@pipeworx/mitre-attck

Connect: https://gateway.pipeworx.io/mitre-attck/mcp · Install: one-click buttons

Tools: 7

MITRE ATT&CK MCP — adversary tactics, techniques, and procedures (TTPs). Sources the official STIX 2.1 bundles from MITRE’s GitHub. Cached 1h in-pack.

Tools

  • technique(id) — technique by ATT&CK id (e.g. T1190, T1059.001)
  • tactic(id_or_short_name) — tactic record
  • group(id) — threat group (e.g. G0007 APT28)
  • software(id) — software/malware (e.g. S0002 Mimikatz)
  • mitigation(id) — mitigation
  • search(query, type?) — substring search across the bundle
  • domains() — list loaded STIX bundles (enterprise, mobile, ics)

Data source

https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json (and mobile + ics).

Tools

  • technique — Technique by ATT&CK id.
  • tactic — Tactic by id or short name.
  • group — Threat group (e.g. G0007).
  • software — Software/malware (e.g. S0002).
  • mitigation — Mitigation.
  • search — Substring search across the bundle.
  • domains — List loaded STIX bundles.

Tools

  • domains — List loaded STIX bundles.
  • group — Threat group (e.g. G0007).
  • mitigation — Mitigation.
  • search — Substring search across the bundle.
  • software — Software/malware (e.g. S0002).
  • tactic — Tactic by id or short name.
  • technique — Technique by ATT&CK id.

Regenerated from source · build May 21, 2026