITRE ATT&CK knowledge base. It exists because asking an LLM about adversary techniques from memory gives you stale, hallucinated technique IDs, while a SOC analyst needs the real, versioned ATT&CK data and the alerts in front of them. Unlike a plain ATT&CK lookup tool, mitre-mcp ships ATT&CK querying and live SOC integration (Wazuh, TheHive, Cortex, MISP) in the same server, so an agent can map a real alert to a technique and correlate it across your stack without leaving the chat.
What it does
mitre-mcp gives an AI client structured, offline-capable access to MITRE ATT&CK: techniques, tactics, threat groups, software, mitigations, data sources, and campaigns, sourced from the official MITRE STIX 2.1 bundles and cached locally. On top of that knowledge base it adds threat-modeling and SOC workflow tools: it maps security alerts to likely ATT&CK techniques, analyzes detection coverage against your available data sources, profiles campaigns and attributes them to groups, and exports ATT&CK Navigator layer JSON for heatmaps and group overlays.
It also connects to a running SOC stack. Optional integrations for Wazuh, TheHive, Cortex, and MISP let an agent map live Wazuh alerts to techniques, enrich and open TheHive cases with ATT&CK context, map Cortex analyzers to data sources, pull ATT&CK out of MISP galaxies, and cross-correlate one set of techniques across all of them at once. SOC integrations are entirely optional: with no credentials configured, mitre-mcp is a pure read-only ATT&CK server. Keywords for the curious: MITRE ATT&CK, MCP server, threat intelligence, threat modeling, detection coverage, ATT&CK Navigator, Wazuh, TheHive, Cortex, MISP, STIX 2.1, SOC.
Related MCP server: mcp-osint-server
Quickstart
mitre-mcp is published on npm and runs with no install via npx. The fastest path is to register it with your MCP client.
Claude Code
claude mcp add mitre-attack --env MITRE_MATRICES=enterprise -- npx -y mitre-mcpAdd --scope user to make it available from any directory. Add --env flags for any SOC integrations you want to enable.
Claude Desktop
Add this to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows). This is the minimal, ATT&CK-only configuration:
{
"mcpServers": {
"mitre-attack": {
"command": "npx",
"args": ["-y", "mitre-mcp"],
"env": {
"MITRE_MATRICES": "enterprise"
}
}
}
}To enable the optional SOC integrations, add the relevant environment variables. Example hosts below use the RFC 5737 documentation address 192.0.2.10; replace them with your own:
{
"mcpServers": {
"mitre-attack": {
"command": "npx",
"args": ["-y", "mitre-mcp"],
"env": {
"MITRE_MATRICES": "enterprise",
"WAZUH_URL": "https://192.0.2.10:55000",
"WAZUH_USERNAME": "wazuh-wui",
"WAZUH_PASSWORD": "your-password",
"THEHIVE_URL": "http://192.0.2.10:9000",
"THEHIVE_API_KEY": "your-api-key",
"CORTEX_URL": "http://192.0.2.10:9001",
"CORTEX_API_KEY": "your-api-key",
"MISP_URL": "https://192.0.2.10",
"MISP_API_KEY": "your-api-key"
}
}
}
}The first run downloads the ATT&CK STIX bundles and caches them under ~/.mitre-mcp/data; subsequent runs are offline until the next refresh.
From source
git clone https://github.com/lidless-labs/mitre-mcp.git
cd mitre-mcp
npm install
npm run build
npm test # optional: run the test suiteOther clients (OpenClaw, Hermes, Codex CLI) are covered under Other MCP clients.
Tools
mitre-mcp registers 39 tools, 3 resources, and 4 prompts. The 19 core ATT&CK tools work with no configuration; the 18 SOC tools require the matching integration to be configured (the 2 cross-stack tools degrade gracefully to whatever is connected).
