Skip to main content

AI-assisted defensive security analyzer for codebases — scans a repository, models assets and controls, finds cross-cutting weaknesses, and generates an evidence-grounded review with MITRE ATT&CK mappings and detection-engineering hints.

Project description

AttackMap

AI-assisted defensive security analysis for codebases. AttackMap reads your repository, models its assets and defensive controls, finds cross-cutting weaknesses that single-file scanners miss, and produces an evidence-grounded security review with MITRE ATT&CK mappings and detection-engineering hints.

Built for AppSec engineers, SOC and detection-engineering teams, and engineering managers who need to triage an unfamiliar codebase.

Story over checklist. Asset-aware. Control-absence-aware. Evidence-grounded.

License: MIT Python: 3.11+


Quickstart

Install with all bundled analyzers:

pip install "attackmap[all]"

Run a review on a repository:

attackmap analyze /path/to/repo --output reports

Optional: add an AI-narrated review using Claude. Either set an ANTHROPIC_API_KEY, or log in once with the Claude Code CLI to use your existing Pro/Max subscription:

attackmap analyze /path/to/repo --output reports --llm

Read reports/defensive-review.md (heuristic) and reports/defensive-review-llm.md (LLM-narrated) side by side.


Install

From PyPI

pip install attackmap                  # core only
pip install "attackmap[llm]"           # add LLM narrative support
pip install "attackmap[all]"           # core + LLM + all 13 analyzer plugins

You can also install individual analyzer plugins on demand:

pip install attackmap-analyzer-python attackmap-analyzer-go

With Docker

docker run --rm -v "$PWD:/src" ghcr.io/mlaify/attackmap:latest analyze /src --output /src/reports

With Homebrew (macOS)

brew install mlaify/tap/attackmap

From source

git clone https://github.com/mlaify/AttackMap.git
cd AttackMap
pip install -e ".[llm]"

What you get

Every attackmap analyze run writes:

File What it is
architecture.md High-level summary of the repository
attack-surface.md Surfaces classified by category, exposure, and risk
defensive-review.md Notable Observations, Asset Inventory, Defensive Controls, Strengths, Weaknesses, Detection Opportunities, Recommendations
defensive-review.json Structured equivalent (schema v1.2.0)
review-context-pack.json Structured evidence pack consumed by the LLM stage
attackmap-report.json Everything bundled
defensive-review-llm.md (with --llm) Claude-narrated review
defensive-review-llm.meta.json (with --llm) Backend, model, token usage

How it works

AttackMap is built as four layers, each grounded in the layer below.

1. Heuristic scanner + analyzer plugins. Language-aware extraction of routes, databases, external calls, auth signals, secrets, frameworks, and entrypoints. Every signal carries a file:line citation, an evidence-text snippet, and a confidence score. Plugins are auto-discovered through the attackmap.analyzers entry-point group.

2. Asset and control overlay. Identifies what's at risk (credentials, sessions, PII, payment records, internal secrets — with criticality tiers) and what protects it (authentication, authorization, input validation, rate limiting, CSRF, encryption, audit logging, RBAC, MFA), including detection of absent expected controls.

3. Cross-cutting insight engine. Connects findings into narratives — sensitive-asset reachability, shared-secret blast radius, defense gaps in attack chains, control-strength mismatches, asymmetric protection, audit gaps, trust-boundary violations, and more.

4. LLM narrative review. With --llm, Claude Opus generates a final review from the structured evidence pack. The model is forced to cite real surface/asset/control IDs, so it can't invent findings.

Layered on top: MITRE ATT&CK technique mappings on every insight and detection opportunities (Sigma/KQL/Splunk-style hints) for each weakness.


