MCP HubMCP Hub
MCP·85CCFF
S

opencti-mcp

By Spathodea-Network·Visit Source
MCP server for OpenCTI threat intelligence integration
Security/Vulnerability
API/GraphQL
April 18, 2025
1 month ago
4 Clicks
About opencti-mcp

MCP server for OpenCTI threat intelligence integration. opencti-mcp is a Model Context Protocol (MCP) server maintained by Spathodea-Network. It connects to MCP-compatible clients such as Claude Desktop, Cursor, Cline, and other agents that speak the protocol. It exposes 16 tools, including get_latest_reports, get_report_by_id, search_malware, search_indicators, search_threat_actors, get_user_by_id, list_users and list_groups, that an agent can call directly. It is categorized under Security/Vulnerability and API/GraphQL.

What is this MCP

OpenCTI MCP Server is a Model Context Protocol server that provides standardized access to OpenCTI's cyber threat intelligence platform, enabling querying and retrieval of security data through a unified interface.

How to use this MCP

Install via Smithery or manually with Node.js, configure environment variables with OpenCTI credentials, and interact with the server using GraphQL queries for threat intelligence operations.

What this MCP can be used for

The server enables threat intelligence workflows including malware analysis, IOC monitoring, threat actor research, and security report generation through programmatic access to OpenCTI data.

Repository Info
Stars:
38
Forks:
16
Watchers:
38
Last Updated: 2 months ago

AIMCP authority

DR and traffic signal for the AIMCP public domain.

FAQ

Frequently asked questions

What is the opencti-mcp MCP server?

opencti-mcp is a Model Context Protocol server from Spathodea-Network. It lets MCP-compatible AI clients call its tools over a standard interface, so agents like Claude, Cursor, and Cline can use it without custom integration.

How do I connect opencti-mcp to my AI client?

Add opencti-mcp to your client's MCP configuration using the stdio or SSE connection shown in the usage examples on this page, then restart the client to load the server.

What tools does opencti-mcp provide?

opencti-mcp provides 16 tools: get_latest_reports, get_report_by_id, search_malware, search_indicators, search_threat_actors, get_user_by_id, list_users, list_groups, list_attack_patterns, get_campaign_by_name, list_connectors and list_status_templates.

Is opencti-mcp free to use?

opencti-mcp is listed on AIMCP for free. Any API keys or accounts required by the underlying service are set by its provider.

Sponsored

Vernclaw Plugins for OpenClaw

Ready-to-use connectors for SEO data, social reading & content generation. Pay-as-you-go credits with audit logs.

Learn MoreBrowse Connectors