Predict. Simulate. Secure.
AI‑Autonomous Attack Path Prediction & Multi-Agent Red Team Simulation Engine
⭐ If you find this project valuable, consider starring the repository.
AAPP‑MART (AI‑Autonomous Attack Path Prediction & Multi‑Agent Red Team Simulation Engine) is an open‑source Python security engine designed for offensive security research, adversarial modeling, and automated risk assessment. It combines AI‑powered attack‑path prediction with autonomous multi‑agent red‑team simulation to model how real attackers navigate an environment and to reveal actionable, data‑driven security insights.
Unlike traditional static vulnerability scanners or manual penetration testing, AAPP‑MART uses predictive analytics, graph‑based threat modeling, and autonomous adversarial behavior to deliver continuous and realistic security evaluation. Its architecture helps defenders anticipate attack strategies, validate defensive controls, and understand real‑world risk through repeatable, scalable, and intelligence‑driven simulations.
The system generates structured attack-path reports, MITRE ATT&CK-mapped insights, and risk scoring outputs to support SOC operations, detection engineering, and continuous security improvement.
AAPP-MART stands out from traditional security tools in its approach:
- Traditional scanners → static, reactive, often limited to known vulnerabilities.
- BAS (Breach & Attack Simulation) tools → rely on predefined playbooks and limited scenarios.
- AAPP-MART → predictive, autonomous, and adaptive: forecasts attack paths and executes intelligent multi-agent simulations.
By combining AI-Autonomous Attack Path Prediction with Multi-Agent Red Team Simulation Engine, AAPP-MART provides organizations with a forward-looking security posture, not just reactive alerts.
AAPP-MART enables advanced, intelligence-driven security operations through the following core use cases:
- Predictive Attack Path Analysis
- Autonomous Red Team Simulation
- Attack Surface & Lateral Movement Modeling
- MITRE ATT&CK–Aligned Threat Simulation
- Vulnerability Prioritization & Risk Scoring
-
AAPP (AI-Autonomous Attack Path Prediction)
Evaluates assets, configurations, permissions, and vulnerabilities to predict probable attacker paths. -
MART (Multi-Agent Red Team Simulation Engine)
Autonomous agents simulate realistic adversary actions:
Reconnaissance, Exploitation, Lateral Movement, Privilege Escalation, Persistence, Reporting -
Orchestration Engine
Coordinates AAPP & MART, maintains a global knowledge graph, executes simulations, and produces structured risk reports.
Example Attack Flow:
[User Credential] → [Phishing/Exploit] → [Initial Access] → [Lateral Movement] → [Privilege Escalation] → [Critical Asset Compromise]The system is architected around three primary subsystems:
- AI-Attack Path Prediction Engine (AAPP)
- Multi-Agent Red Team Simulation Engine (MART)
- Core Orchestration Layer
These subsystems operate in a tightly integrated manner through a shared graph-based simulation fabric, enabling coordinated attack modeling, adversarial simulation, and unified risk analysis across the platform.
AAPP-MART is intended solely for authorized security assessment, defensive threat modeling, and controlled adversary simulation within environments where explicit permission has been granted.
The system is designed for non-destructive analysis and does not support uncontrolled exploitation. Users are responsible for ensuring lawful and policy-compliant usage.
Unauthorized use of this system is strictly prohibited and may violate applicable laws and regulations.
The developers and contributors of this project assume no responsibility or liability for misuse, damage, or legal consequences arising from the use of this software. Users are fully responsible for ensuring compliance with all applicable laws, regulations, and organizational policies when operating this tool.
This software is provided “as is” without warranty of any kind, express or implied.
- CISOs, InfoSec managers, and executive stakeholders seeking actionable security intelligence
- Security, engineering, and risk teams aiming to proactively assess and improve cyber resilience
- Internal/External red, blue, and purple teams requiring realistic, repeatable adversary emulation
- Organizations subject to regulatory or compliance mandates (MITRE ATT&CK, NIST, CIS, PCI DSS, ISO 27001, etc.)