Core ATT&CK tools (19)
Tool | Description |
| Get full details of a technique by ID (T1059, T1059.001) |
| Search techniques by keyword, tactic, platform, data source |
| List all tactics in kill-chain order |
| Get tactic details with all associated techniques |
| Get group details including techniques and software used |
| Search groups by keyword or technique usage |
| List all known threat groups |
| Get software details with techniques and associated groups |
| Search software by name, technique, or type (malware/tool) |
| Get mitigation details with addressed techniques |
| Get all mitigations for a specific technique |
| Search mitigations by keyword |
| Get data source details with detectable techniques |
| Analyze detection coverage based on available data sources |
| Map security alerts to likely ATT&CK techniques |
| Find technique overlap between groups for attribution |
| Generate possible attack paths through the kill chain |
| Force update of the local ATT&CK data cache |
| Get current data version and object counts |
Campaign tools (4)
Tool | Description |
| Build a technique profile with group/software/campaign matching |
| Get campaign details with techniques, software, and groups |
| List all known ATT&CK campaigns |
| Search campaigns by keyword or technique |
Navigator layer export (1)
Tool | Description |
| Generate ATT&CK Navigator JSON layers (coverage, group, campaign, diff) |
Wazuh integration (4)
Tool | Description |
| Wazuh manager status, agents, and rule stats |
| Map Wazuh alerts to ATT&CK techniques by rule ID/description/groups |
| Analyze Wazuh rules mapped to ATT&CK techniques |
| Fetch recent alerts enriched with ATT&CK context |
TheHive integration (3)
Tool | Description |
| Enrich a TheHive case with ATT&CK techniques and mitigations |
| Create a case pre-populated with ATT&CK context (write-gated) |
| List cases with ATT&CK technique filtering |
Cortex integration (2)
Tool | Description |
| Map Cortex analyzers to ATT&CK data sources |
| Run analyzers on observables with ATT&CK context (write-gated) |
MISP integration (4)
Tool | Description |
| Map MISP event attributes/galaxies to ATT&CK |
| Search MISP IOCs by technique or group |
| Create events pre-tagged with ATT&CK techniques (write-gated) |
| List events with ATT&CK enrichment |
Cross-stack correlation (2)
Tool | Description |
| Connection status for all SOC integrations |
| Search for techniques across Wazuh, TheHive, and MISP simultaneously |
Resources
URI | Description |
| Full Enterprise ATT&CK matrix (tactics x techniques) |
| Current data version and statistics |
| All tactics in kill-chain order |
Prompts
Prompt | Description |
| Map incident observables to ATT&CK techniques |
| Generate a threat hunting plan |
| Perform detection gap analysis |
| Assist with threat attribution |
Configuration
Core settings
Variable | Default | Description |
|
| Local cache directory for STIX bundles |
|
| Comma-separated matrices: |
|
| Auto-update check interval in seconds (default 24h) |
SOC integration (all optional)
Variable | Description |
| Wazuh API URL (e.g. |
| Wazuh API username (default: |
| Wazuh API password |
| Verify SSL certs (default: |
| TheHive URL (e.g. |
| TheHive API key |
| Cortex URL (e.g. |
| Cortex API key |
| MISP URL (e.g. |
| MISP API key (authkey) |
| Verify SSL certs (default: |
| Globally pre-authorize state-changing SOC tools (default: off). When unset, write tools run in dry-run mode unless the call passes |
SOC write safety
State-changing SOC tools (mitre_misp_create_event, mitre_thehive_create_case, and mitre_cortex_run_analyzers) default to a dry run: they return the action they would perform without touching the SOC platform. To actually execute, either:
pass
confirm: truein the individual tool call, orset
MITRE_SOC_ALLOW_WRITES=trueto pre-authorize all SOC writes for the session.
mitre_cortex_run_analyzers is the highest-impact tool (it submits live analyzer jobs, including sandbox detonation, against the supplied observable), so confirm it deliberately. mitre_thehive_enrich keeps its existing addTags flag (default false, read-only analysis) as its write guard.
When SSL verification is disabled (*_VERIFY_SSL=false), the relaxed TLS policy is scoped to each individual request and never disables certificate validation globally, so concurrent requests to other hosts remain protected. IDs supplied to SOC tools (event IDs, case IDs, agent IDs, data types) are validated against a strict allow-list and URL-encoded before being placed in API request paths.
CLI
The same package ships a read-only search tool, attack, for shells, cron, and CI. It shares the local ATT&CK data core with the MCP server, so what the agent can look up, you can look up from a terminal. It exposes only read/lookup operations; data refresh and SOC correlation stay in the MCP server.
npx mitre-mcp@latest stats
# or, installed globally:
attack technique T1059 # one technique by ATT&CK id
attack group APT29 # threat actor by id or name
attack tactics # list all tactics
attack search "powershell" # search techniques (--type group|software|mitigation|campaign)
attack mitigations-for T1059 # mitigations mapped to a technique
attack software Cobalt Strike
attack stats # ATT&CK data counts + version
attack technique T1059 --json # raw JSON for pipingRun attack help for the full command list. --json emits raw JSON instead of the concise summary. Exit codes: 0 success, 1 runtime error (data not loaded, or a lookup found nothing), 2 usage error (unknown command/flag or missing argument).
Starting the MCP server
attack mcp (or the back-compat mitre-mcp bin) starts the stdio MCP server. If a launcher referenced the file path dist/index.js directly, point it at dist/mcp-bin.js (or dist/cli.js mcp); launchers that use the mitre-mcp bin name need no change.
