Stats
Actions
Tags
From cybersec-toolkit
Analyze the threat landscape using MISP by querying event statistics, attribute distributions, threat actor galaxy clusters, and tag trends over time. Uses PyMISP.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersec-toolkit:analyzing-threat-landscape-with-mispThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- When investigating security incidents that require analyzing threat landscape with misp
pip install pymisppython scripts/agent.py --misp-url https://misp.local --api-key YOUR_KEY --days 90 --output landscape_report.json
Period: Last 90 days
Events analyzed: 1,247
Top threat level: High (43%)
Top attribute type: ip-dst (31%), domain (22%), sha256 (18%)
Top MITRE technique: T1566 Phishing (89 events)
Top threat actor: APT28 (34 events)
npx claudepluginhub 26zl/cybersec-toolkit --plugin cybersec-toolkitAnalyze the threat landscape using MISP by querying event statistics, attribute distributions, threat actor galaxy clusters, and tag trends over time. Uses PyMISP.
Analyzes threat landscape using MISP via PyMISP: queries event statistics, IOC attribute distributions, top threat actors/malware families, tag trends over time. Generates reports for SOC threat hunting.
Analyzes threat landscape from MISP using PyMISP: pulls events by threat level/date, computes IOC/attribute distributions, identifies top threat actors/MITRE techniques/galaxy clusters/tags, generates time-series reports.