Attack Path Architect
Strategic attack tree generation and kill chain analysis from reconnaissance data.
What It Does
Classifies assets by type, criticality, and exposure, maps trust relationships between systems and users, generates attack trees with MITRE ATT&CK technique mapping, discovers chaining opportunities across trust boundaries, and produces prioritized attack path reports ranked by feasibility and impact.
Scripts
| Script | Description |
|---|---|
classify_assets | Asset classification — type, role, exposure level, data sensitivity, blast radius |
map_trust | Trust boundary mapping — AD trusts, cloud IAM, SSH keys, API keys, service accounts |
generate_attack_tree | Attack tree generation — goal-driven, MITRE ATT&CK TTP mapping per node |
find_chains | Chain discovery — automated traversal of trust relationships for multi-hop paths |
attack_report | Attack path report — prioritized paths, estimated difficulty, expected impact scores |
When to Use
Use during the transition from reconnaissance to exploitation to identify the highest-value attack paths. Feed recon-dominator output + cloud-pivot-finder results into classify_assets, then build trees and discover chains.
Usage
RedTeamScript(skill="attack-path-architect", script="generate_attack_tree", args="--input assets.json --goal domain-admin --output attack-tree.json")