MITRE ATT&CK

Name: MITRE ATT&CK
Author: Montimage

Montimage/mitre-mcp

Query MITRE ATT&CK tactics, techniques, and related knowledge from your agent while reviewing threats, test plans, or security docs.

Overview

io.github.luongnv89/mitre-mcp is a Ship-phase MCP server that exposes the MITRE ATT&CK framework to agents via the official MCP Python SDK.

What is this MCP server?

MCP server for MITRE ATT&CK using the official MCP Python SDK
PyPI package mitre-mcp at version 0.3.1 with stdio transport
Title published as MITRE ATT&CK in server metadata
Suited for threat modeling and control mapping inside agent chats
Open source via Montimage/mitre-mcp on GitHub
PyPI package mitre-mcp version 0.3.1
Server title MITRE ATT&CK in published schema
Stdio transport; repository Montimage/mitre-mcp on GitHub

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 11 GitHub stars.

What problem does it solve?

Security reviews in agent sessions drift into vague advice because MITRE ATT&CK is too heavy to browse manually while you code.

Who is it for?

Solo builders and small teams shipping web or API products who want ATT&CK-grounded security copy and test ideas inside Claude Code or Cursor.

Skip if: Builders who need automated vulnerability scanning only or who are still in pure Idea research with no security surface yet.

What do I get? / Deliverables

After installing mitre-mcp, your agent can query ATT&CK-aligned knowledge during threat modeling and pre-ship security discussions.

Agent-queryable MITRE ATT&CK framework data during security tasks
Threat-informed technique and mitigation references in review or planning chats

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

ATT&CK grounding matters during Ship when you harden the product, write security stories, and align tests with real adversary behavior before launch. Security is the canonical shelf because the server exposes the MITRE ATT&CK framework for threat-informed decisions, not generic coding or deployment.

How it compares

ATT&CK reference MCP server, not a DAST scanner or generic code-review skill.

Common Questions / FAQ