Search everything...

Stats

Actions

Available In

tinybrain

Name: tinybrain
Author: rainmana

By rainmana

Security-focused persistent memory for AI assistants: a SQLite-backed MCP server plus skills that teach Claude how to capture findings, build a knowledge graph of an engagement, and recall it across sessions. For authorized security work — code review, CTFs, threat modeling, and intelligence analysis.

npx claudepluginhub rainmana/tinybrain --plugin tinybrain

Popularity

Stars

Above avg

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Skills4

tinybrain-code-review

/tinybrain-code-review

Run a security-focused code review while recording findings in TinyBrain so they form a navigable, deduplicated, standards-mapped knowledge base instead of a one-off report. Use this skill when the TinyBrain MCP tools are available AND you are reviewing code for security issues, doing a secure code audit, triaging a vulnerability in a codebase, or the user asks you to "review this for security", "audit this code", "find vulnerabilities in", or map findings to CWE/CVE/OWASP. Builds on the using-tinybrain skill.

tinybrain-ctf

/tinybrain-ctf

Work a CTF challenge or other authorized security-learning exercise while tracking reconnaissance, hypotheses, payloads, and the path to the flag in TinyBrain — so you never lose a working payload, repeat a dead end, or forget what you already enumerated. Use this skill when the TinyBrain MCP tools are available AND you are solving a CTF, working a practice/retired box (HTB, picoCTF, a crackme, a deliberately-vulnerable app like Juice Shop or DVWA), or the user says "let's do this CTF", "solve this challenge", "capture the flag", or "work this box". Builds on the using-tinybrain skill.

tinybrain-threat-intel

/tinybrain-threat-intel

Collect, structure, and correlate threat intelligence in TinyBrain — indicators, threat actors, campaigns, and TTPs — mapped to MITRE ATT&CK so the picture builds across sources and sessions instead of living in scattered notes. Use this skill when the TinyBrain MCP tools are available AND you are doing intelligence analysis, threat modeling, OSINT collection, IOC tracking, actor/campaign profiling, or the user mentions threat intel, MITRE ATT&CK mapping, IOCs, "track this threat actor", or "model the threats against". Builds on the using-tinybrain skill.

using-tinybrain

/using-tinybrain

Use TinyBrain (the security-focused memory MCP server) to capture findings, build a knowledge graph of an engagement, and recall it across sessions. Invoke this skill whenever the TinyBrain MCP tools are available AND you are doing multi-step security work — code review, vulnerability analysis, CTFs, threat modeling, intelligence analysis, malware/binary analysis, or any task where findings accumulate and you'll want them later. Also use it whenever the user mentions TinyBrain, "store this finding", "remember this for the assessment", "what did we find", or asks you to track an investigation. Reach for it proactively — the whole point of TinyBrain is that you record as you go rather than scrambling to reconstruct context at the end.

MCP Servers1

tinybrain

Stats

Version3.0.1

ReleasedJun 12, 2026

LanguageGo

Stars3

Forks1

MaintenanceExcellent

LicenseMIT

Last CommitJun 12, 2026

AddedJun 12, 2026

Actions

View on GitHub View README Plugin Marketplace JSON Homepage

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

tinybrain-marketplace3

README

TinyBrain 🧠

Security-Focused LLM Memory Storage with Intelligence Gathering, Reverse Engineering, and MITRE ATT&CK Integration

TinyBrain is a comprehensive memory storage system designed specifically for security professionals, penetration testers, and AI assistants working on offensive security tasks. It provides intelligent memory management, pattern recognition, and comprehensive intelligence gathering capabilities through the Model Context Protocol (MCP).

