TLCTC — Top Level Cyber Threat Clusters
Attack Path Designer
Show Attack Path History
Save Current Path to History
Import Path (JSON)
Export Diagram (PNG)
Export as STIX
Print Report
Attack Title:
Visual Attack Path
Define Attack Path Step
Core Step Definition
1. TLCTC Cluster
Choose a TLCTC...
#1 Abuse of Functions
#2 Exploiting Server
#3 Exploiting Client
#4 Identity Theft
#5 Man in the Middle
#6 Flooding Attack
#7 Malware
#8 Physical Attack
#9 Social Engineering
#10 Supply Chain Attack
*Required. IDs and semantics are preserved for STIX export.*
Path Context
2. Stage in this Path
Initial
Intermediate
Final
*Required field.*
3. Responsibility Sphere
Choose sphere...
Customer Side
Organization Level
3rd Party
Event & Risk Context (Optional)
4. Data Risk Event
5. Business Risk Event
6. Step Date
Technical Enrichment (Optional)
7. MITRE Tactic
Choose a Tactic... (optional)
Reconnaissance (TA0043)
Resource Development (TA0042)
Initial Access (TA0001)
Execution (TA0002)
Persistence (TA0003)
Privilege Escalation (TA0004)
Defense Evasion (TA0005)
Credential Access (TA0006)
Discovery (TA0007)
Lateral Movement (TA0008)
Collection (TA0009)
Command and Control (TA0011)
Exfiltration (TA0010)
Impact (TA0040)
8. Software (incl Version)
Tip: separate multiple entries with
;
or
,
9. ATT&CK Techniques
10. CVEs / CWEs
Step Explanation
11. Comment
Add Step to Path
Clear Step Form
Clear Entire Path
Current Steps
Color Palette
Step Stage Colors
Initial
Intermediate
Final
Responsibility Sphere Colors
Background color applies to the vertical slice for each step in the diagram.
Customer Side
Organization Level
3rd Party
Attack Path History
Close
#
TLCTC
Stage
Sphere
Date
MITRE
Software
ATT&CK
CVEs/CWEs
Data Risk
Business Risk
Comment