Supported ecosystems

Thirteen official analyzer plugins, each distributable as a separate package:

Plugin Coverage
attackmap-analyzer-python Django, Starlette, AIOHTTP, Sanic, Litestar, DRF; SQLAlchemy/asyncpg/motor; passlib/PyJWT/authlib; httpx/aiohttp
attackmap-analyzer-rust axum, actix-web, rocket; sqlx, diesel, sea-orm; jsonwebtoken, argon2; reqwest
attackmap-analyzer-go net/http, chi, gin, echo, fiber, gorilla/mux; database/sql, gorm, pgx; golang-jwt; resty
attackmap-analyzer-java-spring Java/Kotlin Spring Boot, JAX-RS, Ktor; Spring Data; Spring Security; jjwt
attackmap-analyzer-dotnet ASP.NET Core minimal APIs and attribute routing, EF Core, Identity, JwtBearer
attackmap-analyzer-terraform AWS, Azure, GCP resources; IAM wildcards; open SGs; secrets
attackmap-analyzer-c libmicrohttpd, civetweb, mongoose; libcurl; OpenSSL/libsodium; sqlite3/libpq/mysql
attackmap-analyzer-cpp Crow, Pistache, Drogon, cpprestsdk; libcurl/cpr; OpenSSL/Botan/libsodium; libpqxx/mongocxx
attackmap-analyzer-node-service Node.js / TypeScript service ecosystems
attackmap-analyzer-atproto AT Protocol (Bluesky) services
attackmap-analyzer-php-web / -php-laminas / -omeka-s Generic PHP web, Laminas/Zend MVC, Omeka-S

pip install "attackmap[all]" installs every official plugin.

Building your own analyzer

The plugin contract is documented in code at attackmap.sdk; the developer cookbook with scaffolding, testing, and publishing instructions is in docs/external-analyzers.md.


CLI reference

attackmap analyze <path>                 # run a review on a repository
attackmap analyze <path> --output dir    # write outputs to `dir/`
attackmap analyze <path> --module python --module rust   # only these analyzers
attackmap analyze <path> --llm           # add LLM narrative (auto-resolve auth)
attackmap analyze <path> --llm --llm-backend cli         # force Claude CLI
attackmap modules                        # list installed analyzers

--module is repeatable. Missing requested external analyzers can be auto-installed (when possible) from the mlaify GitHub organization.


What AttackMap is not

  • A runtime detector. AttackMap is static. The detection opportunities it emits are hints for your SIEM team — they are not deployable rules.
  • A vulnerability scanner. AttackMap models architecture, assets, and controls. It does not match known-CVE patterns.
  • Exhaustive. AttackMap is heuristic by design. Findings are confidence-tiered with explicit guardrails for stale signals.

Documentation


Contributing

Issues and pull requests are welcome. See CONTRIBUTING.md for setup, testing, and submission guidelines. By contributing you agree that your contributions will be MIT-licensed.

License

MIT. Copyright (c) 2026 Matthew Davis and AttackMap Contributors.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

attackmap-0.1.1.tar.gz (103.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

attackmap-0.1.1-py3-none-any.whl (84.2 kB view details)

Uploaded Python 3

File details

Details for the file attackmap-0.1.1.tar.gz.

File metadata

  • Download URL: attackmap-0.1.1.tar.gz
  • Upload date:
  • Size: 103.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for attackmap-0.1.1.tar.gz
Algorithm Hash digest
SHA256 8322ef9fefda5986b730b7b6297ef4ff69a8eb8226cd70391d5f020bdd4335ea
MD5 a16294bc289056a8d9ed426fdd404ef7
BLAKE2b-256 e5a5c89d6f04cf94e897b94334de96b74b57398a4a9c6db9a29f1e3dabc3544d

See more details on using hashes here.

Provenance

The following attestation bundles were made for attackmap-0.1.1.tar.gz:

Publisher: release.yml on mlaify/AttackMap

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file attackmap-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: attackmap-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 84.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for attackmap-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 208bbd1e6a4593f74e12c83a8a47cbc5246660eabe059d6bb921fc65808ac1ee
MD5 d896956c2ab7e3231acfd66778290b35
BLAKE2b-256 765b2fed0875f9e72c44237dfa8787f5773d010e968cd011c58e6d727bbab723

See more details on using hashes here.

Provenance

The following attestation bundles were made for attackmap-0.1.1-py3-none-any.whl:

Publisher: release.yml on mlaify/AttackMap

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page