Detect, respond to, and mitigate ransomware, DDoS, and insider-threat scenarios — entirely in your browser. No real exploits, no compromised hosts. Pure event-driven simulation.
AttackSim was built by Networkers Home — India's leading Cisco + cybersecurity training institute (Bengaluru, since 2005). It's a free practice companion to our flagship Cybersecurity Pro, Cloud Security, and Full-Stack Network Security programs — where students get a 4-month paid SOC internship at the Networkers Home Network Security Operations Division working on real customer logs, escalating real incidents, writing real Sigma rules.
Most cybersecurity training is theoretical. Networkers Home runs a real SOC for real customers — students do paid L1 internships writing detection rules, triaging alerts, and escalating incidents to L2 analysts. Book a demo class →
Compare top cybersecurity institutes: Top 10 Cybersecurity India · Top 10 Cloud Security India · Top 10 Ethical Hacking Bangalore
- Scenario Engine — Structured cybersecurity scenarios with win / lose conditions
- Topology Engine — Visual network with devices, links, interfaces
- Simulation Engine — Event-driven simulation with deterministic state transitions
- Attack Engine — Probabilistic attack propagation with realistic spreading models
- Defense Engine — CLI-based defense actions:
isolate,block,scan,patch - Detection Engine — Security alerts with realistic delays and false positives
- CLI Parser — Security-focused terminal interface (xterm.js)
- Canvas Renderer — Interactive network visualization (Konva.js)
| ID | Scenario | Objective | Time Limit |
|---|---|---|---|
| SCN-001 | Ransomware Outbreak — Office Network (spreads via shared credentials) | Contain infection to ≤ 2 devices | 10 min |
| SCN-002 | DDoS on Public Web Server (external botnet flood) | Block malicious IPs and restore service | 5 min |
| SCN-003 | Insider Data Exfiltration (employee leaking data) | Detect and stop data transfer | ~8 min |
- SOC analyst aspirants building muscle memory for L1 → L2 escalation flows
- CEH / OSCP / CompTIA Security+ candidates practicing scenario response
- Security instructors running classroom CTF-style exercises
- Career switchers evaluating whether SOC/Blue-Team work is for them
A simulator teaches what to click. To learn what threats actually look like in production telemetry, how to write Sigma rules that don't false-positive, how to escalate to L2 without burning credibility — train with engineers who run a real SOC:
| Goal | Networkers Home program |
|---|---|
| Become SOC L1 / L2 analyst | Cybersecurity Pro (incl. 4-month paid SOC internship) |
| Cloud security specialization | Cloud Security Cybersecurity course |
| Full-stack network security | Full-Stack Network Security |
| Ethical hacking / red team path | Cybersecurity Pro program |
| Online study (anywhere in India) | All courses |
- Node.js 18+
- npm or yarn
# Clone the repository
git clone https://github.com/vikasswaminh/attacksim.git
cd attacksim
# Install dependencies
npm install
# Run development server
npm run devThe app runs on http://localhost:3000.
npm run build
npm start- Frontend — Next.js 15 + React 19 + TypeScript
- Canvas — Konva.js for network visualization
- Terminal — xterm.js for CLI interface
- State Management — Zustand
- Styling — Tailwind CSS
This repo includes detailed engineering docs:
E2E_WIRING_SUMMARY.md— end-to-end module wiringQUICKSTART.md— runtime quickstart for new contributorsVERIFICATION_REPORT.md— pre-release verification checklistWIRING_DIAGRAM.md— visual architecture diagram
PRs welcome. Particularly useful contributions:
- New scenarios (lateral movement, supply-chain compromise, MFA-bypass phish, OAuth-token theft)
- More realistic attacker dwell-time models
- MITRE ATT&CK technique mapping
- Sigma-rule import / export
- Multiplayer red-vs-blue mode
MIT
Networkers Home — Bengaluru's leading cybersecurity training institute since 2005. 4-month paid SOC internship · Real customer logs · Sigma rule writing · MITRE ATT&CK detection engineering · 800+ hiring partners · 100% placement guarantee.