Predict. Simulate. Secure.
An AI‑powered red‑team simulation and attack‑path prediction engine designed for enterprise‑grade security assessment.
AAPP‑MART helps organizations anticipate attack paths and validate defenses using AI‑driven simulations.
AAPP-MART: AI-driven multi-agent red-team simulator and attack-path prediction engine for offensive security, threat modeling, and ML-based enterprise security assessment.
Official Website: https://secwexen.github.io/aapp-mart/
AAPP‑MART | AI‑Autonomous Attack Path Prediction & Multi‑Agent Red Team Simulation Engine is an open‑source Python security engine designed for offensive security research, adversarial modeling, and automated risk assessment. It combines AI‑powered attack‑path prediction with autonomous multi‑agent red‑team simulation to model how real attackers navigate an environment and to reveal actionable, data‑driven security insights.
Unlike traditional static vulnerability scanners or manual penetration testing, AAPP‑MART uses predictive analytics, graph‑based threat modeling, and autonomous adversarial behavior to deliver continuous and realistic security evaluation. Its architecture helps defenders anticipate attack strategies, validate defensive controls, and understand real‑world risk through repeatable, scalable, and intelligence‑driven simulations.
Modern infrastructures are too dynamic and interconnected for traditional security testing to keep pace. Static scanners and predefined BAS playbooks often fail to capture how real attackers move across complex environments.
AAPP‑MART addresses this gap by combining predictive AI, AI-driven threat modeling, cyber attack surface prediction, and autonomous adversarial simulation to evaluate an environment’s real exposure. The engine models attacker behavior, forecasts potential attack paths, and simulates multi-agent adversarial activity to provide proactive, intelligence-driven insights into organizational security posture.
AAPP-MART is an AI-driven cybersecurity simulation engine designed for predictive attack-path analysis and autonomous red-team experimentation.
The system models infrastructure assets, vulnerabilities, and relationships as an attack graph that serves as the analytical foundation for the prediction engine and autonomous agent system. These components simulate adversarial behavior and forecast potential attack paths across complex environments.
- AI-driven attack path prediction
- Autonomous multi-agent red team simulation
- Graph-based threat modeling and attack graph analysis
- MITRE ATT&CK aligned adversary behavior modeling
- Risk-based security posture analysis
- ML-assisted vulnerability prioritization
- Scalable adversarial simulation architecture
- Extensible modular plugin system
- Python-based open-source cybersecurity framework
This example reflects the intended public API design:
# Run AI-driven red-team simulation and generate attack-path report
# Import the orchestrator module
from aapp_mart.core.orchestrator import AAPP_MART
# Initialize the engine with a target IP or hostname
engine = AAPP_MART(target="192.168.1.10")
# Run the AI-driven red team simulation
engine.run()
# Retrieve the generated attack-path report
report = engine.get_report()
# Print a concise summary of the predicted attack paths
report.export(format="json", path="./logs/attack-path/attack_report.json")Core orchestration modules are currently under development.
See AAPP-MART AI Red-Team API Reference and AAPP-MART System Architecture for interface details and system structure.
Experience how AAPP-MART simulates real-world cyber attacks and predicts attack paths using AI-driven red team agents.
This interactive demo showcases:
- Shows predicted attack paths
- Simulates red-team agent behavior
- Generates risk scores and MITRE ATT&CK technique mappings
Launch the interactive demo here: Attack Path Demo Notebook on Google Colab
No installation required — run directly in your browser.
AAPP-MART is intended solely for authorized security assessment, defensive threat modeling, and controlled adversary simulation within environments where explicit permission has been granted.
The system is designed for non-destructive analysis and does not support uncontrolled exploitation. Users are responsible for ensuring lawful and policy-compliant usage.
AAPP-MART stands out from traditional security tools in its approach:
- Traditional scanners → static, reactive, often limited to known vulnerabilities.
- BAS (Breach & Attack Simulation) tools → rely on predefined playbooks and limited scenarios.
