Threat Intelligence Skill

Gather, analyze, and disseminate cyber threat intelligence with IOC extraction, threat actor profiling, and MITRE ATT&CK mapping.

Capabilities

• IOC Extraction: Extract indicators from text, logs, and reports
• IOC Management: Deduplicate, validate, and enrich indicators
• Threat Profiling: Document threat actors and campaigns
• ATT&CK Mapping: Map threats to MITRE ATT&CK framework
• Intelligence Reports: Generate threat bulletins and assessments
• Feed Processing: Parse and normalize threat feeds

Quick Start

from cti_utils import IOCExtractor, ThreatActor, IntelReport

# Extract IOCs from text