Cybersecurity Attack Scenario Simulator
Model threats. Calculate risk. Simulate attacks.
CyberSim is a comprehensive cybersecurity simulation platform built with FastAPI. It enables security professionals, red teamers, and educators to:
- Calculate CVSS v3.1 scores with full base metric support
- Model attack scenarios using the Cyber Kill Chain framework
- Track vulnerabilities with CVE-style entries and severity filtering
- Manage asset inventories with automated risk scoring
- Profile threat actors with attribution and sophistication tracking
- Simulate multi-stage attacks with probability analysis and mitigation recommendations
Real-time overview of your threat landscape with KPI cards showing vulnerability counts by severity, average CVSS scores, top risky assets, and recent CVE entries.
Full implementation of the Common Vulnerability Scoring System v3.1 base score calculation with all eight metrics:
- Attack Vector (AV): Network, Adjacent, Local, Physical
- Attack Complexity (AC): Low, High
- Privileges Required (PR): None, Low, High
- User Interaction (UI): None, Required
- Scope (S): Unchanged, Changed
- Confidentiality (C): None, Low, High
- Integrity (I): None, Low, High
- Availability (A): None, Low, High
Build attack scenarios mapped to the Lockheed Martin Cyber Kill Chain:
- Reconnaissance -- Target identification and information gathering
- Weaponization -- Malicious payload creation
- Delivery -- Payload transmission to target
- Exploitation -- Vulnerability exploitation
- Installation -- Persistent access mechanism
- Command & Control -- Remote communication channel
- Actions on Objectives -- Mission execution
Each stage includes MITRE ATT&CK technique references.
Browse, search, and filter vulnerabilities with realistic CVE-style entries. Pre-loaded with well-known CVEs including Log4Shell, PrintNightmare, Spring4Shell, and the XZ Utils backdoor.
Track organizational assets with:
- Asset type classification (Server, Database, Network Device, etc.)
- Environment tagging (Production, DMZ, Development)
- Criticality rating (Critical, High, Medium, Low)
- Automated risk scoring based on CVSS, exposure, and asset value
Run simulated attacks through selected kill chain stages with configurable:
- Attacker sophistication (Nation-State to Script Kiddie)
- Target asset criticality
- Stage-by-stage success probability
- Estimated timeline
- Automated mitigation recommendations
Track known threat actors with:
- Attribution and aliases
- Actor type (Nation-State, Cybercriminal)
- Origin country and sophistication level
- Motivation and activity timeline
- Python 3.11+
- pip
# Clone the repository
git clone https://github.com/yourusername/cybersim.git
cd cybersim
# Run the start script
chmod +x start.sh
./start.shThe application will be available at http://localhost:8002.
# Create virtual environment
python -m venv venv
source venv/bin/activate # Linux/Mac
# venv\Scripts\activate # Windows
# Install dependencies
pip install -r requirements.txt
# Start the server
uvicorn app:app --host 0.0.0.0 --port 8002 --reload# Build and run
docker-compose up --build
# Or standalone
docker build -t cybersim .
docker run -p 8002:8002 cybersimcybersim/
|-- app.py # FastAPI entry point, lifespan, routing
|-- config.py # Application configuration
|-- models/
| |-- database.py # SQLite + SQLAlchemy engine setup
| |-- schemas.py # ORM models + Pydantic schemas
|-- routes/
| |-- api.py # REST API endpoints (/api/*)
| |-- views.py # HTML template routes (/, /vulnerabilities, etc.)
|-- services/
| |-- cvss.py # CVSS v3.1 base score calculator
| |-- simulator.py # Attack simulation engine + kill chain
|-- templates/ # Jinja2 HTML templates
|-- static/
| |-- css/style.css # Dark hacker theme
| |-- js/main.js # Client-side interactivity
|-- tests/ # pytest test suite
|-- seed_data/data.json # Sample CVEs, actors, assets, scenarios
| Layer | Technology |
|---|---|
| Backend | FastAPI 0.109 + Python 3.11 |
| Database | SQLite + SQLAlchemy 2.0 |
| Templates | Jinja2 |
| Validation | Pydantic v2 |
| Testing | pytest + httpx |
| API Docs | Swagger UI (auto-generated) |
| Container | Docker |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/dashboard |
Aggregate statistics |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/vulnerabilities |
List (filter by severity, search) |
| GET | /api/vulnerabilities/{id} |
Get by ID |
| POST | /api/vulnerabilities |
Create new |
| PUT | /api/vulnerabilities/{id} |
Update |
| DELETE | /api/vulnerabilities/{id} |
Delete |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/scenarios |
List (filter by stage) |
| GET | /api/scenarios/{id} |
Get by ID |
| POST | /api/scenarios |
Create new |
| PUT | /api/scenarios/{id} |
Update |
| DELETE | /api/scenarios/{id} |
Delete |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/assets |
List (filter by type) |
| GET | /api/assets/{id} |
Get by ID |
| POST | /api/assets |
Create new |
| PUT | /api/assets/{id} |
Update |
| DELETE | /api/assets/{id} |
Delete |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/threat-actors |
List all |
| POST | /api/threat-actors |
Create new |
| DELETE | /api/threat-actors/{id} |
Delete |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/cvss/calculate |
Calculate CVSS v3.1 score |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/kill-chain |
All stages with techniques |
| GET | /api/kill-chain/{stage}/techniques |
Techniques for specific stage |
| POST | /api/simulate |
Run attack simulation |
| GET | /api/risk-score |
Calculate composite risk score |
- Swagger UI:
http://localhost:8002/docs - ReDoc:
http://localhost:8002/redoc
# Run all tests
pytest tests/ -v
# Run with coverage
pytest tests/ -v --cov=. --cov-report=html- CVSS v3.1 -- Common Vulnerability Scoring System
- Cyber Kill Chain -- Lockheed Martin intrusion analysis model
- MITRE ATT&CK -- Adversarial Tactics, Techniques & Common Knowledge
- CVE -- Common Vulnerabilities and Exposures naming standard
This project is licensed under the MIT License. See LICENSE for details.
Built with FastAPI, SQLAlchemy, and a passion for cybersecurity.