zettelforge
ZettelForge - Agentic Memory System for Cyber Threat Intelligence
- Link new malware samples to known threat actor campaigns
- Cross-reference IOCs across multiple concurrent incidents
- Build and query threat actor profile timelines
Enables security teams to build persistent, interconnected threat intelligence without manual documentation overhead. Reduces analyst context-switching and improves institutional knowledge retention across incident response cycles.
Security operations centers and threat intelligence teams managing multi-vector attack investigations and knowledge continuity.
https://github.com/rolandpg/zettelforge
By rolandpg
How to Get It
claude plugins install rolandpg/zettelforge
Tip: Paste this into a Claude Code conversation. Verify command matches your Claude Code version.
Trust Signals Auto-scanned
Community Pulse Active
Discussed on Hacker News, Reddit
- Three agentic CTI reports available — looking for feedback from anyone using MCP — Reddit · 18 pts
- C2-Tracker: Live Feed of C2 servers, tools, and botnets — Reddit · 18 pts
- zettelforge: Agentic memory for CTI: STIX knowledge graphs, threat actor alias r — Reddit · 12 pts
11 mentions across 2 sources
Reviewer notes
Auto-scanned review. These are observations, not a security certification.
Auto-assessment from April sweep — baseline scores pending hands-on review.
2026-04-18: Approved in April sweep: New and small but has a clear description and recent commits — worth tracking.
How to evaluate tools before deploying →
Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.