- AAPP-MART → predictive, autonomous, and adaptive: forecasts attack paths and executes intelligent multi-agent simulations.
By combining AI-driven attack path prediction with autonomous red team simulations, AAPP-MART provides organizations with a forward-looking security posture, not just reactive alerts.
AAPP-MART was created to help security teams anticipate and simulate modern cyber-attacks before damage occurs.
Unlike traditional tools that detect incidents after they happen, it predicts attacker behavior and models potential attack paths proactively.
AAPP‑MART is currently under active development and the installation process is not yet finalized.
# 1. Install dependencies
pip install -r requirements.txt
# 2. Install dev dependencies
pip install -r dev-requirements.txtThe installation instructions, environment setup, and deployment workflow will be published in an upcoming release.
For detailed information, see the AAPP-MART AI Red-Team Simulation Development Guide.
AAPP-MART is designed for:
| Audience | How AAPP‑MART Helps |
|---|---|
| Security Researchers | Simulate adversarial behavior, test hypotheses, model attacker strategies |
| Enterprise Security Teams | Predict attack paths, validate controls, strengthen defenses |
| Academia | Study AI-driven threat modeling and autonomous red teaming |
| Developers | Integrate predictive security insights into CI/CD or custom workflows |
Detailed guides and references are also available in the repository:
- Research Foundations
- Repository Structure
- System Components
- AI Red-Team API Reference
- Risk Model
- Deployment Guide
- Full Installation Guide
- Module Development
- ML-Based Attack Path Prediction Engine Details
- Benchmark & Performance Evaluation
- Quick Start
- Examples
- Roadmap & Milestones
- Contributing Guidelines
- Changelog
- Security Policy
Copyright © 2026 secwexen.
This project is licensed under the Apache License, Version 2.0.
See the LICENSE file for full details.
Contributions are welcome!
- Fork the repository and create a feature or fix branch (e.g.
feature/your-featureorfix/bug-name). - Make your changes and add relevant tests.
- Ensure all tests pass (
pytest) and code style checks (e.g.make lint). - Open a pull request referencing related issues/discussion when possible.
- All PRs must pass CI checks before merging.
Please open an issue before submitting major changes or new features.
See CONTRIBUTING.md for detailed contribution guidelines.
The development of AAPP-MART follows a structured roadmap focused on improving attack path prediction, red-team simulation, and security research capabilities.
Planned improvements include:
- advanced attack graph generation
- improved AI-based attack path prediction
- expanded MART offensive agents
- enhanced risk scoring and reporting
- improved visualization and dashboards
- plugin ecosystem for custom modules and agents
- distributed simulation support
For the full roadmap and upcoming features, see Roadmap.md.
The roadmap evolves over time based on community feedback, research outcomes, and contributor proposals. Contributions and suggestions are welcome.
Active development open source project. Core implementation is still in progress.
This repository provides the foundational architecture, core interfaces, and initial logic of the AAPP-MART engine.
Advanced prediction models, autonomous agent behaviors, and controlled simulation capabilities are being implemented progressively.
- Check out Issues for tasks and ideas.
- Join Discussions to share feedback and proposals.
- Found AAPP-MART repository useful? Give us a star and help grow the community!
- Contribute code, documentation, or testing — see CONTRIBUTING.md for details.
- Visit the Official Website for documentation, updates, and project information.
- Visit the AAPP‑MART Wiki — Full Documentation for detailed guides, architecture, agent behavior models, and project updates.
If you discover a security vulnerability, please follow our responsible disclosure process.
Read SECURITY.md for instructions on reporting issues securely.
- MITRE ATT&CK Framework — https://attack.mitre.org
- NIST Cybersecurity Framework — https://www.nist.gov/cyberframework
- CIS Benchmarks — https://www.cisecurity.org/cis-benchmarks
- SANS Institute — https://www.sans.org
- OWASP Security Projects — https://owasp.org
- Google Red Team — https://redteam.google/
- Microsoft Security Research — https://www.microsoft.com/en-us/security/blog/