mitre-mcp
Verified Safeby Montimage
Overview
A production-ready Model Context Protocol (MCP) server that exposes the MITRE ATT&CK® framework to LLMs, AI assistants, and automation workflows.
Installation
mitre-mcp --httpEnvironment Variables
- MITRE_ENTERPRISE_URL
- MITRE_MOBILE_URL
- MITRE_ICS_URL
- MITRE_DATA_DIR
- MITRE_DOWNLOAD_TIMEOUT
- MITRE_CACHE_EXPIRY_DAYS
- MITRE_REQUIRED_SPACE_MB
- MITRE_DEFAULT_PAGE_SIZE
- MITRE_MAX_PAGE_SIZE
- MITRE_MAX_DESC_LENGTH
- MITRE_LOG_LEVEL
- MITRE_HTTP_HOST
- MITRE_HTTP_PORT
- MITRE_ENABLE_CORS
- MITRE_CORS_ORIGINS
Security Notes
The project exhibits a strong focus on security: robust input validation is implemented (regex for technique IDs, length limits, character checks, domain validation) to prevent common vulnerabilities. Automated security tools (Bandit, Safety, CodeQL) are integrated into the CI/CD pipeline for continuous scanning. Best practices, such as discouraging hardcoded API keys and using HTTPS for external requests, are documented. The HTTP server defaults to binding on `localhost:8000`, with explicit warnings against public exposure without a proper reverse proxy and authentication. CORS settings are configurable. No obvious malicious patterns like `eval` or uncontrolled code execution were found.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.
mcp-server-cortex
This server acts as a bridge, exposing Cortex threat intelligence analysis capabilities as tools consumable by Model Context Protocol (MCP) clients, such as large language models (LLMs).
mcp-servers
Provides an MCP server for Qdrant vector database integration, enabling AI agents to perform semantic search, store documents, and manage collections with advanced multi-tenant filtering capabilities.