building-ioc-enrichment-pipeline-with-opencti
CommunityAutomate IOC enrichment with OpenCTI.
AuthorAxxxxxxaaann
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill automates the collection and integration of external threat intelligence data to augment indicators with context, scores, and relationships inside an OpenCTI deployment.
Core Features & Use Cases
- Multi-source enrichment: gather data from VirusTotal, Shodan, AbuseIPDB, GreyNoise, and other connectors to enrich IPs, domains, and file hashes.
- OpenCTI integration: generate STIX bundles, update observables, and maintain confidence scores within an OpenCTI deployment.
- Use Case: security operations teams automatically enrich new indicators to prioritize investigations and drive incident response.
Quick Start
Deploy OpenCTI, set up API keys for enrichment sources, and run the enrichment workflow to automatically attach context to new observables.
Dependency Matrix
Required Modules
pyctirequests
Components
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: building-ioc-enrichment-pipeline-with-opencti Download link: https://github.com/Axxxxxxaaann/KAIRI-Skills/archive/main.zip#building-ioc-enrichment-pipeline-with-opencti Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.