zettelforge

Zettelforge is an agent designed to manage and utilize information related to cybersecurity threat intelligence. It builds and maintains knowledge graphs using the STIX standard, helping users understand complex relationships between threats and actors. The agent automatically resolves aliases for threat actors, ensuring consistent identification and tracking. It also supports offline retrieval of information using Retrieval Augmented Generation (RAG), allowing access even without an internet connection. Zettelforge functions as a server for Claude Code, enabling efficient code generation and analysis within the threat intelligence workflow. Security professionals and threat analysts would find this agent particularly valuable. Its ability to combine knowledge graph management, alias resolution, and offline RAG makes it a powerful tool for threat investigation and response.

Zettelforge solves the challenge of managing and connecting disparate pieces of threat intelligence data, which is often scattered across various sources and formats. Instead of manually compiling and linking this information, security teams can use Zettelforge to quickly gain a comprehensive understanding of threats and actors, accelerating investigations and improving response times.