timb-machine · June 26, 2025 20:17
diff --git a/Early implementation of Place in Kill Chain b/Early implementation of Place in Kill Chain
 $ python3 PiKC.py

 === System Parameters Summary ===
 System Role: web server
 Open Ports: [80, 443, 8080]
 IP Addresses: ['203.0.113.50']
 Software: Apache httpd 2.4.54
 Interactive User: False
 Critical Asset: False
 Virtualized: False
 Internet Facing: True
 Has AV/EDR: True
 User Account Count: 10
 Shares or Mounts: 2
 Days Since Last Patch: 120

 === Attack Tactics Prediction ===
 Top ATT&CK Tactics: ['Initial Access', 'Command and Control', 'Execution']
 Score Breakdown per Tactic:
 Initial Access: 5.00
 Execution: 2.00
 Command and Control: 5.00
 Discovery: 2.00
 Credential Access: 1.00
 Collection: 1.00
 Exfiltration: 1.00
 Exploitation: 2.00

 Not LLM based but the next iteration of automation on our service... inspired by Cisco's Place in Network work...
	$ python3 PiKC.py

	=== System Parameters Summary ===
	System Role: web server
	Open Ports: [80, 443, 8080]
	IP Addresses: ['203.0.113.50']
	Software: Apache httpd 2.4.54
	Interactive User: False
	Critical Asset: False
	Virtualized: False
	Internet Facing: True
	Has AV/EDR: True
	User Account Count: 10
	Shares or Mounts: 2
	Days Since Last Patch: 120

	=== Attack Tactics Prediction ===
	Top ATT&CK Tactics: ['Initial Access', 'Command and Control', 'Execution']
	Score Breakdown per Tactic:
	Initial Access: 5.00
	Execution: 2.00
	Command and Control: 5.00
	Discovery: 2.00
	Credential Access: 1.00
	Collection: 1.00
	Exfiltration: 1.00
	Exploitation: 2.00

	Not LLM based but the next iteration of automation on our service... inspired by Cisco's Place in Network work...