| --- |
| title: Attack Path Visualizer |
| emoji: πΊοΈ |
| colorFrom: red |
| colorTo: purple |
| sdk: gradio |
| sdk_version: 5.50.0 |
| python_version: '3.10' |
| app_file: app.py |
| pinned: false |
| license: apache-2.0 |
| tags: |
| - cybersecurity |
| - attack-path |
| - mitre-attack |
| - visualization |
| - threat-modeling |
| - red-team |
| - pentest |
| datasets: |
| - AYI-NEDJIMI/mitre-attack-fr |
| - AYI-NEDJIMI/mitre-attack-en |
| --- |
| |
| # πΊοΈ Attack Path Visualizer |
|
|
| A comprehensive interactive visualization tool for cybersecurity attack chains and threat modeling. Perfect for security professionals, red teamers, and defensive teams. |
|
|
| ## Features |
|
|
| - **10 Common Attack Scenarios** - Realistic attack chains covering major threat categories |
| - **MITRE ATT&CK Mapping** - All techniques mapped to official MITRE ATT&CK framework |
| - **Interactive Flowcharts** - Color-coded attack phases with clickable nodes |
| - **Bilingual Support** - English and French interfaces |
| - **Phase Breakdown Analysis** - Visual charts showing attack phase distribution |
| - **Detailed Stage Information** - Description and MITRE technique details for each step |
|
|
| ## Attack Paths Included |
|
|
| 1. **Classic AD Domain Compromise** - Phishing β Macro β Credential Dump β Lateral Movement β Domain Admin β Data Exfil |
| 2. **Web App to Internal Network** - SQLi β Web Shell β Reverse Shell β Network Recon β Database Access β Exfil |
| 3. **Cloud Account Takeover** - Credential Stuffing β MFA Bypass β API Token Theft β Privilege Escalation β Data Access |
| 4. **Ransomware Kill Chain** - Phishing β Malware β C2 β Reconnaissance β Lateral Movement β Encryption |
| 5. **Supply Chain Attack** - Compromised Dependency β Code Injection β Distribution β C2 β Persistence β Exfil |
| 6. **Insider Threat - Data Theft** - Legitimate Access β Privilege Escalation β Data Discovery β Exfiltration β Cover Tracks |
| 7. **NTLM Relay Attack** - LLMNR Poisoning β NTLM Capture β Relay β Shell Access β Persistence |
| 8. **Kerberos Attack Chain** - SPN Enumeration β Kerberoasting β Pass-the-Hash β DCSync β Hash Extraction |
| 9. **Web API Exploitation** - API Enumeration β Auth Bypass β IDOR β Parameter Tampering β Bulk Export |
| 10. **Zero-Day Exploitation** - Reconnaissance β Zero-Day Discovery β Exploit β C2 β Rootkit β Long-term Theft |
|
|
| ## Color Legend |
|
|
| - π΄ **Red** - Initial Access |
| - π **Orange** - Execution |
| - π‘ **Yellow** - Credential Access |
| - π΅ **Blue** - Lateral Movement |
| - π£ **Purple** - Privilege Escalation |
| - π· **Teal** - Persistence |
| - π΄ **Pink** - Command & Control |
| - β« **Black** - Exfiltration |
| - π₯ **Dark Red** - Impact |
|
|
| ## Use Cases |
|
|
| - **Threat Modeling** - Understand realistic attack chains for your environment |
| - **Red Team Training** - Train defensive teams on threat scenarios |
| - **Incident Response** - Map detected activities to known attack patterns |
| - **Security Awareness** - Educate employees on attack progression |
| - **Compliance Documentation** - Demonstrate threat understanding for audits |
| - **LinkedIn Sharing** - Create awareness-raising content about cybersecurity |
|
|
| ## Technology |
|
|
| - **Gradio** - Web interface framework |
| - **Plotly** - Interactive visualization and charts |
| - **Python** - Backend logic |
|
|
| ## Installation |
|
|
| ```bash |
| pip install -r requirements.txt |
| python app.py |
| ``` |
|
|
| ## How to Use |
|
|
| 1. Select an attack path from the dropdown menu |
| 2. Choose your language (English or Français) |
| 3. View the interactive attack flowchart |
| 4. Read the attack description and statistics |
| 5. Review the phase breakdown analysis |
| 6. Examine detailed information for each attack stage |
|
|
| ## MITRE ATT&CK Integration |
|
|
| All attack paths are mapped to official MITRE ATT&CK techniques. Hover over nodes to see: |
| - Technique name |
| - MITRE technique ID (e.g., T1566) |
| - Attack phase classification |
|
|
| Learn more: https://attack.mitre.org/ |
|
|
| ## Educational Purpose |
|
|
| This tool is designed for: |
| - β
Authorized security testing |
| - β
Defensive team training |
| - β
Threat modeling and risk assessment |
| - β
Security awareness and education |
| - β
Incident response planning |
|
|
| This tool should only be used in authorized environments. |
|
|
| ## Security Notes |
|
|
| - Educational tool for authorized security professionals |
| - Based on publicly known attack techniques |
| - Use to improve defensive posture |
| - Share knowledge responsibly within your organization |
|
|
| ## Resources |
|
|
| - [MITRE ATT&CK Framework](https://attack.mitre.org/) |
| - [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework) |
| - [OWASP Security Top 10](https://owasp.org/www-project-top-ten/) |
| - [CIS Critical Security Controls](https://www.cisecurity.org/controls/) |
|
|
| ## Contributing |
|
|
| Suggestions for additional attack paths or improvements are welcome! |
|
|
| ## License |
|
|
| Apache License 2.0 |
|
|
| --- |
|
|
| **Made with β€οΈ for the cybersecurity community** |
|
|
| Perfect for sharing on LinkedIn to raise awareness about cybersecurity threats and defense strategies. |
|
|
| --- |
|
|
| **Powered by [AYI-NEDJIMI Consultants](https://ayinedjimi-consultants.fr)** - AI & Cybersecurity Consulting |
|
|
| - [All Datasets](https://huggingface.co/AYI-NEDJIMI) |
| - [AI & Cyberdefense Whitepaper](https://ayinedjimi-consultants.fr/livre-blanc-ia-cyberdefense.html) |
|
|
