5 个仓库
Graph-based representations of cloud assets and vulnerabilities used to identify potential lateral movement routes.
Distinct from Attack Surface Mapping: Focuses on the graph-based path mapping between identified vulnerabilities rather than just mapping the external surface area.
Explore 5 awesome GitHub repositories matching security & cryptography · Attack Path Visualizations. Refine with filters or upvote what's useful.
Prowler is a multi-cloud security posture management platform and vulnerability scanner. It provides tools for automating security audits, evaluating cloud infrastructure against regulatory compliance frameworks, and managing security assessments through a dedicated analysis dashboard. The project distinguishes itself by providing an AI-driven security context server that feeds structured data to AI assistants for automated risk analysis. It also employs graph-based attack path mapping to visualize potential lateral movement and exploitation routes across cloud inventories. The platform cove
Employs graph-based attack path mapping to visualize potential lateral movement and exploitation routes across cloud inventories.
Prowler is a multi-cloud security scanner and security posture management tool. It automates security and compliance assessments across multiple cloud environments to identify misconfigurations and vulnerabilities. The project provides a multi-cloud security analysis engine that operates as an automated auditor, evaluating infrastructure against industry-standard regulatory frameworks and security benchmarks. It features a cloud security visualization dashboard that uses a graph database to map cloud inventory and visualize potential attack paths. Capabilities include automated cloud infrast
Uses a graph database to map cloud inventory and visualize potential attack paths.
BloodHound is a graph-based security analysis tool designed to map trust relationships and attack vectors within Active Directory environments. It functions as an attack path mapper and risk assessment system that uses graph theory to identify hidden relationships and paths leading to high-privilege accounts. The tool specializes in network attack surface mapping and privilege escalation pathfinding. It quantifies security risks by measuring the reliability of attack paths to critical targets, allowing for the prioritization of vulnerability elimination. The system provides capabilities for
Uses graph-based representations to visualize potential lateral movement routes and security vulnerabilities.
Bloodhound is an Active Directory attack path mapper and security auditor designed to visualize trust relationships and permission chains. It serves as an attack surface management tool that identifies paths to domain administrator and other high-privileged accounts. The project uses a graph database analyzer to map complex identity and access relationships. It quantifies the risk of privilege escalation by identifying misconfigured permissions and trust links within Windows domains. The system provides capabilities for Active Directory security analysis, identity and access auditing, and ne
Provides graph-based visualizations of trust relationships to identify the easiest routes for system compromise.
ThreatMapper 是一个云原生应用保护平台和基础设施安全扫描器。它作为一个漏洞管理系统和云工作负载遥测收集器,旨在监控工作负载并检测跨云和容器环境的安全风险。 该平台的特色在于一个网络流量可视化器,它使用机器学习来分类通信模式,以及一个基于图的攻击映射系统,用于识别漏洞与网络依赖项之间的高风险路径。 其更广泛的功能涵盖了针对安全基准的云基础设施合规性审计、针对恶意软件和暴露密钥的生产威胁检测,以及通过分布式传感器收集网络数据包和工作负载遥测。 跨云环境、集群和虚拟机的扫描组件部署通过容器工具和基础设施即代码(IaC)进行管理。
Maps security vulnerabilities and network dependencies into a visual graph to identify high-risk attack paths.