I wanted to explore the current state of Qt (via PySide6) while diving into something more interesting than a typical demo app - threat injection simulation seemed like a fascinating space to learn about. This project combines GUI development with cybersecurity concepts, letting me get hands-on with both the technical frameworks and domain-specific knowledge around threat modeling and STIX formats.
Queue up multiple threat events (cyber attacks, EW, jamming, spoofing, SIGINT) and execute them sequentially with simulated durations. Think of it like building a threat scenario for a training exercise - you can stack multiple threats, run them through, and export the whole scenario as STIX for integration with other systems.
- Multi-threat queue system - Stack up threats and execute them in sequence
- Auto-generated realistic targets - Leave the target field blank and it generates appropriate data (IPs for cyber, frequencies for EW/jamming, GPS sats for spoofing, etc.)
- Color-coded severity - High severity threats show in red, medium in orange, low in yellow
- Real-time statistics - Track total threats queued, executed, and average severity
- STIX 2.x export - Exports entire executed scenario as valid STIX bundle for threat intel sharing
- Military sim aesthetic - Dark theme with terminal-style display (tried to make it look like actual DoD software)
Queueing threats:
After execution:
See threat_stix_1762900300.json for an example export. Each executed threat gets converted to STIX attack-pattern objects with target identities and relationships. The bundle format makes it easy to ingest into SIEM or threat intel platforms.
uv sync
uv run main.pyNeeds Python 3.11+ and PySide6 for the GUI.
It's an MVP but functional. The queue system works, threats execute with visual progress indicators, stats update in real-time, and STIX export generates valid bundles with proper UUIDs and timestamps.
No actual network integration yet - that would depend on whatever C2 or sim system it's feeding into. Right now it just proves the concept and data generation.
Could extend this with network sockets to push events to external systems, add more threat types, or build scenario templates. But for now it shows I can build relevant tooling for simulation environments.
- Python 3.11
- PySide6 for the GUI
- STIX 2.x format for threat intel export
- UUID generation for unique threat identifiers