cqrenet/antifragile
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add vulnerability-management arc — Book VII, quantum framework, ORION, and kill-chain assessment tool

Browse Source
This commit is contained in:
Tomas Kracmar
2026-06-15 07:56:50 +02:00
parent 633f82c5a7
commit 173704eca5
9 changed files with 1357 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
antifragile-consulting/tools/README.md
+15
View File
@@ -0,0 +1,15 @@
# Tools
Standalone, runnable instruments that support the engagement — as distinct from the markdown frameworks and playbooks elsewhere in the repository.
| Tool | What it does | How to run |
|------|--------------|------------|
| [`kill-chain-assessment.html`](kill-chain-assessment.html) | Maps an unknown estate into an attack graph, computes the shortest existential path (the kill chain), and sizes every node into a remediation quantum. The synthesis instrument for the first act of every engagement. | Open in any browser. Offline, no install, no network. State persists locally; exports to `.json` and `.md`. |
## Design constraints for tools in this directory
- **Offline and sovereign.** Client attack-surface data must never leave the consultant's machine for a vendor cloud (Antifragile Manifest, Pillar 4). Tools here are single-file and dependency-free wherever possible.
- **Exportable.** Output drops into the engagement deliverables — the [diagnostic report](../assessment-templates/nist-csf-baseline.md) and the [Findings Backlog](../assessment-templates/findings-backlog.md) — not into a proprietary format.
- **Explicit, not magic.** A tool makes the consultant's judgement repeatable; it does not replace it.
See the [Kill Chain Assessment App spec](../playbooks/kill-chain-assessment-app.md) for the model behind the first tool.