Stats
Actions
Tags
From cybersec-toolkit
Maps APT group TTPs to MITRE ATT&CK using attackcti and Navigator. Queries STIX/TAXII data, generates Navigator layer files, and compares defensive coverage against adversary profiles.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersec-toolkit:analyzing-threat-actor-ttps-with-mitre-navigatorThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
The MITRE ATT&CK Navigator is a web application for annotating and visualizing ATT&CK matrices.
The MITRE ATT&CK Navigator is a web application for annotating and visualizing ATT&CK matrices. Combined with the attackcti Python library (which queries ATT&CK STIX data via TAXII), analysts can programmatically generate Navigator layer files mapping specific threat group TTPs, compare multiple groups, and assess detection coverage gaps against known adversaries.
{
"name": "APT29 TTPs",
"domain": "enterprise-attack",
"techniques": [
{"techniqueID": "T1566.001", "score": 1, "comment": "Spearphishing Attachment"},
{"techniqueID": "T1059.001", "score": 1, "comment": "PowerShell"}
]
}
npx claudepluginhub 26zl/cybersec-toolkit --plugin cybersec-toolkitMaps APT group TTPs to MITRE ATT&CK using attackcti and Navigator. Queries STIX/TAXII data, generates Navigator layer files, and compares defensive coverage against adversary profiles.
Maps APT group TTPs to MITRE ATT&CK using attackcti Python library and ATT&CK Navigator. Queries STIX/TAXII data, generates layer files for visualization, analyzes defensive coverage.
Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.