ttp-extractor
CommunityExtract TTPs from reports and map to ATT&CK.
Data & Analytics#security-automation#threat-hunting#threat-intelligence#mitre-attack#ttp-extraction#sigma-rules#attack-mapping
Authorchenchunrun
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill helps security teams automatically extract attack techniques, defensive gaps, and MITRE ATT&CK mappings from security reports and threat intelligence, enabling faster threat understanding and response.
Core Features & Use Cases
- TTP extraction from reports and intel, with ATT&CK mapping
- Sigma rule generation for detections and alerting
- Threat hunting queries and defensive recommendations for SOC workflows
- Use Case: When provided with a security report, produce ATT&CK-aligned techniques, detection rules, and hunting queries for incident response.
Quick Start
Analyze a security report to extract ATT&CK techniques and generate Sigma rules for detections.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ttp-extractor Download link: https://github.com/chenchunrun/onyx-soc/archive/main.zip#ttp-extractor Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.