PyCTI icon

PyCTI

11

Consolidates and normalizes OpenCTI threat intelligence data into a structured JSON format for large language models.

About

PyCTI is an MCP (Model Context Protocol) server designed to act as a front-end for OpenCTI, transforming its complex data into a simplified, LLM-consumable JSON format. It aims to improve the interpretability of OpenCTI data for AI models by providing more verbose field names, resolving linked entities for richer context, and minimizing non-informative metadata, thereby optimizing context window usage and enhancing LLM intuition.

Key Features

  • Normalizes and condenses OpenCTI data for LLM consumption
  • Resolves GraphQL-linked entities for enhanced context
  • Reduces non-informative metadata to optimize context window usage
  • Integrates seamlessly with mcp-hub for multi-server management
  • Supports VSCode Copilot Chat integration
  • 11 GitHub stars

Use Cases

  • Providing simplified OpenCTI threat intelligence data to large language models
  • Integrating OpenCTI data into developer workflows via mcp-hub and VSCode
  • Building custom tools for extracting and transforming OpenCTI information
PyCTI: OpenCTI Threat Intel for LLMs & AI Chatbots