OpenSkillIndex← back to search
claude-codesecurity

Babysitter MITRE ATT&CK Skill

MITRE ATT&CK framework mapping and analysis

install
source · Clone the upstream repo
git clone https://github.com/a5c-ai/babysitter
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/a5c-ai/babysitter "$T" && mkdir -p ~/.claude/skills && cp -r "$T/library/specializations/security-research/skills/mitre-attack" ~/.claude/skills/a5c-ai-babysitter-mitre-att-ck-skill && rm -rf "$T"
manifest: library/specializations/security-research/skills/mitre-attack/SKILL.md
tags
#attack-mapping#threat-intelligence#adversary-emulation#stix-analysis#attack-patterns
source content

MITRE ATT&CK Skill

Overview

This skill provides MITRE ATT&CK framework mapping, analysis, and adversary emulation capabilities.

Capabilities

  • Map TTPs to ATT&CK techniques
  • Generate ATT&CK Navigator layers
  • Query ATT&CK STIX data
  • Create attack patterns and campaigns
  • Analyze technique coverage
  • Generate detection mappings
  • Support ATT&CK ICS and Mobile
  • Create adversary emulation plans

Target Processes

  • red-team-operations.js
  • purple-team-exercise.js
  • threat-intelligence-research.js
  • malware-analysis.js

Dependencies

  • ATT&CK STIX data (via TAXII or local)
  • ATT&CK Navigator
  • mitreattack-python library
  • Python 3.x

Usage Context

This skill is essential for:

  • Adversary emulation planning
  • Detection gap analysis
  • Threat intelligence correlation
  • Red team operation planning
  • Security posture assessment

Integration Notes

  • Supports all ATT&CK matrices (Enterprise, Mobile, ICS)
  • Can generate Navigator layers for visualization
  • Integrates with threat intelligence platforms
  • Maps to detection rules and mitigations
  • Supports campaign and group analysis