Fast ThreatIntel
Empowers security teams with AI-driven threat intelligence analysis, identifying and attributing threats across multiple sources.
About
Fast ThreatIntel is a comprehensive Model Context Protocol (MCP) server engineered to deliver enterprise-grade threat intelligence. It revolutionizes cybersecurity by enabling natural language AI prompts to analyze Indicators of Compromise (IOCs) such as IPs, domains, URLs, and file hashes across diverse threat intelligence platforms like VirusTotal, AlienVault OTX, AbuseIPDB, and IPinfo. The tool provides advanced APT attribution with MITRE ATT&CK mapping, intelligent IOC detection, and generates rich, interactive reports for a complete threat landscape overview.
Key Features
- AI-Powered Analysis: Natural language interface for queries, intelligent IOC detection, and advanced APT attribution with MITRE ATT&CK mapping.
- Multi-Source Intelligence: Integrates with VirusTotal, AlienVault OTX, AbuseIPDB, and IPinfo for comprehensive data.
- Rich Reporting & Visualization: Generates interactive HTML reports with D3.js network graphs and supports multiple output formats (Markdown, JSON, HTML, STIX).
- Flexible Deployment Options: Available as an MCP server for AI integration, standalone CLI, Docker container, or Python package.
- Production-Ready Features: Includes multi-architecture Docker support, Kubernetes readiness, comprehensive testing, and performance optimizations like async processing and intelligent caching.
- 7 GitHub stars
Use Cases
- Performing rapid, comprehensive threat analysis on IPs, domains, URLs, and file hashes using natural language prompts.
- Integrating with AI assistants like Claude Desktop or VSCode (Roo-Cline) for seamless threat intelligence queries.
- Generating detailed security incident reports with APT attribution and visual IOC relationship mapping for cybersecurity investigations.