5 repository-uri
Graph-based representations of cloud assets and vulnerabilities used to identify potential lateral movement routes.
Distinct from Attack Surface Mapping: Focuses on the graph-based path mapping between identified vulnerabilities rather than just mapping the external surface area.
Explore 5 awesome GitHub repositories matching security & cryptography · Attack Path Visualizations. Refine with filters or upvote what's useful.
Prowler is a multi-cloud security posture management platform and vulnerability scanner. It provides tools for automating security audits, evaluating cloud infrastructure against regulatory compliance frameworks, and managing security assessments through a dedicated analysis dashboard. The project distinguishes itself by providing an AI-driven security context server that feeds structured data to AI assistants for automated risk analysis. It also employs graph-based attack path mapping to visualize potential lateral movement and exploitation routes across cloud inventories. The platform cove
Employs graph-based attack path mapping to visualize potential lateral movement and exploitation routes across cloud inventories.
Prowler is a multi-cloud security scanner and security posture management tool. It automates security and compliance assessments across multiple cloud environments to identify misconfigurations and vulnerabilities. The project provides a multi-cloud security analysis engine that operates as an automated auditor, evaluating infrastructure against industry-standard regulatory frameworks and security benchmarks. It features a cloud security visualization dashboard that uses a graph database to map cloud inventory and visualize potential attack paths. Capabilities include automated cloud infrast
Uses a graph database to map cloud inventory and visualize potential attack paths.
BloodHound is a graph-based security analysis tool designed to map trust relationships and attack vectors within Active Directory environments. It functions as an attack path mapper and risk assessment system that uses graph theory to identify hidden relationships and paths leading to high-privilege accounts. The tool specializes in network attack surface mapping and privilege escalation pathfinding. It quantifies security risks by measuring the reliability of attack paths to critical targets, allowing for the prioritization of vulnerability elimination. The system provides capabilities for
Uses graph-based representations to visualize potential lateral movement routes and security vulnerabilities.
Bloodhound is an Active Directory attack path mapper and security auditor designed to visualize trust relationships and permission chains. It serves as an attack surface management tool that identifies paths to domain administrator and other high-privileged accounts. The project uses a graph database analyzer to map complex identity and access relationships. It quantifies the risk of privilege escalation by identifying misconfigured permissions and trust links within Windows domains. The system provides capabilities for Active Directory security analysis, identity and access auditing, and ne
Provides graph-based visualizations of trust relationships to identify the easiest routes for system compromise.
ThreatMapper este o platformă de protecție a aplicațiilor cloud-native și un scaner de securitate a infrastructurii. Funcționează ca un sistem de gestionare a vulnerabilităților și un colector de telemetrie pentru workload-urile cloud, conceput pentru a monitoriza workload-urile și a detecta riscurile de securitate în medii cloud și containerizate. Platforma se distinge printr-un vizualizator de trafic de rețea care utilizează machine learning pentru a clasifica tiparele de comunicare și un sistem de mapare a atacurilor bazat pe grafuri pentru a identifica căile de înaltă riscuri între vulnerabilități și dependențele de rețea. Capabilitățile sale mai largi acoperă auditarea conformității infrastructurii cloud față de benchmark-urile de securitate, detectarea amenințărilor în producție pentru malware și secrete expuse, precum și colectarea pachetelor de rețea și a telemetriei workload-urilor prin senzori distribuiți. Deployment-ul componentelor de scanare în medii cloud, clustere și mașini virtuale este gestionat prin instrumente de containerizare și infrastructură ca cod (IaC).
Maps security vulnerabilities and network dependencies into a visual graph to identify high-risk attack paths.