/install cyber-kill-chain
Overview
The Cyber Kill Chain Security Assessment platform is an enterprise-grade tool designed to systematically evaluate organizational security posture across multiple stages of the MITRE ATT&CK kill chain framework. This API enables security teams to document control implementation status, measure compliance gaps, and generate comprehensive security assessments tailored to organizational risk profiles.
Built for security professionals, compliance officers, and enterprise risk managers, this platform transforms control validation into actionable security intelligence. By mapping security controls to kill chain stages, organizations gain visibility into defense effectiveness and can prioritize remediation efforts based on attack vector coverage.
The assessment engine supports three operational tiers—basic, standard, and enterprise—accommodating organizations from small teams to large multi-division enterprises. Each tier provides proportionate depth of analysis, enabling right-sized security assessment without unnecessary complexity.
Usage
Sample Request
{
"tier": "standard",
"sessionId": "ckc-2024-q1-audit-001",
"controls": {
"reconnaissance": [
{
"controlId": "RECON-001",
"compliant": true,
"notes": "OSINT monitoring active via threat intelligence platform"
},
{
"controlId": "RECON-002",
"compliant": false,
"notes": "Domain registration monitoring not yet implemented"
}
],
"weaponization": [
{
"controlId": "WEAPON-001",
"compliant": true,
"notes": "Email gateway sandboxing enabled with 48-hour detonation window"
}
],
"delivery": [
{
"controlId": "DELIVERY-001",
"compliant": true,
"notes": "Advanced email filtering with machine learning enabled"
},
{
"controlId": "DELIVERY-002",
"compliant": false,
"notes": "USB device policy enforcement pending endpoint refresh"
}
]
}
}
Sample Response
{
"assessmentId": "ckc-2024-q1-audit-001",
"tier": "standard",
"timestamp": "2024-01-15T10:30:00Z",
"overallScore": 72,
"complianceRate": 0.78,
"stageBreakdown": {
"reconnaissance": {
"score": 50,
"compliant": 1,
"total": 2,
"gaps": [
"Domain registration monitoring"
]
},
"weaponization": {
"score": 100,
"compliant": 1,
"total": 1,
"gaps": []
},
"delivery": {
"score": 75,
"compliant": 2,
"total": 3,
"gaps": [
"USB device policy enforcement"
]
}
},
"recommendations": [
{
"stage": "reconnaissance",
"priority": "high",
"action": "Implement domain registration monitoring service"
},
{
"stage": "delivery",
"priority": "medium",
"action": "Accelerate endpoint policy enforcement rollout"
}
],
"nextReviewDate": "2024-04-15"
}
Endpoints
GET /health
Description: Health check endpoint for service availability verification.
Parameters: None
Response:
- Status Code: 200
- Content-Type: application/json
- Body: JSON object confirming service health status
POST /api/security/assess
Description: Perform comprehensive Cyber Kill Chain security assessment across specified control domains and kill chain stages.
Parameters:
| Name | Type | Required | Description |
|---|---|---|---|
| tier | string | Yes | Assessment tier level: basic, standard, or enterprise. Determines scope and depth of analysis. |
| sessionId | string | Yes | Unique session identifier for audit trail and assessment tracking. Recommended format: ckc-YYYY-MM-QX-description. |
| controls | object | Yes | Kill chain stage controls indexed by stage name. Each stage contains array of control assessments. |
| controls[stage] | array | Yes | Array of control assessments for a specific kill chain stage (e.g., reconnaissance, weaponization, delivery). |
| controlId | string | Yes | Unique identifier for the security control being assessed. |
| compliant | boolean | Yes | Compliance status: true if control is implemented and operational, false if non-compliant. |
| notes | string | Optional | Contextual notes, implementation details, or remediation timeline. Maximum 500 characters recommended. |
Response:
- Status Code: 200
- Content-Type: application/json
- Body: Assessment results including overall score, stage-by-stage breakdown, compliance rate, identified gaps, and remediation recommendations.
Error Responses:
- Status Code: 422
- Description: Validation error. Request failed schema validation (missing required fields, invalid tier value, malformed control structure).
- Content-Type: application/json
- Body: Validation error details with field locations and error messages.
OPTIONS /api/security/assess
Description: CORS preflight request handler for cross-origin assessment submissions.
Parameters: None
Response:
- Status Code: 200
- Content-Type: application/json
- Body: CORS headers configuration confirming allowed methods and origins.
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|---|---|---|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- toolweb.in
- portal.toolweb.in
- hub.toolweb.in
- toolweb.in/openclaw/
- rapidapi.com/user/mkrishna477
- youtube.com/@toolweb-009
References
- Kong Route: https://api.mkkpro.com/security/cyber-kill-chain
- API Docs: https://api.mkkpro.com:8043/docs
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install cyber-kill-chain - 安装完成后,直接呼叫该 Skill 的名称或使用
/cyber-kill-chain触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
Cyber Kill Chain 是什么?
Enterprise-grade cybersecurity framework assessment platform that evaluates organizational security controls across the kill chain spectrum. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 169 次。
如何安装 Cyber Kill Chain?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install cyber-kill-chain」即可一键安装,无需额外配置。
Cyber Kill Chain 是免费的吗?
是的,Cyber Kill Chain 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Cyber Kill Chain 支持哪些平台?
Cyber Kill Chain 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Cyber Kill Chain?
由 ToolWeb(@krishnakumarmahadevan-cmd)开发并维护,当前版本 v1.0.0。