- AI-Autonomous Attack Path Prediction
- Multi-Agent Red Team Simulation Engine
- Graph-based threat modeling and attack graph analysis
- MITRE ATT&CK aligned adversary behavior modeling
- Risk-based security posture analysis
- ML-assisted vulnerability prioritization
This example reflects the intended public API design:
import os
from aapp_mart.core.orchestrator import AAPP_MART
# Initialize the engine with a target IP or hostname
engine = AAPP_MART(target="192.168.1.10")
# Run simulation
engine.run()
# Retrieve the generated attack-path report
report = engine.get_report()
# Print a concise summary of the predicted attack paths
report.export(format="json", path="./logs/attack-path/attack_report.json")Core orchestration modules are currently under development.
See API Reference and System Architecture for interface details and system structure.
Run the AAPP-MART CLI simulation locally:
python demo/attack_simulation_demo.py=== AAPP-MART Demo ===
[!] Running in DEMO MODE (package not installed)
[+] Target: 192.168.1.10
[+] Simulating attack path prediction...
[+] Running adversarial simulation...
[✓] Simulation completed
[+] Report exported → ./logs/attack-path/attack_report.json
Launch the interactive demo here: Attack Path Demo Notebook on Google Colab
Environment is ready for AAPP-MART demo.
Simulating attack path prediction for target: 192.168.1.10
Report exported in json format to ./logs/attack-path/attack_report.json
Note
No actual file is created or report is generated unless that directory and export logic exist. The output is simply printed to the console as a simulation.
- Windows 10 and 11
- Linux (Ubuntu 22.04+, Debian 11+)
- macOS (Intel and Apple Silicon)
- Python 3.11+
- pip 23+
# Clone repository
git clone https://github.com/secwexen/aapp-mart.git
cd aapp-mart
# Create virtual environment
python -m venv venv
source venv/bin/activate # Linux/Mac
venv\Scripts\activate # Windows
# Install dependencies
pip install -r requirements.txt
# Install dev dependencies
pip install -r dev-requirements.txtFor full details, refer to the Quick Start file.
- Official Website
- Repository Structure & System Components
- API Reference
- Risk Model
- Deployment Guide
- Full Installation Guide
- Quick Start
- Examples
- Roadmap & Milestones
- Contributing Guidelines
- Changelog
- Security Policy
Copyright © 2026 secwexen.
This project is licensed under the Apache License, Version 2.0.
See the LICENSE file for full details.
Contributions and suggestions are welcome!
- Fork the repository and create a feature or fix branch (e.g.
feature/your-featureorfix/bug-name). - Make your changes and add relevant tests.
- Ensure all tests pass (
pytest) and code style checks (e.g.make lint). - Open a pull request referencing related issues/discussion when possible.
- All PRs must pass CI checks before merging.
Please open an issue before submitting major changes or new features.
See CONTRIBUTING for detailed contribution guidelines.
The development of AAPP-MART follows a structured roadmap focused on improving attack path prediction, Multi-Red Team Simulation Engine, and security research capabilities.
Planned improvements include:
- improved AI-based attack path prediction
- expanded MART offensive agents
- path-aware risk scoring based on simulated attack chains
- optional visualization layer for simulation outputs
- plugin ecosystem for custom modules and agents
- distributed simulation support
For the full roadmap and upcoming features, see Roadmap.
Active development. Core modules are under implementation.
Advanced prediction models, autonomous agent behaviors, and controlled simulation capabilities are being implemented progressively.
- Contribute code, documentation, or testing — see CONTRIBUTING for details.
- Join Discussions to share feedback and proposals.
- Check out Issues for tasks and ideas.
If you discover a security vulnerability, please follow our responsible disclosure process.
Read SECURITY for instructions on reporting issues securely.