attack-path-architect

# Attack Path Architect Strategic attack path generator. Transforms reconnaissance data into actionable kill chains mapped to MITRE ATT&CK. ## Important CRITICAL: This skill is for authorized penetration testing and red team engagements ONLY. Confirm authorization before generating attack paths. ## Instructions ### Step 1: Input Collection Accept one of these inputs: 1. **Recon JSON data** from recon-dominator (consolidated.json or individual module outputs) 2. **Raw domain** - will perform lightweight recon first to gather data 3. **Manual asset list** - user provides hostnames, IPs, services, technologies If the user provides only a domain, run a quick recon summary first using recon-dominator scripts, then proceed. ### Step 2: Asset Classification ```bash python scripts/classify_assets.py --input {recon_data} ``` Classify every discovered asset by: **Exposure Level:** - EXTERNAL: Internet-facing, directly reachable - SEMI-EXTERNAL: Behind CDN/WAF but still reachable - INTERNAL-EXPOSED: Internal service accidentally exposed (common with cloud misconfig) **Asset Type:** - WEB_APP: Web applications (highest attack surface) - API: REST/GraphQL/SOAP endpoints - MAIL: Email infrastructure - DNS: DNS servers - VPN: VPN gateways - DATABASE: Exposed database services - ADMIN_PANEL: Management interfaces - CI_CD: Build/deploy infrastructure - MONITORING: Grafana, Kibana, Prometheus, etc. - STORAGE: S3, GCS, Azure Blob, etc. - LEGACY: Old/deprecated systems still running ...