Threat Modelling Tool [by exploitsecurity.io]
Leviathan leverages OpenAI and NMAP to conduct a first level parse of your environment. A basic threat model is formulated using the OWASP STRIDE framework. The Leviathan utility scans a given host or network range and translates the findings into a highlevel overview of potential threats that call for further examination or scrutiny. The WebUI is then presented to the user, which allows for a highlevel overview of potential threats within the environment.
NEXT STEP: Applying a quantifiable lens, the next step would be a penetration test to help solidify the results and to provide mitigations where necessary.
- Valid OPENAI API key. More info can be found here
- Docker.io
docker pull exsec/leviathan:leviathan
sudo docker run -it -p 3000:3000 exsec/leviathan:leviathan
python3 leviathan.py <host IP Address or Network Range> <valid openai api_key>
- Server will run on http://localhost:3000
Email: info@exploitsecurity.io
Leviathan was developed by The Security Team @ [exploitsecurity.io]
This program is freely redistributable under the terms of the GNU General Public License as published by the Free Software Foundation.
It is the intention that this software adds usefulness, however it is not currently covered under WARRANTY.