Hugging Face's logo

Spaces:
AYI-NEDJIMI
/
attack-path-visualizer
Paused

App Files Community
attack-path-visualizer / README.md
AYI-NEDJIMI's picture
AYI-NEDJIMI
Add datasets references and backlinks
9b39b8c verified
preview code
|
raw
history blame contribute delete
5.14 kB

A newer version of the Gradio SDK is available: 6.10.0

Upgrade
metadata 
title: Attack Path Visualizer
emoji: πŸ—ΊοΈ
colorFrom: red
colorTo: purple
sdk: gradio
sdk_version: 5.50.0
python_version: '3.10'
app_file: app.py
pinned: false
license: apache-2.0
tags:
  - cybersecurity
  - attack-path
  - mitre-attack
  - visualization
  - threat-modeling
  - red-team
  - pentest
datasets:
  - AYI-NEDJIMI/mitre-attack-fr
  - AYI-NEDJIMI/mitre-attack-en

πŸ—ΊοΈ Attack Path Visualizer

A comprehensive interactive visualization tool for cybersecurity attack chains and threat modeling. Perfect for security professionals, red teamers, and defensive teams.

Features

  • 10 Common Attack Scenarios - Realistic attack chains covering major threat categories
  • MITRE ATT&CK Mapping - All techniques mapped to official MITRE ATT&CK framework
  • Interactive Flowcharts - Color-coded attack phases with clickable nodes
  • Bilingual Support - English and French interfaces
  • Phase Breakdown Analysis - Visual charts showing attack phase distribution
  • Detailed Stage Information - Description and MITRE technique details for each step

Attack Paths Included

  1. Classic AD Domain Compromise - Phishing β†’ Macro β†’ Credential Dump β†’ Lateral Movement β†’ Domain Admin β†’ Data Exfil
  2. Web App to Internal Network - SQLi β†’ Web Shell β†’ Reverse Shell β†’ Network Recon β†’ Database Access β†’ Exfil
  3. Cloud Account Takeover - Credential Stuffing β†’ MFA Bypass β†’ API Token Theft β†’ Privilege Escalation β†’ Data Access
  4. Ransomware Kill Chain - Phishing β†’ Malware β†’ C2 β†’ Reconnaissance β†’ Lateral Movement β†’ Encryption
  5. Supply Chain Attack - Compromised Dependency β†’ Code Injection β†’ Distribution β†’ C2 β†’ Persistence β†’ Exfil
  6. Insider Threat - Data Theft - Legitimate Access β†’ Privilege Escalation β†’ Data Discovery β†’ Exfiltration β†’ Cover Tracks
  7. NTLM Relay Attack - LLMNR Poisoning β†’ NTLM Capture β†’ Relay β†’ Shell Access β†’ Persistence
  8. Kerberos Attack Chain - SPN Enumeration β†’ Kerberoasting β†’ Pass-the-Hash β†’ DCSync β†’ Hash Extraction
  9. Web API Exploitation - API Enumeration β†’ Auth Bypass β†’ IDOR β†’ Parameter Tampering β†’ Bulk Export
  10. Zero-Day Exploitation - Reconnaissance β†’ Zero-Day Discovery β†’ Exploit β†’ C2 β†’ Rootkit β†’ Long-term Theft

Color Legend

  • πŸ”΄ Red - Initial Access
  • 🟠 Orange - Execution
  • 🟑 Yellow - Credential Access
  • πŸ”΅ Blue - Lateral Movement
  • 🟣 Purple - Privilege Escalation
  • πŸ”· Teal - Persistence
  • πŸ”΄ Pink - Command & Control
  • ⚫ Black - Exfiltration
  • πŸŸ₯ Dark Red - Impact

Use Cases

  • Threat Modeling - Understand realistic attack chains for your environment
  • Red Team Training - Train defensive teams on threat scenarios
  • Incident Response - Map detected activities to known attack patterns
  • Security Awareness - Educate employees on attack progression
  • Compliance Documentation - Demonstrate threat understanding for audits
  • LinkedIn Sharing - Create awareness-raising content about cybersecurity

Technology

  • Gradio - Web interface framework
  • Plotly - Interactive visualization and charts
  • Python - Backend logic

Installation 

pip install -r requirements.txt
python app.py

How to Use

  1. Select an attack path from the dropdown menu
  2. Choose your language (English or Français)
  3. View the interactive attack flowchart
  4. Read the attack description and statistics
  5. Review the phase breakdown analysis
  6. Examine detailed information for each attack stage

MITRE ATT&CK Integration

All attack paths are mapped to official MITRE ATT&CK techniques. Hover over nodes to see:

  • Technique name
  • MITRE technique ID (e.g., T1566)
  • Attack phase classification

Learn more: https://attack.mitre.org/

Educational Purpose

This tool is designed for:

  • βœ… Authorized security testing
  • βœ… Defensive team training
  • βœ… Threat modeling and risk assessment
  • βœ… Security awareness and education
  • βœ… Incident response planning

This tool should only be used in authorized environments.

Security Notes

  • Educational tool for authorized security professionals
  • Based on publicly known attack techniques
  • Use to improve defensive posture
  • Share knowledge responsibly within your organization

Resources

Contributing

Suggestions for additional attack paths or improvements are welcome!

License

Apache License 2.0

Made with ❀️ for the cybersecurity community

Perfect for sharing on LinkedIn to raise awareness about cybersecurity threats and defense strategies.

Powered by AYI-NEDJIMI Consultants - AI & Cybersecurity Consulting