Get the FREE Ultimate OpenClaw Setup Guide →

xtm

eXtended Threat Management MCP Servers

Installation
Run this command in your terminal to add the MCP server to Claude Code.
Run in terminal:
View docs
Command
claude mcp add --transport stdio filigranhq-xtm-mcp python -m opencti_mcp

How to use

This MCP server provides tooling to interact with an OpenCTI instance via its GraphQL API. It allows you to introspect the GraphQL schema, list available types, and construct/validate queries against your OpenCTI deployment. The server exposes capabilities that help you explore the model context and generate valid queries against the configured OpenCTI instance. Typical usage involves starting the server in a Python virtual environment and then using the included CLI tools or API endpoints to perform introspection, fetch type information, and run example queries against your OpenCTI URL.

How to install

Prerequisites:

  • Python 3.10 or newer
  • Git
  • A Python virtual environment tool (venv or similar)

Installation steps:

  1. Clone the repository: git clone https://github.com/filigranhq/xtm-mcp.git cd xtm-mcp

  2. Create and activate a virtual environment: python -m venv .venv

    On Windows

    ..venv\Scripts\activate

    On macOS/Linux

    source .venv/bin/activate

  3. Install dependencies: pip install -r requirements.txt

  4. Configure environment (see additional notes for details):

    • Set OPENCTI_URL to your OpenCTI GraphQL endpoint
    • Set OPENCTI_TOKEN to a valid access token if required

  5. Run the server: python -m opencti_mcp

  6. Optional: run tests or lint as defined in the repository (see development docs in repository).

Additional notes

Environment variables commonly used:

  • OPENCTI_URL: The GraphQL endpoint of your OpenCTI instance
  • OPENCTI_TOKEN: Authorization token if your OpenCTI instance requires it
  • DEBUG or LOG_LEVEL: Adjust verbosity (e.g., DEBUG)

Configuration tips:

  • Ensure your OpenCTI instance is reachable from the MCP server host
  • If using behind a proxy, configure HTTP_PROXY/HTTPS_PROXY as needed
  • The MCP server uses a Python module named opencti_mcp; ensure the module path matches your installation

Common issues:

  • ModuleNotFoundError: ensure dependencies are installed via requirements.txt
  • Connection errors to OPENCTI_URL; verify URL and network access
  • Token authentication failures; verify token validity and scopes

Related MCP Servers

mcp-pinecone

148

Model Context Protocol server to allow for reading and writing from Pinecone. Rudimentary RAG

Gitingest

136

mcp server for gitingest

bzm

24

Official BlazeMeter MCP Server for AI-driven performance testing

mcp -python-template

15

This template provides a streamlined foundation for building Model Context Protocol (MCP) servers in Python. It's designed to make AI-assisted development of MCP tools easier and more efficient.

Convert-Markdown-PDF

14

Markdown To PDF Conversion MCP

shodan

13

Shodan MCP server for Claude, Cursor & VS Code. 20 tools for passive reconnaissance, CVE/CPE intelligence, DNS analysis, and device search. 4 tools work free without an API key. OSINT and vulnerability research from your IDE.

Sponsor this space

Reach thousands of developers