📖 View Complete Documentation | 🐛 Report Issues | 💬 Discussions

✨ Key Features

🧠 Intelligence Gathering

OSINT: Open Source Intelligence collection and analysis
HUMINT: Human Intelligence gathering and social engineering assessment
SIGINT: Signals Intelligence and communications analysis
GEOINT: Geospatial Intelligence and location-based analysis
MASINT: Measurement and Signature Intelligence
TECHINT: Technical Intelligence and technology assessment
FININT: Financial Intelligence and cryptocurrency tracking
CYBINT: Cyber Intelligence and threat analysis

🔍 Reverse Engineering

Malware Analysis: Static and dynamic malware analysis capabilities
Binary Analysis: PE, ELF, Mach-O file format analysis
Vulnerability Research: Fuzzing, exploit development, and vulnerability analysis
Protocol Analysis: Network and application protocol reverse engineering
Code Analysis: Source code and assembly analysis tools

🎯 MITRE ATT&CK Integration

Complete Framework: All 14 Enterprise tactics and 200+ techniques
TTP Mapping: Map findings to specific tactics, techniques, and procedures
Attack Chain Analysis: Complete attack chain mapping and analysis
Threat Hunting: Hunt for specific TTPs and attack patterns
Campaign Tracking: Track attack campaigns and threat actor activities
Real-Time Data: Live MITRE ATT&CK dataset with 823+ techniques and 14 tactics
Intelligent Querying: Semantic search across attack techniques and procedures

🛡️ Security Patterns & Standards

CWE Integration: Common Weakness Enumeration patterns and classifications
OWASP Compliance: OWASP Top 10 2021 and testing guide integration
Multi-Language Support: Security patterns for 10+ programming languages
Authorization Templates: RBAC, ABAC, and DAC access control patterns
Standards Compliance: NIST, ISO 27001, PTES, and industry standards
NVD Integration: National Vulnerability Database with 314,835+ CVEs
OWASP Testing Guide: Complete web application security testing procedures

🔬 Security Knowledge Hub

NVD Integration: National Vulnerability Database with 314,835+ CVEs
MITRE ATT&CK: Complete framework with 823+ techniques and 14 tactics
OWASP Testing Guide: Comprehensive web application security testing procedures
Intelligent Retrieval: Context-aware querying with summarization
Real-Time Updates: Incremental data updates from official sources
Rate Limiting: Respectful API usage with proper rate limiting

📊 Memory Management

30+ Memory Categories: Comprehensive categorization for intelligence, reconnaissance, and analysis data
Intelligence Objects: Threat actors, attack campaigns, IOCs, TTPs, patterns, and correlations
Context-Aware Storage: Automatically categorizes and prioritizes information
Advanced Search: Semantic, exact, fuzzy, tag-based, and relationship-based search
Access Tracking: Monitors which memories are most relevant and frequently accessed
Context Summaries: Provides relevant memory summaries for current tasks

View full README on GitHub

Similar Plugins

fullstack-dev-skills

10.0k·455·

Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.

v0.4.15

Jeffallan

ecc

217.3k·2.6K·

Harness-native ECC operator layer - 67 agents, 271 skills, 92 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses

v2.0.0

affaan-m

nature-skills

20.0k·124·

A growing collection of Claude-compatible academic workflow bundles. Covers scientific figures, manuscript writing and polishing, reviewer assessment, citation retrieval, data availability, paper reading, literature search, response letters, paper-to-PPTX conversion, and evidence-grounded Chinese invention patent drafting. Rules are organized as reusable skill folders with explicit workflows and quality checks.

v1.0.0

Yuan1z0825

creative-writing

28·58·

Complete creative writing suite with 10 specialized agents covering the full writing process: research gathering, character development, story architecture, world-building, dialogue coaching, editing/review, outlining, content strategy, believability auditing, and prose style/voice analysis. Includes genre-specific guides, templates, and quality checklists.

4mo

v1.7.0

greyhaven-ai

dotnet-skills

32·52·

Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications

3mo

v2.0.0

wshaddix

data

20.5k·43·

Write SQL, explore datasets, and generate insights faster. Build visualizations and dashboards, and turn raw data into clear stories for stakeholders.

3mo

v1.1.0

anthropics

tinybrain

Popularity

What's Inside

Confidence

README