Spaces:
Sleeping
Sleeping
| title: Attack Path Visualizer | |
| emoji: πΊοΈ | |
| colorFrom: red | |
| colorTo: purple | |
| sdk: gradio | |
| sdk_version: 5.50.0 | |
| python_version: '3.10' | |
| app_file: app.py | |
| pinned: false | |
| license: apache-2.0 | |
| tags: | |
| - cybersecurity | |
| - attack-path | |
| - mitre-attack | |
| - visualization | |
| - threat-modeling | |
| - red-team | |
| - pentest | |
| datasets: | |
| - AYI-NEDJIMI/mitre-attack-fr | |
| - AYI-NEDJIMI/mitre-attack-en | |
| # πΊοΈ Attack Path Visualizer | |
| A comprehensive interactive visualization tool for cybersecurity attack chains and threat modeling. Perfect for security professionals, red teamers, and defensive teams. | |
| ## Features | |
| - **10 Common Attack Scenarios** - Realistic attack chains covering major threat categories | |
| - **MITRE ATT&CK Mapping** - All techniques mapped to official MITRE ATT&CK framework | |
| - **Interactive Flowcharts** - Color-coded attack phases with clickable nodes | |
| - **Bilingual Support** - English and French interfaces | |
| - **Phase Breakdown Analysis** - Visual charts showing attack phase distribution | |
| - **Detailed Stage Information** - Description and MITRE technique details for each step | |
| ## Attack Paths Included | |
| 1. **Classic AD Domain Compromise** - Phishing β Macro β Credential Dump β Lateral Movement β Domain Admin β Data Exfil | |
| 2. **Web App to Internal Network** - SQLi β Web Shell β Reverse Shell β Network Recon β Database Access β Exfil | |
| 3. **Cloud Account Takeover** - Credential Stuffing β MFA Bypass β API Token Theft β Privilege Escalation β Data Access | |
| 4. **Ransomware Kill Chain** - Phishing β Malware β C2 β Reconnaissance β Lateral Movement β Encryption | |
| 5. **Supply Chain Attack** - Compromised Dependency β Code Injection β Distribution β C2 β Persistence β Exfil | |
| 6. **Insider Threat - Data Theft** - Legitimate Access β Privilege Escalation β Data Discovery β Exfiltration β Cover Tracks | |
| 7. **NTLM Relay Attack** - LLMNR Poisoning β NTLM Capture β Relay β Shell Access β Persistence | |
| 8. **Kerberos Attack Chain** - SPN Enumeration β Kerberoasting β Pass-the-Hash β DCSync β Hash Extraction | |
| 9. **Web API Exploitation** - API Enumeration β Auth Bypass β IDOR β Parameter Tampering β Bulk Export | |
| 10. **Zero-Day Exploitation** - Reconnaissance β Zero-Day Discovery β Exploit β C2 β Rootkit β Long-term Theft | |
| ## Color Legend | |
| - π΄ **Red** - Initial Access | |
| - π **Orange** - Execution | |
| - π‘ **Yellow** - Credential Access | |
| - π΅ **Blue** - Lateral Movement | |
| - π£ **Purple** - Privilege Escalation | |
| - π· **Teal** - Persistence | |
| - π΄ **Pink** - Command & Control | |
| - β« **Black** - Exfiltration | |
| - π₯ **Dark Red** - Impact | |
| ## Use Cases | |
| - **Threat Modeling** - Understand realistic attack chains for your environment | |
| - **Red Team Training** - Train defensive teams on threat scenarios | |
| - **Incident Response** - Map detected activities to known attack patterns | |
| - **Security Awareness** - Educate employees on attack progression | |
| - **Compliance Documentation** - Demonstrate threat understanding for audits | |
| - **LinkedIn Sharing** - Create awareness-raising content about cybersecurity | |
| ## Technology | |
| - **Gradio** - Web interface framework | |
| - **Plotly** - Interactive visualization and charts | |
| - **Python** - Backend logic | |
| ## Installation | |
| ```bash | |
| pip install -r requirements.txt | |
| python app.py | |
| ``` | |
| ## How to Use | |
| 1. Select an attack path from the dropdown menu | |
| 2. Choose your language (English or Français) | |
| 3. View the interactive attack flowchart | |
| 4. Read the attack description and statistics | |
| 5. Review the phase breakdown analysis | |
| 6. Examine detailed information for each attack stage | |
| ## MITRE ATT&CK Integration | |
| All attack paths are mapped to official MITRE ATT&CK techniques. Hover over nodes to see: | |
| - Technique name | |
| - MITRE technique ID (e.g., T1566) | |
| - Attack phase classification | |
| Learn more: https://attack.mitre.org/ | |
| ## Educational Purpose | |
| This tool is designed for: | |
| - β Authorized security testing | |
| - β Defensive team training | |
| - β Threat modeling and risk assessment | |
| - β Security awareness and education | |
| - β Incident response planning | |
| This tool should only be used in authorized environments. | |
| ## Security Notes | |
| - Educational tool for authorized security professionals | |
| - Based on publicly known attack techniques | |
| - Use to improve defensive posture | |
| - Share knowledge responsibly within your organization | |
| ## Resources | |
| - [MITRE ATT&CK Framework](https://attack.mitre.org/) | |
| - [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework) | |
| - [OWASP Security Top 10](https://owasp.org/www-project-top-ten/) | |
| - [CIS Critical Security Controls](https://www.cisecurity.org/controls/) | |
| ## Contributing | |
| Suggestions for additional attack paths or improvements are welcome! | |
| ## License | |
| Apache License 2.0 | |
| --- | |
| **Made with β€οΈ for the cybersecurity community** | |
| Perfect for sharing on LinkedIn to raise awareness about cybersecurity threats and defense strategies. | |
| --- | |
| **Powered by [AYI-NEDJIMI Consultants](https://ayinedjimi-consultants.fr)** - AI & Cybersecurity Consulting | |
| - [All Datasets](https://huggingface.co/AYI-NEDJIMI) | |
| - [AI & Cyberdefense Whitepaper](https://ayinedjimi-consultants.fr/livre-blanc-ia-cyberdefense.html) | |