Examples
Ask your agent in natural language; it picks the tool. A few that work out of the box:
Look up T1059.001 and list the mitigations for it.Generate an ATT&CK Navigator coverage layer for the data sources
Process, Network Traffic, and File so I can see my detection gaps.Compare APT28 (G0007) and APT29 (G0016) as a Navigator diff layer.With a SOC stack connected:
Map Wazuh rule 5710 with groups ["sshd", "authentication_failed"]
to ATT&CK techniques, then cross-correlate those techniques across
Wazuh, TheHive, and MISP.Other MCP clients
OpenClaw
With the global npm install:
openclaw mcp set mitre-attack '{
"command": "npx",
"args": ["-y", "mitre-mcp"],
"env": { "MITRE_MATRICES": "enterprise" }
}'Or from a source checkout, point at the built dist/index.js:
openclaw mcp set mitre-attack '{
"command": "node",
"args": ["/absolute/path/to/mitre-mcp/dist/index.js"],
"env": { "MITRE_MATRICES": "enterprise" }
}'Then restart the gateway so the server is picked up:
systemctl --user restart openclaw-gateway
openclaw mcp list # confirm "mitre-attack" is registeredHermes Agent
Hermes Agent reads MCP config from ~/.hermes/config.yaml under the mcp_servers key:
mcp_servers:
mitre-attack:
command: "npx"
args: ["-y", "mitre-mcp"]
env:
MITRE_MATRICES: "enterprise"Then reload MCP from inside a Hermes session with /reload-mcp.
Codex CLI
Codex CLI registers MCP servers via codex mcp add:
codex mcp add mitre-attack --env MITRE_MATRICES=enterprise -- npx -y mitre-mcpCodex writes the entry to ~/.codex/config.toml under [mcp_servers.mitre-attack]. Verify with codex mcp list.
Prerequisites
Node.js 20 or later
Internet access for the initial ATT&CK data download (cached locally after the first run)
(Optional) Wazuh, TheHive, Cortex, and/or MISP instances for SOC integration
Project structure
mitre-mcp/
src/
index.ts # MCP server entry point
config.ts # Environment config (core + SOC)
types.ts # STIX/ATT&CK type definitions
resources.ts # MCP resources
prompts.ts # MCP prompts
data/ # STIX downloader, parser, and indexed store
tools/ # Core ATT&CK tool registrations
soc/ # Wazuh, TheHive, Cortex, MISP clients + correlation
tests/ # Parser, query, mapping, and SOC security testsData sources
ATT&CK data is sourced from the official MITRE STIX 2.1 bundles:
Enterprise ATT&CK: Windows, Linux, macOS, Cloud, Network, Containers
Mobile ATT&CK: Android and iOS
ICS ATT&CK: Industrial control systems
Data is downloaded on first run and cached locally. Set MITRE_UPDATE_INTERVAL to control how often the server checks for updates.
Why not something else?
A plain "ask the LLM about ATT&CK" prompt gives you confident, made-up technique IDs and last year's data. mitre-mcp serves the real, versioned STIX bundles MITRE publishes, cached locally and refreshable, so the technique IDs and relationships are correct.
A generic ATT&CK API wrapper or the official
mitreattack-pythonlibrary is a great data layer, but it stops at the data. mitre-mcp speaks MCP so any agent can call it, and it carries the analysis tools (alert mapping, coverage analysis, Navigator export, attribution) and the SOC integrations on top.Per-tool SOC plugins (a Wazuh MCP here, a MISP MCP there) leave you wiring four servers and four mental models. mitre-mcp puts Wazuh, TheHive, Cortex, and MISP behind one ATT&CK-centric server with one correlation tool that spans all of them.
A hosted threat-intel SaaS sends your alerts to someone else's cloud. mitre-mcp runs on your machine, talks only to the SOC hosts you configure, and ships nothing to a third party.
What mitre-mcp is not
It is not a SIEM or a replacement for Wazuh, TheHive, Cortex, or MISP. It reads from and writes to them through their APIs; it does not store or index your events.
It is not an autonomous responder. State-changing SOC tools dry-run by default and require explicit
confirm: trueorMITRE_SOC_ALLOW_WRITES=truebefore they touch a platform.It is not a hosted service or a daemon. It is a stdio MCP server your client launches on demand.
It does not maintain the ATT&CK data itself. The knowledge base is MITRE's; mitre-mcp downloads, parses, caches, and serves it.
It is not a curated CTI feed. It serves what MITRE publishes plus what your own SOC platforms contain.
Contributing
Issues and pull requests are welcome. See CONTRIBUTING.md for the contribution path and SECURITY.md to report a vulnerability privately. By participating you agree to the Code of Conduct.
License
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/lidless-labs/mitre-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server