Analyzes threat landscape from MISP using PyMISP: pulls events by threat level/date, computes IOC/attribute distributions, identifies top threat actors/MITRE techniques/galaxy clusters/tags, generates time-series reports.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
1. 安装依赖:`pip install pymisp`
Analyzes MISP data via PyMISP for threat landscape reports: event stats, IOC type breakdowns, top threat actors/malware, MITRE techniques, and temporal trends.
Analyzes threat landscape using MISP via PyMISP: queries event statistics, IOC attribute distributions, top threat actors/malware families, tag trends over time. Generates reports for SOC threat hunting.
Uses PyMISP to create, enrich, and share threat intelligence events on MISP platform, managing IOCs, integrating feeds, exporting STIX, and handling community sharing workflows.
Share bugs, ideas, or general feedback.
pip install pymisppython scripts/agent.py --misp-url https://misp.local --api-key YOUR_KEY --days 90 --output landscape_report.json
分析周期: 最近 90 天
分析事件数: 1,247
主要威胁级别: 高(43%)
主要属性类型: ip-dst(31%)、domain(22%)、sha256(18%)
主要 MITRE 技术: T1566 钓鱼(89 个事件)
主要威胁行为者: APT28(34 个事件)